Christopher L. Ingram
Practice Areas
Industries
Education
- The Ohio State University Michael E. Moritz College of Law, J.D., 2010, cum laude
Ohio State Journal on Dispute Resolution, Business Editor, 2009-2010
- The Ohio State University, B.S.B.A., 2002, cum laude
Bar & Court Admissions
Chris is a partner in the Vorys Columbus office and a member of the litigation group. His practice focuses on complex business, commercial, real property and contract litigation. He has significant experience in counseling large commercial clients related to potential litigation, including breach of contract, breach of fiduciary duties, statutory and regulatory changes and general best business practices.
Chris also counsels clients on preparing for and responding to data breaches. In this area, his experience includes preparing customized incident response plans and advising on cybersecurity issues related to or arising from compliance with the Payment Card Industry Data Security Standards (PCI DSS) to directing breach investigations and defending against class action litigation and regulatory inquiries related to data breaches. Chris has given presentations on a variety of topics related to privacy and data security to professional and industry associations.
Notable experience includes:
- Advising and defending financial institutions, retail, grocery and energy companies with respect to data breaches
- Conducting customized data breach workshops and exercises
Chris is a Certified Information Privacy Professional (CIPP/US) and currently serves as co-chair of the Columbus Chapter of the International Association of Privacy Professionals.
Chris served as a legislative aide to Sen. Jeff Jacobson, president pro tempore of the Ohio Senate, for five years. He also externed for the Honorable Maureen O'Connor, Supreme Court of Ohio.
Chris received his J.D. cum laude from The Ohio State University Michael E. Moritz College of Law. He received his B.S.B.A. cum laude from The Ohio State University.
News
- 1/2/2019Vorys is pleased to announce that Kari Coniglio, David Edelstein, Margaret Everett, Christopher Ingram and James W. Kelly II became partners of the firm on January 1, 2019.
- 3/29/2016Christopher Ingram, an associate in the Vorys Columbus office and a member of the litigation group, was quoted in a Convenience Store News story about a presentation he gave at M-PACT 2016.
- 1/3/2011
Events
- 5/14/2018Vorys attorneys Chris Ingram and John Landolfi presented at the 2018 Central Ohio InfoSec Summit on May 14, 2018.
- 4/10/2018On April 10, 2018 Vorys Associate Chris Ingram presented at the 2018 IAPP Global Privacy Summit: Overview and Recap.
- 3/15/2018Vorys hosted a webinar series highlighting important topics in the consumer finance industry. Webinar dates included March 15, April 10 and May 8, 2018.
- 9/21/2017Chris Ingram and Chris LaRocco spoke at the 2017 Cybersecurity Days at The Ohio State University on September 21, 2017. They discussed the legal and regulatory requirements of cybersecurity.
- 6/30/2016Vorys attorney Chris Ingram hosted a webinar for the Pennsylvania Food Merchants Association on June 30, 2016.
- 3/30/2016Vorys attorneys Heather Enlow-Novitsky and Chris Ingram were speakers at the 2016 Central Ohio InfoSec Summit on March 30, 2016.
- 3/24/2016Vorys attorney Chris Ingram was a speaker at M-PACT 2016, an event targeted toward the Midwest’s petroleum marketers/convenience store associations on March 24, 2016.
- 4/30/2015Vorys attorneys Craig Auge, Jason Elvers, Chris Ingram, John Landolfi and Eric Whisler presented at the Advertising & Marketing Law 2015 CLE hosted by the Central Ohio Chapter – Association of Corporate Counsel on April 30, 2015.
- 3/26/2015Vorys attorneys Chris Ingram, Jonathan Ishee, John Landolfi, Angel Lisinski and Eric Whisler participated in a panel titled “Monthly Update for February 2015,” on March 26, 2015.
- 10/9/2012Vorys attorneys Elizabeth Smith, Jackie Ford, Martha Brewer and Christopher Ingram spoke at the Ohio Alliance for Public Charter Schools 6th Annual Conference on October 9-10.
- 12/7/2011
- 9/16/2011
Insights
- 7/30/2019On July 9, 2019, the California Consumer Privacy Act (CCPA) amendment picture got a little clearer as the California Senate Judiciary Committee advanced several amendments while also eroding and eliminating others.
- 7/26/2019Governor Cuomo signed the Stop Hacks and Improve Electronic Data Act (SHIELD) on July 25, 2019, providing stronger protections for New Yorkers by imposing strict cybersecurity requirements on all companies, broadening the Attorney General’s oversight over data breaches, and expanding data breach notification requirements.
- 6/7/2019Last week Nevada amended its law that governs online privacy policy disclosures to now give Nevada residents the right to opt out of the sale of certain personal information.
- 5/28/2019Earlier this month, New Jersey joined a growing list of states which require companies to provide notification under their respective data breach laws where non-traditional personal informational is compromised.
- 5/15/2019Governor Jay Inslee recently signed Substitute House Bill 1071, amending Washington’s data breach notification law.
- 2/18/2019Ohio recently added comprehensive cybersecurity requirements to its insurance laws through Substitute Senate Bill 273, which take effect on or about March 19, 2019.
- 1/23/2019Massachusetts Governor Charlie Baker recently signed House Bill 4806, amending the state’s data breach notification law. In relevant part, the amendment expands the information that must be reported to Massachusetts regulators in connection with a data breach involving the personal information of Massachusetts residents, imposes new requirements on compromised entities, and adds some clarification to when entities are required to issue notice of a breach. These changes take effect on April 11, 2019.
- 11/5/2018Recently, the Securities and Exchange Commission (SEC) imposed a $1 million penalty against Voya Financial Advisors, Inc. (VFA).
- 10/31/2018Canada’s new mandatory breach-notification requirements in the Personal Information Protection and Electronic Documents Act (PIPEDA) take effect on November 1, 2018.
- 8/6/2018On August 3, Governor John Kasich signed Senate Bill 220, also known as the Ohio Data Protection Act.
- 6/29/2018Yesterday, California enacted the California Consumer Privacy Act of 2018. The law imposes new regulations on the collection, use, and disclosure of consumers’ personal information that will significantly impact companies doing business in California.
- 8/25/2017The National Institute of Standards and Technology (NIST) recently released an updated draft of its Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations that sets forth cybersecurity guidance for securing devices and software commonly referred to as the “internet of things.” The draft represents NIST’s latest attempt to produce a unified information security framework for the federal government that is now also bleeding into the private sector.
- 8/23/2017Companies doing business in Delaware should be aware of a recent amendment to its cybersecurity and data breach notification law.
- 10/28/2016On Wednesday, the Federal Trade Commission (FTC) released its new Data Breach Response: A Guide for Businesses.
- 5/16/2016In a highly-anticipated opinion, this morning the U.S. Supreme Court overturned the Ninth Circuit Court of Appeals’ decision in Spokeo, Inc. v. Robins.
- 3/4/2016On March 2nd, the Consumer Financial Protection Bureau (CFPB) announced a $100,000 penalty and settlement with online payment processor Dwolla, Inc. (Dwolla) for weak data security practices.
- 1/14/2015Earlier this week, President Obama gave a speech at the FTC laying out an agenda on privacy and data security issues, and indicating that the topic is important enough to the administration that it will be included in his upcoming State of the Union address. Generally, the initiative’s goals include tackling identity theft, protecting the privacy of student data and working toward a general privacy “bill of rights” to provide comprehensive data and privacy protections.