Professionals

Name / Keyword Office Practice Industry Language Show All
Practices

Antitrust and Competition Law

Business and Corporate

Construction

Cross-Border Business

Data Protection, Privacy and Cybersecurity

Emerging Companies

Environment, Social and Governance (ESG)

Environmental, Sustainability, and Product Stewardship

Financial Services

Government Enforcement and Investigations

Government Relations and Public Policy

Health Law

Hospitality

Immigration

Intellectual Property

Labor & Employment

Litigation

Mergers and Acquisitions

Product Liability, Class Action and Mass Tort

Real Estate

Securities

Tax

Technology

Transportation and Logistics
Industries

Automotive

Aviation

Construction

Disaster Recovery and Government Services

Drug, Device and Life Sciences

Education

Energy

Financial Services

Gaming

Governmental Entities

Health Care

Hospitality

Long Term Care

Manufacturing

Real Estate

Retail

Technology

Telecommunications

Transportation and Logistics
Experience

Featured Case Study
Community Healthcare Trust Incorporated Community Healthcare Trust Incorporated More Case Studies

Search Experience
Keywords Practice Industry
News & Events

Professionals
Practices
Industries
Experience
News & Events
Other Pages

Quick Results

View More Results

Professionals

Alexander F. Koskey, CIPP/US, CIPP/E, PCIP

Shareholder

Atlanta
T: 404.443.6734
F: 404.238.9644

Alex Koskey is a Certified Information Privacy Professional and represents financial institutions and organizations on a wide range of data privacy, regulatory and compliance, and litigation matters.

Featured Videos

State of the Cyber Landscape October 30, 2024

New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant June 13, 2024

Top Cybersecurity and Data Privacy Issues for Financial Institutions in 2024 January 17, 2024

The SEC Cyber Rules and Materiality: Show Your Work! October 31, 2023

Evolving Technology: Cybersecurity and Data Privacy in the Era of ChatGPT May 17, 2023

Top 10 Cybersecurity and Privacy Issues for 2023 January 25, 2023

Featured Experience

Assisted a client with remediation and reporting of a security incident caused by a phishing scam.

Counseled multiple clients with compliance with U.S. privacy laws and privacy notices.

Currently representing a national car rental company on financial licensing, compliance, and privacy issues across the U.S.

Professional Biography

Mr. Koskey is co-chair of the Firm's Financial Services Cybersecurity and Data Privacy Team, which is a NetDiligence Authorized Breach Coach^® firm. He advises clients on a full array of legal and business issues in the financial services industry. Mr. Koskey has received the Certified Information Privacy Professional (CIPP/US and CIPP/E) designations from the International Association of Privacy Professionals. Alex is also a Payment Card Industry Professional (PCIP). He regularly counsels clients on a variety of privacy and security issues under state and federal laws, including the General Data Protection Regulation (GDPR), Gramm-Leach-Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA), and the California Consumer Privacy Act. Mr. Koskey's experience also includes assisting clients with developing procedures for risk management, analyzing third-party vendor relationships, consulting on best practices for privacy issues, and responding to data breaches and incidents.

In addition to data privacy, Mr. Koskey also advises clients on regulatory and compliance issues impacting the financial services industry. He routinely advises clients on issues related to the Consumer Financial Protection Bureau (CFPB) and other federal consumer protection statutes. Mr. Koskey has provided guidance to clients in developing compliance management systems for regulatory matters and routinely advises clients on licensing issues in the automobile finance industry. He represents clients in investigations and enforcement actions presented by State Attorney Generals, the CFPB, and other state regulatory agencies.

Mr. Koskey also has significant experience in representing clients in contract disputes, commercial matters, real estate litigation, and insurance disputes, including bad faith litigation, in state and federal courts throughout the country. With unique experience in regulatory and litigation matters, he can provide dual perspectives which benefit his clients.

