- The Ohio State University Michael E. Moritz College of Law, J.D., 2010, cum laude
Ohio State Journal on Dispute Resolution, Business Editor, 2009-2010
- The Ohio State University, B.S.B.A., 2002, cum laude
Bar & Court Admissions
- U.S. Court of Appeals for the Sixth Circuit
- U.S. District Court for the Northern District of Ohio
- U.S. District Court for the Southern District of Ohio
- Admitted to practice law only in the states listed above.
Chris is a partner in the Vorys Columbus office and a member of the litigation group. His practice focuses on complex business, commercial, real property and contract litigation. He has significant experience in counseling large commercial clients related to potential litigation, including breach of contract, breach of fiduciary duties, statutory and regulatory changes and general best business practices.
Chris also counsels clients on preparing for and responding to data breaches. In this area, his experience includes preparing customized incident response plans and advising on cybersecurity issues related to or arising from compliance with the Payment Card Industry Data Security Standards (PCI DSS) to directing breach investigations and defending against class action litigation and regulatory inquiries related to data breaches. Chris has given presentations on a variety of topics related to privacy and data security to professional and industry associations.
Notable experience includes:
- Advising and defending financial institutions, retail, grocery and energy companies with respect to data breaches
- Conducting customized data breach workshops and exercises
Chris is a Certified Information Privacy Professional (CIPP/US) and currently serves as co-chair of the Columbus Chapter of the International Association of Privacy Professionals.
Chris served as a legislative aide to Sen. Jeff Jacobson, president pro tempore of the Ohio Senate, for five years. He also externed for the Honorable Maureen O'Connor, Supreme Court of Ohio.
Chris received his J.D. cum laude from The Ohio State University Michael E. Moritz College of Law. He received his B.S.B.A. cum laude from The Ohio State University.
- 1/2/2019Vorys is pleased to announce that Kari Coniglio, David Edelstein, Margaret Everett, Christopher Ingram and James W. Kelly II became partners of the firm on January 1, 2019.
- 3/29/2016Ingram Quoted in Convenience Store News Story Titled “Nine Things You Should Do When Skimming Strikes”Christopher Ingram, an associate in the Vorys Columbus office and a member of the litigation group, was quoted in a Convenience Store News story about a presentation he gave at M-PACT 2016.
- 5/14/2018Vorys attorneys Chris Ingram and John Landolfi presented at the 2018 Central Ohio InfoSec Summit on May 14, 2018.
- 4/10/2018On April 10, 2018 Vorys Associate Chris Ingram presented at the 2018 IAPP Global Privacy Summit: Overview and Recap.
- 3/15/2018Vorys hosted a webinar series highlighting important topics in the consumer finance industry. Webinar dates included March 15, April 10 and May 8, 2018.
- 9/21/2017Chris Ingram and Chris LaRocco spoke at the 2017 Cybersecurity Days at The Ohio State University on September 21, 2017. They discussed the legal and regulatory requirements of cybersecurity.
- 6/30/2016Vorys attorney Chris Ingram hosted a webinar for the Pennsylvania Food Merchants Association on June 30, 2016.
- 3/30/2016Vorys attorneys Heather Enlow-Novitsky and Chris Ingram were speakers at the 2016 Central Ohio InfoSec Summit on March 30, 2016.
- 3/24/2016Vorys attorney Chris Ingram was a speaker at M-PACT 2016, an event targeted toward the Midwest’s petroleum marketers/convenience store associations on March 24, 2016.
- 4/30/2015Vorys attorneys Craig Auge, Jason Elvers, Chris Ingram, John Landolfi and Eric Whisler presented at the Advertising & Marketing Law 2015 CLE hosted by the Central Ohio Chapter – Association of Corporate Counsel on April 30, 2015.
- 3/26/2015Vorys attorneys Chris Ingram, Jonathan Ishee, John Landolfi, Angel Lisinski and Eric Whisler participated in a panel titled “Monthly Update for February 2015,” on March 26, 2015.
- 10/9/20122012 OAPCS 6th Annual State Conference: “Crisis Management: Tips and tactics for Navigating Tumultuous Times”Vorys attorneys Elizabeth Smith, Jackie Ford, Martha Brewer and Christopher Ingram spoke at the Ohio Alliance for Public Charter Schools 6th Annual Conference on October 9-10.
