Melissa K. Ventrone is on the cutting edge of data security and privacy, helping clients navigate emerging challenges related to today’s digital economy. As leader of the Cybersecurity, Data Protection and Privacy business practice, Melissa directs her skilled, multidisciplinary team of first responders to minimize security risks, ensure regulatory compliance, and curtail damage in the event of a data incident.
Education
Recognitions
Named among Crain’s Chicago Business 2020 Notable Women in Law
Named a Leading Lawyer in Chicago by Leading Lawyers℠ (2020-2022)
Named among The Best Lawyers in America® for Insurance Law (2023)
Named among Crain’s Chicago Business Notable Military Veteran Executives (2021-2022)
Named among Crain’s Chicago Business Chicago Gen X Leaders in Law (2021)
Memberships
International Association of Defense Counsel
Employer Support of the Guard and Reserve
Illinois State Bar Association
International Association of Privacy Professionals
State Bar Licenses
Court Admissions
- Mobilized to file a temporary restraining order preventing an Internet service provider (ISP) from permitting an unauthorized individual, who had changed the access codes for the account, from gaining further access to the account or data within the account.
- Assisted a company with domain names that had been hacked and transferred to a different ISP. Mobilized in the appropriate jurisdictions and filed documents with the court to be heard on an emergency basis, requesting the domains be transferred back to the appropriate ISP. The court granted the request, preventing the company from suffering any further harm.
- Successfully defended a health care performance improvement company in class action litigation resulting from a stolen hard drive that contained personally identifiable information. Plaintiff alleged that client was negligent and violated consumer fraud statutes because it failed to properly protect the information on the hard drive, resulting in emotional distress, lost wages, lost time for researching identity theft and risk of identity theft.
- Represented an educational institution when one of its vendors disclosed personal health information of the institution’s employees and dependents to the wrong employees. Coordinated with the vendor to determine the scale of the breach and that the error had been remediated, provided a communication plan that enabled the employer to notify the employees in person, and arranged for an identity restoration resolution with an outside vendor. Based on this response, the employees expressed satisfaction with the institution’s actions.
- Assisted a health care facility in responding to a breach that involved a stolen hard drive. Obtained identity restoration services for the impacted individuals and helped ensure compliance with breach notification laws, while working with the HIPAA compliance team to address HIPAA issues and coordinate with local regulators. Impacted individuals and their unions were pleased with the facility’s response, as were regulators. Press accounts noted that the facility’s response to its breach was an example of how a breach should be handled.
- Successfully represented several merchants that had suffered a credit card breach, working with forensic investigators who specialize in payment card breaches as well as the processor, banks and the credit card companies to reduce any potential fines or assessments. Reduced the overall liability of the company based on in-depth knowledge of the payment card industry’s processes.