Professionals

Name / Keyword Office Practice Industry Language Show All
Practices

Business and Corporate

Construction

Coronavirus (COVID-19): Navigating the Path Ahead

Data Protection, Privacy and Cybersecurity

Emerging Companies

Environment, Social and Governance (ESG)

Financial Services

Global Business

Government Enforcement and Investigations

Government Relations and Public Policy

Health Law

Hospitality

Immigration

Intellectual Property

Labor & Employment

Litigation

Mergers and Acquisitions

Product Liability, Class Action and Mass Tort

Real Estate

Securities

Tax

Transportation and Logistics
Industries

Automotive

Aviation and Aerospace

Construction

Disaster Recovery and Government Services

Drug, Device and Life Sciences

Education

Energy

Financial Services

Gaming

Governmental Entities

Health Care

Hospitality

Long Term Care

Manufacturing

Real Estate

Retail

Telecommunications

Transportation and Logistics
Experience

Featured Case Study
Community Healthcare Trust Incorporated Community Healthcare Trust Incorporated More Case Studies

Search Experience
Keywords Practice Industry
News & Events

Professionals
Practices
Industries
Experience
News & Events
Other Pages

Quick Results

View More Results

Professionals

Aldo M. Leiva

Shareholder

Fort Lauderdale
T: 954.768.1622
F: 954.333.3930

Al Leiva is a member of the Government Enforcement and Investigations Group, assisting clients with investigations, compliance, and regulatory matters relating to critical infrastructure, cybersecurity, and supply chain security.

Featured Videos

Session Replay Technology and State Wiretap Class Actions: The Emerging Class Action Trend of 2021 July 14, 2021

PPP Loan Forgiveness, Government Enforcement and Oversight June 24, 2021

Professional Biography

Mr. Leiva also serves on the Data Protection, Privacy and Cybersecurity Team, advising clients on compliance, transactions, and litigation involving rapidly evolving federal, state, and international cybersecurity and data privacy laws. Mr. Leiva also serves as trial counsel in complex litigation matters, including class action defense, tort, and business litigation.

Clients turn to Mr. Leiva for strategic legal counsel when facing cybersecurity incidents, data privacy issues, and compliance or litigation involving complex cybersecurity and privacy laws and regulations, including federal laws (CFIUS, TCPA, HIPAA, HITECH, GLB, COPPA, CAN-SPAM, FCRA/FACTA), state laws (data breach notification laws, FIPA, FSCA, CCPA, CPRA) and EU/Latin America data protection laws (GDPR). He has served as privacy compliance counsel, cybersecurity risk mitigation counsel, and general counsel for numerous companies. He advises clients on business practices that comply with laws governing their digital operations, including social media, digital media, mobile app and website marketing, and cloud computing.

Clients also rely upon Mr. Leiva's experience representing companies in complex litigation matters involving business disputes, consumer class action (TCPA, privacy), insurance-related litigation, eDiscovery, tort defense, professional liability, real estate, and construction disputes.

Mr. Leiva monitors and assesses cybersecurity and privacy challenges presented by emerging technologies, including cryptocurrencies, blockchain applications, autonomous vehicles, the Internet of Things, and artificial intelligence. He has also completed extensive critical infrastructure training programs of the U.S. Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team in Cybersecurity for Industrial Control Systems and Operational Security for Control Systems, and has similarly received comprehensive training via DHS and FEMA-authorized programs in the areas of cyber incident analysis and response, disaster recovery for information systems, physical and cybersecurity for critical infrastructure, information risk management and critical asset risk management.

Mr. Leiva serves on the board of directors of the South Florida Chapter of InfraGard, a leading public-private partnership between U.S. businesses and the Federal Bureau of Investigations (FBI) that focuses on critical infrastructure protection. He has developed educational programming on cybersecurity laws and regulations for the members of InfraGard. In 2017, Mr. Leiva was recognized by the FBI for exceptional service in connection with his InfraGard service.

Mr. Leiva's interest in complex technology matters is based on his professional and technical background as a systems biologist, having served as a scientific researcher/instructor in Costa Rica, as well as a comparative legal investigator in Mexico.