Assisted a client with remediation and reporting of a security incident caused by a phishing scam.
Counseled multiple clients with compliance with U.S. privacy laws and privacy notices.
Currently representing a national car rental company on financial licensing, compliance, and privacy issues across the U.S.
Assisted an automobile dealership with compliance and licensing issues related to automobile financing and state regulations.
Obtained summary judgment in favor of mortgage servicer in complex litigation alleging fraud and violations of the Fair Debt Collection Practices Act.
Defended consumer data furnisher and obtained dismissal of claims for purported violations of the Fair Credit Reporting Act.
Obtained dismissal on behalf of national bank against claims of identity theft and violations of Real Estate Settlement Procedures Act and Fair Debt Collection Practices Act.
Provided counsel to fourth-largest hospital in Florida on all commercial disputes, premises liability and malpractice litigation along with guidance on risk mitigation strategies.
Advised and guided a home health care provider in connection with a cyber extortion attack involving the protected health information of millions of patients. This included facilitation and management of a complex forensic investigation, provision of strategic guidance in communications to key stakeholders and threat actor negotiations, strategy consultations with executive management, subsequent notification to individuals and regulators, as applicable, and successful defense of an investigation by the United States Office for Civil Rights.

Named a Georgia Rising Star by Georgia Super Lawyers in Business Litigation (2015 – 2017)
Member – State Bar of Florida
Member – State Bar of Alabama
Member – State Bar of Georgia
Member – International Association of Privacy Professionals (CIPP/US, CIPP/E)

"Second Circuit Ruling Expands VPPA Scope: What Organizations Need to Know" (October 2024)
"Understanding the Key AI Risks for FinTech Companies," FinTech Law Report (September/October 2024)
"Data Breaches: The Not-So-Hidden Cost of Doing Business," republished in Corporate Counsel (October 2024)
"New Data Breach Notifications Requirements Affecting the Financial Services Industry: What You Need to Know," FinTech Law Report (July/August 2024)
"Top Privacy and Cybersecurity Issues to Track In 2024," Republished February 5, 2024, in CPO Magazine (January 2024)
"Cybersecurity Issues For Financial Industry To Track In 2024," Law360 (January 2024)
"Faking It: Protecting Your Financial Institution Against Deepfakes," republished in Corporate Counsel and FinTech Law Report (September 2023)
"ChatGPT in the Crosshairs: How the EU's AI Act May Affect Your Use of Generative AI," republished August 10, 2023, in Law360 (July 2023)
"What CUs Need to Know About the New Cyber Incident Reporting Requirements," Credit Union Times (May 2023)
"SEC Issues Multiple Cybersecurity Rule Proposals," republished May 3, 2023, in Corporate Compliance Insights (March 2023)
"VPPA Claims Are on the Rise – Latest Trend in Consumer Privacy Class Action Litigation," republished in Daily Business Review (March 2023)
"NCUA Approves New Cyber Incident Reporting Requirements: What Credit Unions Need to Know" (February 2023)
"New Safeguards Rule: How Will It Impact Financial Institutions?," Westlaw (December 2021)
"Protecting Privileged Forensic Reports," Today's General Counsel (December 2021)
"Getting Serious with Cybersecurity: Best Practices from Regulators," Commercial Factor Magazine (October 2021)
"Ransomware State of the Union: Regulations, Trends and Mitigation Strategies," Reuters and Westlaw Today (October 2021)
"Financial Industry Regulators Continue Crack Down on Cybersecurity" (September 2021)
"FFIEC Updates Its Guidance on Authentication and Access Controls: Key Takeaways Financial Institutions Should Implement Now" (August 2021)
"What Boards of Directors Need to Know about Cyber Incident Response," Reuters and Westlaw Today (August 2021)
"Another State Privacy Law Hits the Books: What You Need to Know About the Colorado Privacy Act" (July 2021)
"Incident Response Considerations: Protecting the Attorney-Client Privilege," Reuters and Westlaw Today (June 2021)
"How to Contend With a 21st Century Ransom Note," ABA Banking Journal (April 2021)
"Insurers Beware: Potential Impacts of New York's Cyber Insurance Risk Framework," Insurance Journal (April 2021)
"California Privacy Law Update: CCPA Amendments Announced and CPPA Board Members Appointed," republished April 8, 2021, in Corporate Compliance Insights (March 2021)
"NYDFS Surges Ahead with Cybersecurity Enforcement: Recent Fine Highlights Need for Financial Institutions to Focus on Incident Response" (March 2021)
"Privacy Legislation Floodgates Have Opened: Virginia Passes the Consumer Data Protection Act," republished March 17, 2021, in Corporate Compliance Insights (February 2021)
"U.S.'s First Cyber Insurance Risk Framework Issued by New York Department of Financial Services," republished in Property Casualty 360 (February 2021)
"Proposed NY Privacy Bill Would Increase Business Obligations and Litigation/Enforcement Exposure for Businesses, Including Financial Institutions," republished in Banking Exchange (January 2021)
"Faster and More Comprehensive Breach Notification Requirements Proposed for Banks," republished in BankBeat (January 2021)
"The Year Ahead: Privacy and Cybersecurity Issues Facing Financial Institutions in 2021," republished in Bank Beat (January 2021)
"New Ransomware Advisories from OFAC and FinCEN Create Additional Challenges for Financial Institutions" (January 2021)
"How California's New(er) Privacy Legislation Will Affect U.S. Businesses," republished November 18, 2020, in Corporate Compliance Insights (November 2020)
"FBI Warns Hospital and Health Care Providers are Under Attack" (October 2020)
"Lessons Learned from the NYDFS First Cybersecurity Regulation Enforcement Action," republished August 26, 2020, in Westlaw (July 2020)
"CCPA Final Regulations Submitted – What Does Your Business Need To Do?" (June 2020)
"Coronavirus: Privacy and Cybersecurity Considerations for Financial Institutions," republished April 17, 2020, in Westlaw Journal (March 18, 2020)
"California Consumer Privacy Act: What Financial Service Providers Need to Know," Bank News (November 2018)
"Indirect Auto Lending: GAO Opinion Provides Clarity, But Will It Be Enforced?," Center for Auto Excellence (March 2018)
"FTC Issues New Guidance on COPPA," Corporate Compliance Insights (August 2017)
"CFPB Delays Effective Date of Prepaid Accounts Rule," Bank News (August 2017)
"New CSBS Tool for BSA/AML Aims To Enhance Risk Assessment," Westlaw Journal Bank & Lender Liability, Volume 22, Issue 26 (May 2017)

