Overview

Dominic is co-chair of the firm’s national Data Privacy and Cybersecurity Practice Group. He advises organizations on data privacy and cybersecurity risks on both a national and international basis, including pre-breach services, incident response strategies and management, and defense of regulatory enforcement actions and single-plaintiff and class action litigation.

Dominic and the McDonald Hopkins Data Privacy team have counseled clients through over 15,000 data breaches and privacy incidents where he works closely with local, state and federal law enforcement, forensic investigators and third-party cybersecurity vendors to offer his clients efficient and effective breach response services in compliance with the numerous state, federal, international and industry-specific legal obligations. Dominic has significant experience defending organizations in third-party and regulatory enforcement actions arising out of a data breach. He also focuses his practice on proactively protecting clients’ personal, sensitive and confidential information and minimizing the risk of a data privacy incident. He has conducted more than 500 breach response workshops and training sessions for organizations and their risk management teams, and helps clients with the development of their written information security programs and incident response plans. In recognition of his efforts in this area, Michigan Lawyers Weekly honored Dominic as one of 30 lawyers selected as the “Leaders in the Law” Class of 2020. Dominic was also named to Cybersecurity Docket’s Incident Response 30 in 2016 and 2018, their Incident Response 40 in 2022, and their Incident Response 50 in 2023 and 2024, a list of the “best and brightest” data breach response attorneys and compliance professionals in the industry. Dominic and his team were also previously named a finalist for Advisen’s Cyber Risk Awards for Cyber Law Firm of the Year and Cyber Risk Pre-Breach Team of the Year category.

His work in this area covers a multitude of industries, including, higher education, healthcare, hospitality, retail, automotive, utilities, accounting, financial services, banking, law, information technology, staffing services, manufacturing, food services, professional services, franchises, non-profits, real estate, property management, drug and pharmacy, municipalities, public entities and insurance. Dominic is also a frequent speaker and writer on data privacy law. If you suspect that your organization has suffered a data breach, call our 24/7 Hotline: 855-MH-DATA1 (855-643-2821).

Dominic earned a J.D./M.B.A., cum laude, from University of Detroit Mercy School of Law in 2007. He received a B.S.A., summa cum laude, from University of Detroit Mercy in 2004.

Honors & Recognition

Cybersecurity Docket's Incident Response 50 (2023, 2024)

Cybersecurity Docket’s Incident Response 40 (2022)

Chambers USA, Recognized Leader in Privacy & Data Security: Cybersecurity (2024)

Michigan Lawyers Weekly Leaders in the Law, Class of 2020

Selected for inclusion in Michigan Rising Stars (2013-2021)

Cybersecurity Docket’s Incident Response 30 (2016, 2018)

Jason Long Editing Award, University of Detroit Mercy Law Review

Wall Street Journal Award, University of Detroit Mercy College of Business Administration

Credentials

Education

University of Detroit Mercy School of Law

University of Detroit Mercy

Admissions – Court

Admissions – State

Professional & Civic

Professional Activities

State Bar of Michigan

American Bar Association

Detroit Metropolitan Bar Association

Italian-American Bar Association

Phi Alpha Delta

Beta Gamma Sigma

Community Involvement

St. John Hospital and Medical Center Guild (Board of Directors)

University of Detroit Mercy School of Law Alumni Association (Board of Directors)

University of Detroit Mercy College of Business Administration Alumni Association (Board of Directors)

News & Insights

External News & Publications

"Look for These Cyber Regulatory Trends in 2022," NetDiligence, March 18, 2022.

"The Ultimate Guide to Vendor Data Breach Response," Whitepaper, Corvus Insurance Holdings, Inc., August 2020

"A Different Kettle of Phish: Protecting against Email Impersonation and Spoofing During COVID-19," Travelers: Tips from the Bar, June 2020

"Medical devices open Pandora's box of cyber risks," quoted in Business Insurance, October 9, 2018

"Digging Into the President’s Data Breach Notification Bill," JUNTO Blog, March 10, 2015        

"President Obama’s New Personal Data Notification & Protection Act: Overview, Analysis, and Challenges," ID Experts Webinar Q&A, February 12, 2015

VIEW MORE

"Florida toughens breach notice law," quoted in Data Breach Today, June 27, 2014

“Data Privacy: Protecting PEO Assets, Data, and Client Information,” PEO Insider, August 2013    

"Aloha! Uh oh! Data Breach in Hawaii after Physician's Computer is Stolen on Vacation," RBMA Monthly Legal Update Digest April 2013        

