
Cristina Messerschmidt
Biography
Practice Focus
Cristina focuses her practice on domestic and global data privacy, cybersecurity, and AI. She provides advice to a wide range of clients in the healthcare space, including pharmaceutical and medical device companies, healthcare providers, financial institutions, sourcing providers, retail companies, online businesses, and other organizations on issues relating to healthcare privacy, domestic and global privacy, cross-border data transfers, and the preparation and implementation of broad-based data privacy and cybersecurity compliance programs. Cristina is well-versed in HIPAA and related issues, global privacy laws and regulations, US privacy and state medical privacy laws, as well as domestic and global AI laws, such as the EU AI Act and the Colorado AI Act. Cristina has assisted global companies on a wide range of AI-related issues, including establishing practical and sustainable AI governance programs and AI-related risk management.
Cristina also regularly counsels clients on complex domestic and global data security events, including investigations of potential compromise, determining notification obligations to federal and state and global breach notification requirements, as well as response to related inquiries from government agencies and other parties. Cristina had advised companies on a wide range of data security incidents, including ransomware, HIPAA breaches, insider threats, phishing attacks, and access controls.
Professional Honors
- Associate to Watch in Privacy & Data Security: Privacy, Chambers USA (2024)
Admissions
- Illinois~United States (2017)
Education
- Northwestern University Pritzker School of Law (JD, cum laude) (2017)
- University of Michigan (BA, honors) (2010)
Languages
- English
- French
- Romanian