Cristina Di Maria

Cristina is a member of the Constangy Cyber Team and focuses her practice on advising clients on strategies to develop and strengthen their privacy programs to meet their business needs and comply with a complex framework of privacy laws including HIPAA, GDPR, CPRA, and GLBA. This includes cyber risk assessments, tabletop exercises, incident response planning, and third-party contract review. Additionally, Cristina assists clients in their response to complex data security incidents that include ransomware attacks, business email compromises, and other unauthorized breaches.  She also facilitates forensic investigations, ensures compliance with regulatory and state notification requirements, and assists with media and internal communications.

Cristina has a wealth of experience in the healthcare sector, defending hospitals and healthcare providers in legal disputes and assuring compliance with HIPAA and other local, state, and federal privacy laws and regulations. On behalf of healthcare systems and providers, she has negotiated a number of settlement agreements with comprehensive conditions. Cristina has also partnered with a major metropolitan healthcare facility's risk management division to conduct quality assurance evaluations and offer assistance on updating policies and procedures to reflect best practices.

Associations

• International Association of Privacy Professionals (IAPP)
• American Bar Association

Certifications

• Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
• OneTrust Certified Privacy Professional, 2022
• Healthcare Management, Cornell University, 2021