"Risky Business: Sharing Health Data while Protecting Privacy," Trafford Publishing, 2013

“HITECH Final Rule Revises Privacy, Security and Breach Notification Rules,” Northern Ohio Physician – Academy of Medicine of Cleveland & Northern Ohio, March/April 2013        

"Anatomy of a Data Breach: A 3 Part Series – Part 3: Immediate Action Items Upon a Data Breach," Risky Business – The Privacy Analytics Newsletter, August 2012

"How to minimize the risk of, or respond to, a data breach," Smart Business Magazine, August 2012

"Data Breach at Your Laboratory? Immediate Action Items! How to Deal with a PHI Violation," G2 Intelligence Compliance Report – Perspectives, July-August 2012

"Anatomy of a Data Breach: A 3 Part Series – Part 2: Proactive Measures and Requirements to Minimize the Risk of a Data Breach," Risky Business – The Privacy Analytics Newsletter, June 2012

"Data Breach? Immediate Action Items!," PEO Insider, April 2012        

"Anatomy of a Data Breach: A 3 Part Series – Part 1: Data Privacy Regulations, Penalties and Statistics," Risky Business – The Privacy Analytics Newsletter, March 2012

"3 New state data breach notifications statutes and expiration of a grandfather clause in 2012," RBMA Monthly Legal Update Digest, March 2012        

"Attorneys General and FTC continue to increase legal standards for data privacy compliance and penalties for noncompliance," RBMA Monthly Legal Update Digest November 2011       

"OESA North American OEM Production P.O. Terms and Conditions Comparative Analysis," co-author, September 2008, 2009

"Trade Secrets and Agreements Not to Compete," co-author, Michigan Chapter, Defense Research Institute (DRI), Winter 2008

Beard v. Whitmore Lake School District, 84 U. DET. MERCY L. REV. 15, Fall 2006

VIEW LESS

Multimedia

Events

Speaking Engagements

"Cyber Updates: How Can We Best Serve Our Clients on Cyber Claims," Assurex Global Loss & Control Claims Meeting | September 14, 2022 

"Cyber Hygiene", Oswald Webinar Series | August 31, 2022

"Anatomy of a Ransomware Attack," Horton Webinar | July 26, 2022

"Look for These Cyber Regulatory Trends in 2022," NetDiligence | March 18, 2022

Cybersecurity Webinar Series: Calming the Chaos of an IT Vendor Breach | October 13, 2020

"COVID-19 Complications: Cyber and Litigation Preparedness," Avalon Webinar, May 13, 2020

View More

"Be Ready for the Billion Dollar Scam,"ePlace Solutions Webinar, October 29, 2019 

“Data Breach Response: Before and After the Breach," Financial Poise Cybersecurity & Data Privacy 2018 Webinar Series, December 17, 2018

"Legal and Security Solutions," NetDiligence Cyber Risk Summit, June 12, 2018

Incident Response Forum 2018, April 18, 2018 

Educational Institutions Risk Management Day, August 17, 2017

"Third Party Risk and Auditing in Today's Cybersecurity Environment," May 25, 2017

2017 MPL Leadership Conference, "Cyber Panel: Are You Ready For An Attack?," March 9, 2017

"Corporate Governance Developments," 20th Annual Donnelley Financial Solutions SEC Hot Topics Institute, November 17, 2016

Understanding Risk Assessments: Key issues in managing data privacy risk and implementing measures to combat security threats, November 15, 2016

Cyber 2.0 - Demystifying the Coverage and Coverage Triggers of Cyber/Crime Coverage, October 11, 2016

"Attorney/Client Privilege Issues Arising out of Breach Notification: Attorneys’ Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged, and Determining Whether Forensic Reports Should be Turned Over," 2nd National Forum on Data Breach & Privacy Litigation and Enforcement, September 2016

"Attorney/Client Privilege Issues Arising out of Breach Notification: Attorney’s Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged and Determining Whether Forensic Reports Should be Turned Over," American Conference Institute's Data Breach and Privacy Litigation and Enforcement Conference, March 18, 2016

"Public Entity Cybersecurity Risks," IAPD/IPRA Soaring to New Heights conference, January 29, 2016

"Cybersecurity: Protecting Your Information, Assets, & Officers," Clear Law Institute webinar, October 28, 2015

“Tales from the Crypt XIV: The Anatomy of a Data Breach,” Worldwide Employee Benefits Network, October 22, 2015