Mr. Leiva's pro bono efforts have focused on advocacy for the Rule of Law in Cuba, serving as counsel for Cuban political prisoners and pro-democracy activists before the Inter-American Commission on Human Rights, resulting in a ruling against the Cuban government by an international committee for human rights violations. As a Cuba law/policy analyst, Mr. Leiva has briefed the U.S. State Department, Representatives and Senators, and Presidential candidates on Cuba law and policy. He has also analyzed Cuba trends for trade and media organizations and academic institutions, including the Foundation for Advanced Education in the Sciences, American University, University of Miami, Indiana University, and St. Thomas University. Mr. Leiva was honored to receive the 2020 Human Rights Award from the Cuban American Bar Association in recognition of his activism and advocacy for human rights in Cuba.

Mr. Leiva is fluent in Spanish.

Defended an automotive OEM against a $7.5+ billion class action filed in Florida challenging session replay software that allegedly tracks users' activities on websites. Shortly after we were granted an early-stage stay of discovery, plaintiff voluntarily dismissed case (no settlement).
Data Privacy/Cybersecurity, Investigations, and Critical Infrastructure
Conducted international internal ethics investigation for Fortune 500 transportation sector client.
Advised food and agriculture sector client on critical infrastructure matters, including designation of key personnel under CISA guidelines.
Cybersecurity and data privacy counsel for international digital media consortium, including third-party vendor contract negotiation and consultation on applicable domestic and international data protection laws.
Outside general counsel to aviation industry company, with special focus on data privacy and data protection issues.
Successfully defended a national mental health and substance abuse treatment entity in a HIPAA administrative investigation, resulting in no fines paid and the investigation closed.
Conducted internal ethics investigation for an academic apparel and sports equipment company.
Counseled a large municipality on privacy policy and conducted a vulnerability analysis of critical assets.
Served as an incident response and law enforcement liaison for a health care facility undergoing a ransomware attack.
Performed a privacy gap analysis and created a privacy program for a financial services entity.
Served as privacy compliance counsel for an international marketing automation platform.
Served as privacy and U.S. legal compliance counsel for an international emergency transport organization.
Served as general counsel for a federally funded community health center, focusing on its privacy and cybersecurity obligations.
Served as an incident response and law enforcement liaison and counsel for an energy sector company following a phishing attack.
Successfully negotiated a data migration contract with a national electronic medical records provider.
Performed an EU privacy compliance assessment for a U.S.-based international third party claims processor.
Successfully negotiated a technology services contract for a data hosting entity with a court-appointed receiver in a federal matter.
Emerging Technologies
Defended Session Replay Technology (SRT) Class Action against a commercial website operator, alleging state wiretap violations relating to visitor sessions on website.
Represented cryptocurrency investor applying for EB-5 visa, including strategic planning and preparation of response to USCIS request for additional evidence of legal sources of digital funds (BTC/ETH).
Advised live music streaming client on digital marketing, privacy, and cybersecurity matters.
Represented crowdfunding startup in compliance with SEC and other cybersecurity/privacy laws and regulations.
Litigation
Defended TCPA litigation matters for clients in multiple industries, including insurance and health/wellness.
Defended ADA website compliance matters in multiple business sectors and industries, including hospitality, fashion, and retail sector clients.
Successfully defended food manufacturing entity in shareholder derivative lawsuit alleging breach of fiduciary duty and breach of contract, resulting in full divestment of shareholder's interest in entity and no liability for client.
Successfully defended a physician in an administrative professional investigation by the Florida Department of Health, arising out of a patient complaint, resulting in case dismissal without a finding of probable cause against the physician.
Obtained a defense verdict for an internal medicine physician accused of professional negligence in St. Lucie County, Florida.
Obtained a defense verdict for a radiologist accused of professional negligence in Miami-Dade County, Florida.
Obtained a defense verdict for a trauma surgeon accused of professional negligence in Miami-Dade County, Florida.
Obtained a defense verdict for an anesthesiologist accused of professional negligence in Miami-Dade County, Florida.
Obtained a defense verdict for a hematologist accused of professional negligence in Miami-Dade County, Florida.
Obtained summary judgment and the award of attorney's fees in favor of a water treatment company.
Managed and litigated premises liability matters for a multinational retail company.
Served as defense counsel for international aerospace entity in product liability and commercial dispute matters.
Obtained successful resolution of social media dispute between aerospace industry client and third-party technology vendor.
Served as defense counsel for medical group in multi-million dollar wrongful death action.
Represented international health supplement company in Telephone Consumer Protection Act matter.
Served as products liability defense counsel for publicly traded plumbing supply and water treatment company.
Received a complete defense verdict following a five-day jury trial on behalf of two insured business owners accused of negligence in the installation of a granite monument.
Obtained a defense verdict for property insurer following a five-day jury trial in claim involving denial of coverage for storm damage.

