Dominic Paluzzi
View Page As PDF

Connect with Dominic


Dominic is co-chair of the firm’s national Data Privacy and Cybersecurity Practice Group. He advises organizations on data privacy and cybersecurity risks on both a national and international basis, including proactive compliance, incident response strategies and management, and defense of regulatory enforcement actions and single-plaintiff and class action litigation. Dominic has counseled clients through over 2,000 data breaches and privacy incidents where he works closely with local, state and federal law enforcement, forensic investigators and third-party vendors to offer his clients efficient and effective breach response services in compliance with the numerous state, federal, international and industry-specific legal obligations. Dominic has significant experience defending organizations in third-party and regulatory enforcement actions arising out of a data breach. He also focuses his practice on proactively protecting clients’ personal, sensitive and confidential information and minimizing the risk of a data privacy incident. He has conducted more than 300 breach response workshops and training sessions for organizations and their risk management teams, and helps clients with the development of their written information security programs and incident response plans. In recognition of his efforts in this area, Dominic was named to Cybersecurity Docket’s Incident Response 30 in 2016 and 2018, a list of the “best and brightest” data breach response attorneys and compliance professionals in the industry. Dominic and his team were also named a finalist for Advisen’s 2017 and 2018 Cyber Risk Awards for Cyber Law Firm of the Year and Advisen’s 2015 Cyber Risk Awards in the Cyber Risk Pre-Breach Team of the Year category.

His work in this area covers a multitude of industries, including, higher education, healthcare, hospitality, retail, automotive, utilities, accounting, financial services, banking, law, information technology, staffing services, manufacturing, food services, professional services, franchises, non-profits, real estate, drug and pharmacy, municipalities, public entities and insurance. Dominic is also a frequent speaker and writer on data privacy law. If you suspect that your organization has suffered a data breach, call our 24/7 Hotline: 855-MH-DATA1 (855-643-2821).

Dominic also has significant experience in the area of trade secret and non-compete law, counseling clients in nearly every industry. He has considerable nationwide experience prosecuting and defending employers and employees in non-compete, non-solicit, non-disclosure and trade secret litigation. Dominic’s national practice also involves drafting of complex restrictive covenant agreements and auditing of protectable business assets.

Dominic earned a J.D./M.B.A., cum laude, from University of Detroit Mercy School of Law in 2007. He received a B.S.A., summa cum laude, from University of Detroit Mercy in 2004.


Admissions - Court

  • U.S. District Court for the Eastern District of Michigan

Admissions - State

  • Michigan


  • University of Detroit Mercy School of Law
  • University of Detroit Mercy

Honors and Awards

  • Cybersecurity Docket’s Incident Response 30 (2016, 2018)
  • Selected for inclusion in Michigan Rising Stars (2013-2019)
  • Jason Long Editing Award, University of Detroit Mercy Law Review
  • Wall Street Journal Award, University of Detroit Mercy College of Business Administration

Professional Membership

  • State Bar of Michigan
  • American Bar Association
  • Detroit Metropolitan Bar Association
  • Macomb County Bar Association
  • Italian-American Bar Association
  • Phi Alpha Delta
  • Beta Gamma Sigma

Public Service and Volunteerism

  • St. John Hospital and Medical Center Guild (Board of Directors)
  • University of Detroit Mercy School of Law Alumni Association (Board of Directors)
  • University of Detroit Mercy College of Business Administration Alumni Association (Board of Directors)
  • "Run for the Ribbon" (Committee Officer)