- 7/30/2019On July 9, 2019, the California Consumer Privacy Act (CCPA) amendment picture got a little clearer as the California Senate Judiciary Committee advanced several amendments while also eroding and eliminating others.
- 7/26/2019Governor Cuomo signed the Stop Hacks and Improve Electronic Data Act (SHIELD) on July 25, 2019, providing stronger protections for New Yorkers by imposing strict cybersecurity requirements on all companies, broadening the Attorney General’s oversight over data breaches, and expanding data breach notification requirements.
- 5/28/2019Client Alert: In Line with Recent Trends, New Jersey Amends its Data Breach Notification Law to Expand the Definition of “Personal Information”Earlier this month, New Jersey joined a growing list of states which require companies to provide notification under their respective data breach laws where non-traditional personal informational is compromised.
- 5/15/2019Governor Jay Inslee recently signed Substitute House Bill 1071, amending Washington’s data breach notification law.
- 2/18/2019Client Alert: Ohio’s New Cybersecurity Requirements on Insurers and Other Licensees Set to Take Effect in MarchOhio recently added comprehensive cybersecurity requirements to its insurance laws through Substitute Senate Bill 273, which take effect on or about March 19, 2019.
- 1/23/2019Massachusetts Governor Charlie Baker recently signed House Bill 4806, amending the state’s data breach notification law. In relevant part, the amendment expands the information that must be reported to Massachusetts regulators in connection with a data breach involving the personal information of Massachusetts residents, imposes new requirements on compromised entities, and adds some clarification to when entities are required to issue notice of a breach. These changes take effect on April 11, 2019.
- 11/5/2018Client Alert: Securities and Exchange Commission Imposes $1 Million Penalty on Voya Financial Advisors after Cybersecurity IntrusionRecently, the Securities and Exchange Commission (SEC) imposed a $1 million penalty against Voya Financial Advisors, Inc. (VFA).
- 10/31/2018Canada’s new mandatory breach-notification requirements in the Personal Information Protection and Electronic Documents Act (PIPEDA) take effect on November 1, 2018.
- 8/6/2018On August 3, Governor John Kasich signed Senate Bill 220, also known as the Ohio Data Protection Act.
- 6/29/2018Yesterday, California enacted the California Consumer Privacy Act of 2018. The law imposes new regulations on the collection, use, and disclosure of consumers’ personal information that will significantly impact companies doing business in California.
- 8/25/2017Client Alert: NIST Guidelines Expanded to Include ‘Internet of Things’ Devices and Systems in the Private SectorThe National Institute of Standards and Technology (NIST) recently released an updated draft of its Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations that sets forth cybersecurity guidance for securing devices and software commonly referred to as the “internet of things.” The draft represents NIST’s latest attempt to produce a unified information security framework for the federal government that is now also bleeding into the private sector.
- 8/23/2017Client Alert: Delaware Adds New Cybersecurity Requirement and Expands Data Breach Notification RegulationsCompanies doing business in Delaware should be aware of a recent amendment to its cybersecurity and data breach notification law.
- 10/28/2016On Wednesday, the Federal Trade Commission (FTC) released its new Data Breach Response: A Guide for Businesses.
- 5/16/2016Financial Services Alert: Narrow Win For Spokeo at The U.S. Supreme Court: Plaintiffs Must Demonstrate Concrete Harm Even For Statutory ViolationsIn a highly-anticipated opinion, this morning the U.S. Supreme Court overturned the Ninth Circuit Court of Appeals’ decision in Spokeo, Inc. v. Robins.
- 3/4/2016Client Alert: Another Federal Regulator Steps Up Data Security Enforcement: CFPB Fines Online Payment Processor Dwolla for Lax Data SecurityOn March 2nd, the Consumer Financial Protection Bureau (CFPB) announced a $100,000 penalty and settlement with online payment processor Dwolla, Inc. (Dwolla) for weak data security practices.
- 1/14/2015Earlier this week, President Obama gave a speech at the FTC laying out an agenda on privacy and data security issues, and indicating that the topic is important enough to the administration that it will be included in his upcoming State of the Union address. Generally, the initiative’s goals include tackling identity theft, protecting the privacy of student data and working toward a general privacy “bill of rights” to provide comprehensive data and privacy protections.