Listed in The Best Lawyers in America^® in Privacy and Data Security Law (2023)
Recipient – Baker Donelson's Fort Lauderdale Office Pro Bono Award (2022)
Recipient – Cuban American Bar Association Human Rights Member of the Year (2020)
Recipient – Exceptional Service in the Public Interest, FBI/InfraGard (2017)
Recipient – "Most Effective Lawyer," Daily Business Review (2015)
Board Member – InfraGard, South Florida Chapter Board of Director (2017 – present)
Board Member – University of Miami, Amigos of the Cuban Heritage Collection Board of Directors (2007 – present), Past Chairman of the Board
Member – Baker Donelson Diversity Committee (2018 – present)
Member – CISO Executive Network, South Florida Chapter (2019 – present)
Member – U.S. Secret Service, Miami Economic Crimes Task Force (2014 – present)
Member – International Association of Privacy Professionals (IAPP)
Member – The Florida Bar Association
Member – Cuban American Bar Association (CABA), CABA on Cuba Committee (2004 – present)
Advisor – Cybersecurity for Executives Program, University of South Florida (2018 – present)

"Privacy and Cybersecurity Standards for NEVI Funded EV Charging Station Projects" (March 2023)
"VPPA Claims Are on the Rise – Latest Trend in Consumer Privacy Class Action Litigation," republished in Daily Business Review (March 2023)
"Biden's EU Data Transfer Order Spells Changes For US Cos.," Law360 (October 2022)
"New Executive Order Aims to Restore U.S.-EU Data Privacy Agreement," republished in Law360 (October 2022)
"DOJ Signals Increased Investigations and Prosecutions of Pandemic-Related Fraud: New Strike Forces in MD, FL, and CA Commence Operations" (September 2022)
"New CFIUS Executive Order Clarifies Review Factors for Evolving National Security Landscape" (September 2022)
"HHS Announces $5 Million for Cancer Screenings at Health Centers with June 15 Application Deadline " (June 2022)
"New Florida Genetic Privacy Law Imposes Criminal Penalties," republished December 9, 2021 in Daily Business Review (October 2021)
"FFIEC Updates Its Guidance on Authentication and Access Controls: Key Takeaways Financial Institutions Should Implement Now" (August 2021)
"PPP Oversight: Congress Turns Its Focus to the Agency Diligence," republished May 26, 2021 in Corporate Compliance Insights (May 12, 2021)
"Florida's Broad New COVID-19 Liability Protections" (April 2021)
"COVID-19 Considerations for SEC Cybersecurity Guidance, Disclosure, Enforcement, and Parallel Proceedings: Navigating the New Normal," Journal of Investment Compliance (December 2020)
"Artificial Intelligence and Bias: Considerations to Prevent Bias and Mitigate Legal Risk of Employers," Diversity Matters (Third Quarter 2020)
"FTC's Red Flag Rule: A Review of Enforcement Actions and Compliance Considerations for the Next Decade," Market Solutions, Financial Markets Association's e-Newsletter, Volume 29, Number 3 (September 2020)
"Feds Crack Down on Hoarding of Scarce Materials and Price Gouging Due to COVID-19," Daily Business Review (April 7, 2020)
"HHS Issues Notice of Designation of Scarce Materials or Threatened Materials Subject to COVID-19 Hoarding Prevention Measures" (April 3, 2020)
"Florida Stay at Home Order: What Florida Businesses Need to Know" (April 2, 2020)
"Department of Justice, States, SEC Pursue COVID-19 Enforcement Actions," Daily Business Review (April 2, 2020)
"Coronavirus: CISA Issues Guidance on Essential Critical Infrastructure During COVID-19 Response" (March 23, 2020)
"Defense Production Act is Invoked by President Trump" (March 19, 2020)
Contributing Author – Data Security and Privacy Developments, Thomson Reuters Practical Law (2019 – present)
"Florida Employee Privacy Alert: No Expectation of Privacy for Contents of Employee's Flash Drive Attached to Work Computer," (July 2019); republished in the Daily Business Review (August 2019)
"The New York Privacy Act: A Consumer Privacy Bill to Monitor Closely," (June 2019); republished in Westlaw Journal Bank & Lender Liability (July 2019)
"New Data Law Comes into Effect on January 1, 2019 – Does Your Business Have to Comply?" (November 2018)
"Lessons and Practical Guidance from the Target Data Breach AG Settlement," Information Law Journal, ABA Section of Science and Technology Law, Volume 8, Issue 4 (Autumn 2017)
"The Florida Information Protection Act and HIPAA: Practical Considerations for Regulated Entities," ABA Journal, Vol. 6, Issue 2 (Spring 2015)
"You Know About HIPAA, But What About FIPA?," Florida Bar Health Law Section Newsletter, The Florida Bar (October 2014)
"Electronic Data Disclosure of Third Party Personal ESI and U.S./Latin American Arbitration Proceedings – Privacy Issues within International Conflict Resolution," eDiscovery and Digital Evidence Journal, ABA (December 2012)
"Data Protection Law in Spain and Latin America: Survey of Legal Approaches," International Law News, ABA (Fall 2012)