"New and Old Threats," CISOExecNet, Southeast Regional Roundtable (October 2024)
"Cybersecurity Claims: Current Threats, How to Respond, and Best Practices," Insurance Industry Training (October 2024)
"AI Considerations for Corporate Fiduciaries," Baker Donelson New Orleans Fiduciary Roundtable (September 2024)
"Artificial Intelligence: Where We Are, Where We're Going, and What You Need to Know," Insurance Industry Training (August 2024)
"The Evolving Relationship Between CISO & Developers," CISOExecNet, Atlanta Chapter Roundtable (August 2024)
"Protecting Data Where It Lives," CISO ExecNet, Atlanta Chapter Roundtable (June 2024)
"Artificial Intelligence in the Financial Services Market," Financial Market Association (FMA)'s Securities Compliance Conference (April 2024)
"Security Operations – How to Get Our '_DRs' in Order," CISO ExecNet, Atlanta Chapter Roundtable (April 2024)
"Zero Trust Ingredients," CISO ExecNet, Atlanta Chapter Roundtable (February 2024)
"Layered Defense Architectures," CISO ExecNet, Atlanta Chapter Roundtable (January 2024)
"Fintech's Frequently Overlooked Achilles' Heel - Cyber Management," National Fintech Organization (May 2023)
Co-presenter – "Banking and Financial Industry Trends for In-House Counsel," Webinar (August 2022)
"Data & Privacy in the Age of Covid," Mackrell International Webinar (November 2020)
"Gramm Leach Bliley Act—What is Your Bank Required to Do?," Tennessee Bankers Association's Strategic Technology, Risk & Security Conference (September 2020)
"U.S. Law Updates to Know for Your Business in 2020" (February 2020)

State of the Cyber Landscape (October 2024)
New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant (June 2024)
Top Cybersecurity and Data Privacy Issues for Financial Institutions in 2024 (January 2024)
The SEC Cyber Rules and Materiality: Show Your Work! (October 31, 2023)
Evolving Technology: Cybersecurity and Data Privacy in the Era of ChatGPT (May 2023)
Top 10 Cybersecurity and Privacy Issues for 2023 (January 2023)
The CPRA is On the Way: What Your Financial Institution Needs to Do (November 2022)
Cybersecurity and Privacy – Trending Topics for Financial Institutions (September 2022)
The New GLBA Safeguards Rule – What Financial Institutions Need to Know (November 2021)
Breaking Down a Ransomware Attack: Recent Observations, How Ransom Negotiations Work, and What You Need to Know (October 2021)
Year-End Privacy and Security Trends: What Financial Institutions Need to Know (September 2021)
Crisis Communications During a Data Incident: Essentials for Your Organization (August 2021)
Ransomware Attacks in 2021: How to Navigate the Evolving Threat Landscape (July 2021)
Session Replay Technology and State Wiretap Class Actions: The Emerging Class Action Trend of 2021 (July 2021)
An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program (June 2021)
Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors (May 2021)
State and Federal Privacy Regulation in 2021: What is on the Horizon? (April 2021)
Enterprise Cyber Risk Management for Financial Services Organizations (April 2021)
The California Privacy Rights Act and Financial Institutions (March 2021)
How To Prepare for a Cybersecurity Incident (February 2021)
2021 Privacy Landscape (January 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 2020)
COVID-19: Cybersecurity and Data Privacy Considerations for Financial Institutions (April 2020)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 2019)

