Alexandria Murphy Toub

40 Burton Hills Boulevard, Suite 200
Nashville, TN 37215

Office: (267) 930-1345


Villanova University School of Law
Juris Doctor, 2016, magna cum laude

Pennsylvania State University
Bachelor of Arts, Sociology, 2013, highest distinction


  • Pennsylvania
  • New Jersey
  • Tennessee

Practice Areas

Professional Memberships

  • International Association of Privacy Professionals (IAPP)


  • U.S. Certified Information Privacy Professional (CIPP/US)

Alexandria Murphy Toub is Partner at Mullen Coughlin. Ms. Toub assists clients in both preparation for, and response to, data privacy and security events and regulatory investigations and inquiries. When a data privacy and security event occurs, Ms. Toub assists in addressing crucial points of fact and law, including determining the nature and scope of the incident; identifying the affected individuals and types of information involved; and ensuring compliance with applicable state, federal and international laws and regulations. Ms. Toub has particular experience counseling organizations in the healthcare space to navigate relevant laws, including the Health Insurance Portability and Accountability Act (HIPAA). Ms. Toub has also served as counsel for numerous clients who suffered cybersecurity incidents involving fraud, such as wire fraud, tax fraud and unemployment benefits fraud.

Ms. Toub also has extensive experience assisting clients with data privacy and security compliance outside of the breach context, including negotiating vendor contracts; preparing written incident response plans (IRPs); drafting comprehensive privacy and security policies and procedures; and conducting employee and governing board trainings.

Ms. Toub is a Certified Information Privacy Professional/United States (CIPP/US).

Outside of the firm, Ms. Toub is on the Board of Directors for Matthew Walker Comprehensive Health Center, Inc., a community health center that provides healthcare for underinsured and uninsured Middle Tennesseans.


  • Represented multiple Managed Services Providers (MSPs) in responding to ransomware events that impacted the MSPs client’s networks and data
  • Assisted a financial software vendor in responding to a ransomware event with significant data exfiltration and coordinated notifications on behalf of impacted customers


  • “Data Security Event Tabletop Exercise,” The KeyState Companies’ Bank Captive Peer Summit, Nashville, TN, June 7, 2022
  • “Document Preservation,” Continuing Legal Education, Virtual, June 28, 2021
  • “Cyber Update,” International Insurer, New York, NY, January 17, 2019
  • “Contract Review,” Continuing Legal Education, Wayne, PA, October 31, 2018
  • “The European Union General Data Protection Regulation (GDPR),” Continuing Legal Education, Wayne, PA, April 25, 2018
  • “Global Cybersecurity Issues and Treads,” Tech360 Conference, Malvern, PA, November 16, 2017
  • “Cyber Risk,” Philadelphia Area Independent School Business Insurance Group (PAISBIG), Radnor, PA, November 15, 2017
  • “Approved Notice Methods Under State, Federal, and International Law,” Continuing Legal Education, Wayne, PA, October 11, 2017