"Data Security Compliance and Risks: A Business Attorney's Guide," National Business Institute (February 2023)
Panelist – "Breakfast with Compliance Champs," SECNAP Network Security Educational Breakfast Series (October 2018)
"Data Breach Preparedness in the Healthcare Sector: Best Practices and Legal Considerations," InfraGard South Florida, Healthcare Sector Presentation (May 2018)
"What the Hack! Cybersecurity in 2018," Greater Boca Raton Estate Planning Council (April 2018)
"Professional and Medical Ethics," Emerald Coast Medical Association, 2018 CME Beach Retreat (January 2018)
"Florida Laws and Rules for Healthcare Providers," Emerald Coast Medical Association, 2018 CME Beach Retreat (January 2018)
"Cybersecurity Laws and Regulations Impacting Critical Infrastructure Sectors," InfraGard South Florida (September 2017)
"Cuba: What's Next?," Miami Association of Realtors (October 2016)
"2015 Update on the Florida Office Surgery Rules: What Every MD and DO Should Know," ACOG District XII, 2015 Annual District Meeting (August 2015)
"Developing Policies Across Latin America," Q1 Life Science Data Privacy Conference, Philadelphia, Pennsylvania (July 27 – 28, 2015)
"Derecho de Datos Personales y Seguridad: Temas de consideración por Dentistas en 2015," [Spanish language presentation on HIPAA and Florida Information Protection Act for Dental Professional Organization], COLA-HELO (Organización Profesional de Dentistas), Miami, Florida (March 2015)
"US-Cuba Policy Changes: Outlook for 2015," The Salt Institute, Miami Beach, Florida (March 2015)
"HIPAA/HITECH Update: What OBGYNS Must Know About Patient Privacy and Data Security in 2014," American Congress of Obstetrics and Gynecology, ACOG District XII Annual District Meeting, Recent Advances and Current Trends in OB/GYN, Orlando, Florida (August 2014)
"HIPAA/HITECH and Chiropractors: What You Must Know About Patient Privacy and Data Security in 2014," Dade County Chiropractic Society (August 2014)
"HIPAA/HITECH Update: Practical Effects and Enforcement Trends," American Health Law Association (January 2014)