Baker Donelson's Alex Koskey Earns Payment Card Industry Professional Certification (May 17, 2021)
Baker Donelson Announces 11 Newly Elected Shareholders (April 20, 2021)

Alex Koskey Comments on SEC's Cybersecurity Rules in Communications of the ACM (October 19, 2023)
In Commercial Factor Q&A, Alex Koskey and Matt White Discuss Risks and Rewards of Utilizing AI in Financial Services (April 20, 2023)

State of the Cyber Landscape (October 30, 2024)
New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant (June 13, 2024)
Top Cybersecurity and Data Privacy Issues for Financial Institutions in 2024 (January 17, 2024)
The SEC Cyber Rules and Materiality: Show Your Work! (October 31, 2023)
Evolving Technology: Cybersecurity and Data Privacy in the Era of ChatGPT (May 17, 2023)
Top 10 Cybersecurity and Privacy Issues for 2023 (January 25, 2023)
The CPRA is On the Way: What Your Financial Institution Needs to Do (November 9, 2022)
Cybersecurity and Privacy – Trending Topics for Financial Institutions (September 22, 2022)
The New GLBA Safeguards Rule – What Financial Institutions Need to Know (November 17, 2021)
Breaking Down a Ransomware Attack: Recent Observations, How Ransom Negotiations Work, and What You Need to Know (October 20, 2021)
Year-End Privacy and Security Trends: What Financial Institutions Need to Know (September 15, 2021)
Crisis Communications During a Data Incident: Essentials for Your Organization (August 18, 2021)
Ransomware Attacks in 2021: How to Navigate the Evolving Threat Landscape (July 21, 2021)
Session Replay Technology and State Wiretap Class Actions: The Emerging Class Action Trend of 2021 (July 14, 2021)
An Overview of HIPAA Issues for Financial Institutions and Best Practices for Your Vendor Management Program (June 16, 2021)
Additional Incident Response Considerations – Protecting the Attorney-Client Privilege and Involving Your Board of Directors (May 19, 2021)
State and Federal Privacy Regulation in 2021: What is on the Horizon? (April 21, 2021)
The California Privacy Rights Act and Financial Institutions (March 17, 2021)
How To Prepare for a Cybersecurity Incident (February 17, 2021)
2021 Privacy Landscape (January 13, 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 18, 2020)
COVID-19: Cybersecurity and Data Privacy Considerations for Financial Institutions (April 7, 2020)
California Consumer Privacy Act Essentials for Broker-Dealer and Investment Advisory Firms (December 10, 2019)
California Consumer Privacy Act Essentials for Financial Institutions (November 12, 2019)

Practices

Industries

Education

Cumberland School of Law at Samford University, J.D., 2007
- Executive Editor, American Journal of Trial Advocacy
Samford University, Brook School of Business, B.S., 2004

Admissions

Florida, 2007
Alabama, 2009
Georgia, 2010
U.S. District Court for the Middle District of Florida
U.S. District Court for the Middle District of Georgia
U.S. District Court for the Northern District of Georgia

Featured Media

State of the Cyber Landscape

Webinar / October 30, 2024

Second Circuit Ruling Expands VPPA Scope: What Organizations Need to Know

Publication / October 24, 2024

Data Breaches: The Not-So-Hidden Cost of Doing Business

Publication / October 14, 2024

Search By Last Name

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Baker Donelson is a national law firm with more than 650 attorneys and public policy advisors representing more than 30 practice areas to serve a wide range of legal needs. Clients receive knowledgeable guidance from experienced, multi-disciplined industry and client service teams, all seamlessly connected across 23 offices in Alabama, Florida, Georgia, Louisiana, Maryland, Mississippi, North Carolina, South Carolina, Tennessee, Texas, Virginia, and Washington, D.C.