"Tabletop Exercise on Different Breach Scenarios and With Various Departments (IT, Security, Privacy Officers, CIO)," American Conference Institute's 11th National Advanced Forum on Cyber & Data Risk Insurance, September 30, 2015

“Handling a Cyber Incident from Beginning to End,” Assurex Loss Control & Claims Seminar, September 22, 2015

“Cyber Security, Defenses and Handling a Cyber Incident,” Assurex E&O Plus Quality Management Seminar, September 22, 2015

“Lessons from the Anthem Breach - What PEOs Need to Know and Need to Do with Respect to their Health Plans and 401(k)s,” NAPEO’s 2015 Annual Conference & Marketplace, September 12, 2015

 “How Cyber Liability Can Jump Up & Bite You!,” Assurex Global Financial Management Conference, June 26, 2015

“The Evolving Liabilities of Healthcare Cyber, Privacy & Security Risks,” Connecticut Orthopaedic Society, June 16, 2015

“Do you have appropriate data privacy policies and a response plan in place? Will the regulators and the courts agree?,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015

“How to Properly Respond to a Data Breach and Regulatory Investigation,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015

“Exercising Your Data Breach Response Plan,” RIMS 2015 Annual Conference, April 28, 2015

“The Latest Legal and Financial Implications of Today’s Cyber Risks for US Organizations,” New England Association for Financial Professionals Annual Conference, April 16, 2015

"A Pound of Cure: Strategies for Preventing and Responding to Data Breaches, Part 2," webinar with Epiq Systems, March 31, 2015

"An Ounce of Prevention: Preparing for a New Era of Data Breaches, Part 1," webinar with Epiq Systems, March 24, 2015

"Cybersecurity: Crimes & Consequences," University of Detroit Mercy College of Business Administration Alumni Week, March 17, 2015

"President Obama’s New Personal Data Notification & Protection Act," webinar with ID Experts, February 12, 2015

"Data Breaches: From Prevention to Reaction," The Institute of Internal Auditors (IIA) and Information Systems Audit and Control Association (ISACA), December 8, 2014

"Yes, it CAN happen to you! Are you prepared?," webinar with Enterprise Risk Management, November 14, 2014

“Establishing a Perimeter – Data Privacy & Security in Practice,” The American Pathology Foundation, October 30, 2014

“Managing Public Entity Cyber Risk Exposure,” National League of Cities Risk Information Sharing Consortium Staff Conference, October 21, 2014

"Emerging Regulatory and Enforcement Activities and the Growing Authority of the State AG Offices," American Conference Institute's 9th National Advanced Forum on Cyber & Data Risk Insurance, September 29, 2014

"Data Privacy: Legal Risks, Mitigation, Response and the Impact of the New Florida Information Protection Act," Hospitality Financial and Technology Professionals South Florida Chapter, August 21, 2014

"Mobile Technology, Health Care, and Data Security: Minimizing the Risks and Leveraging the Benefits," The American Law Institute Continuing Legal Education, Webinar, June 26, 2014

"Small entity cyber liability," NetDiligence Cyber Risk & Privacy Liability Forum, June 12, 2014

"Data Security Breaches and Why HR Professionals Should Care," American Society of Employers' Selected Insights Series, May 9, 2014

Breach Response Workshops to Insureds, October 2010-present

"Cyber Risk Seminar: The Maze of Legal Requirements," January 2013

"Data Breach Planning & Response Basics," Webinar, November 2012

"Privacy and Security: What You Need to Know to Keep Your Company Safe," Privacy and Security Seminar, November 2012

"Data Privacy & Security: Why It's the New Top Concern for Directors and General Counsel," presentation for Fortune 100 Company, September 2012

"The Ignored Security Crisis," February 2012

"Cyber and Privacy Liability," Seminar, November 2011

"Data Privacy and Security – Limit Exposure and Penalties," Seminar, September 2011

"Anatomy of a Data Breach," McDonald Hopkins presentation to insureds, July-September 2011

"Take a Smarter Approach to Securing your Data," McDonald Hopkins, TouchWorld and IBM Data Privacy Seminar, March 2011

 “Administering New Severance Agreements," September 2009 

“Administering New Restrictive Agreements,” June 2009

View Less

Jump to Page

McDonald Hopkins uses cookies on our website to enhance user experience and analyze website traffic. Third parties may also use cookies in connection with our website for social media, advertising and analytics and other purposes. By continuing to browse our website, you agree to our use of cookies as detailed in our updated Privacy Policy and our Terms of Use.