Session Replay Technology and State Wiretap Class Actions: The Emerging Class Action Trend of 2021 (July 2021)
PPP Loan Forgiveness, Government Enforcement and Oversight (June 2021)
"Cybersecurity Considerations for CFIUS-Regulated Transactions," CLE presentation for Celesq AttorneysEd Center (February 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 2020)
"Zero Day: Anatomy of a Cyber Incident from a Legal Perspective," Nova-Southeastern University College of Computing and Engineering (November 2020)
"The New Plaza Civica in Cuba: The Role of Social Media and Digital Platforms," Cuban American Bar Association Webinar (June 2020)
"COVID-19 and the Telework Environment: Addressing Cybersecurity Risks for Lawyers," Cuban American Bar Association Webinar (April 2020)

Baker Donelson Recognizes 2022 Pro Bono Attorneys of the Year (October 12, 2022)
Baker Donelson Attorneys Earn Recognition in The Best Lawyers in America® 2023 Listing (August 18, 2022)
Aldo M. Leiva Honored by Cuban American Bar Association (December 3, 2020)
Privacy and Data Security Attorney Aldo M. Leiva Joins Baker Donelson (November 5, 2018)

Aldo Leiva Featured in Dairy Foods Magazine Offering Advice for Manufacturing Industry on Mitigating Cybersecurity Risk (April 5, 2022)
Aldo Leiva Talks with Daily Business Review About the Pandemic's Effect on Jury Pools (October 3, 2021)
Aldo Leiva Discusses Impact of Session Replay Lawsuit Dismissal in Daily Business Review (September 14, 2021)
Aldo Leiva Comments on Cuban-American Legal Community's Efforts to Help Cuban Activists in Daily Business Review (August 16, 2021)
Aldo Leiva Quoted in Daily Business Review on Growth in Commercial Litigation Regarding Session Replay Software (August 12, 2021)
Aldo Leiva Featured on Dairy Foods Podcast Discussing Ransomware Threats (June 14, 2021)
Aldo Leiva Interviewed on WTXL Regarding Legal Battle Facing Florida COVID-19 Data Whistleblower (January 21, 2021)
Aldo Leiva Discusses Potential for Florida COVID Data Whistleblower to Face Felony Charge on WPTV (December 9, 2020)
Aldo Leiva Comments on Legal Implications for COVID-19 Data Whistleblower in Orlando Sun Sentinel (December 8, 2020)
Aldo Leiva Discusses Cybersecurity Issues in Global Data Review (November 30, 2018)
Daily Business Review Highlights Addition of Aldo Leiva to Firm's Data Protection, Privacy and Cybersecurity Practice (November 12, 2018)

Session Replay Technology and State Wiretap Class Actions: The Emerging Class Action Trend of 2021 (July 14, 2021)
PPP Loan Forgiveness, Government Enforcement and Oversight (June 24, 2021)
Cybersecurity for Financial Institutions: Essential Information on Cyber Incidents and Regulatory Issues (November 18, 2020)

Practices

Industries

Automotive

Education

The University of Arizona James E. Rogers College of Law, J.D., 1997
University of Massachusetts at Boston, M.S., 1994
State University of New York – Binghamton, B.S., 1989

Admissions

Florida, 1997
U.S. District Court for the Southern District of Florida, 2002
U.S. District Court for the Northern District of Florida, 2002

Languages

Spanish

Featured Media

Privacy and Cybersecurity Standards for NEVI Funded EV Charging Station Projects

Publication / March 23, 2023

VPPA Claims Are on the Rise – Latest Trend in Consumer Privacy Class Action Litigation

Publication / March 13, 2023

Biden's EU Data Transfer Order Spells Changes For US Cos.

Publication / October 21, 2022

Search By Last Name

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Baker Donelson is a national law firm with more than 650 attorneys and public policy advisors representing more than 30 practice areas to serve a wide range of legal needs. Clients receive knowledgeable guidance from experienced, multi-disciplined industry and client service teams, all seamlessly connected across 22 offices in Alabama, Florida, Georgia, Louisiana, Maryland, Mississippi, North Carolina, South Carolina, Tennessee, Texas, Virginia, and Washington, D.C.