Blog Posts

External Publications



Speaking Engagements

  • "Be Ready for the Billion Dollar Scam,"ePlace Solutions Webinar, October 29, 2019 
  • “Data Breach Response: Before and After the Breach," Financial Poise Cybersecurity & Data Privacy 2018 Webinar Series, December 17, 2018
  • "Legal and Security Solutions," NetDiligence Cyber Risk Summit, June 12, 2018
  • Incident Response Forum 2018, April 18, 2018 
  • Educational Institutions Risk Management Day, August 17, 2017
  • Third Party Risk and Auditing in Today's Cybersecurity Environment," May 25, 2017
  • 2017 MPL Leadership Conference, "Cyber Panel: Are You Ready For An Attack?," March 9, 2017
  • "Corporate Governance Developments," 20th Annual Donnelley Financial Solutions SEC Hot Topics Institute, November 17, 2016
  • Understanding Risk Assessments: Key issues in managing data privacy risk and implementing measures to combat security threats, November 15, 2016
  • Cyber 2.0 - Demystifying the Coverage and Coverage Triggers of Cyber/Crime Coverage, October 11, 2016
  • "Attorney/Client Privilege Issues Arising out of Breach Notification: Attorneys’ Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged, and Determining Whether Forensic Reports Should be Turned Over," 2nd National Forum on Data Breach & Privacy Litigation and Enforcement, September 2016
  • "Attorney/Client Privilege Issues Arising out of Breach Notification: Attorney’s Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged and Determining Whether Forensic Reports Should be Turned Over," American Conference Institute's Data Breach and Privacy Litigation and Enforcement Conference, March 18, 2016
  • "Public Entity Cybersecurity Risks," IAPD/IPRA Soaring to New Heights conference, January 29, 2016
  • "Cybersecurity: Protecting Your Information, Assets, & Officers," Clear Law Institute webinar, October 28, 2015
  • “Tales from the Crypt XIV: The Anatomy of a Data Breach,” Worldwide Employee Benefits Network, October 22, 2015
  • "Tabletop Exercise on Different Breach Scenarios and With Various Departments (IT, Security, Privacy Officers, CIO)," American Conference Institute's 11th National Advanced Forum on Cyber & Data Risk Insurance, September 30, 2015
  • “Handling a Cyber Incident from Beginning to End,” Assurex Loss Control & Claims Seminar, September 22, 2015
  • “Cyber Security, Defenses and Handling a Cyber Incident,” Assurex E&O Plus Quality Management Seminar, September 22, 2015
  • “Lessons from the Anthem Breach - What PEOs Need to Know and Need to Do with Respect to their Health Plans and 401(k)s,” NAPEO’s 2015 Annual Conference & Marketplace, September 12, 2015
  •  “How Cyber Liability Can Jump Up & Bite You!,” Assurex Global Financial Management Conference, June 26, 2015
  • “The Evolving Liabilities of Healthcare Cyber, Privacy & Security Risks,” Connecticut Orthopaedic Society, June 16, 2015
  • “Do you have appropriate data privacy policies and a response plan in place? Will the regulators and the courts agree?,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015
  • “How to Properly Respond to a Data Breach and Regulatory Investigation,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015
  • “Exercising Your Data Breach Response Plan,” RIMS 2015 Annual Conference, April 28, 2015
  • “The Latest Legal and Financial Implications of Today’s Cyber Risks for US Organizations,” New England Association for Financial Professionals Annual Conference, April 16, 2015
  • "A Pound of Cure: Strategies for Preventing and Responding to Data Breaches, Part 2," webinar with Epiq Systems, March 31, 2015
  • "An Ounce of Prevention: Preparing for a New Era of Data Breaches, Part 1," webinar with Epiq Systems, March 24, 2015
  • "Cybersecurity: Crimes & Consequences," University of Detroit Mercy College of Business Administration Alumni Week, March 17, 2015
  • "President Obama’s New Personal Data Notification & Protection Act," webinar with ID Experts, February 12, 2015
  • "Data Breaches: From Prevention to Reaction," The Institute of Internal Auditors (IIA) and Information Systems Audit and Control Association (ISACA), December 8, 2014
  • "Yes, it CAN happen to you! Are you prepared?," webinar with Enterprise Risk Management, November 14, 2014
  • “Establishing a Perimeter – Data Privacy & Security in Practice,” The American Pathology Foundation, October 30, 2014
  • “Managing Public Entity Cyber Risk Exposure,” National League of Cities Risk Information Sharing Consortium Staff Conference, October 21, 2014
  • "Emerging Regulatory and Enforcement Activities and the Growing Authority of the State AG Offices," American Conference Institute's 9th National Advanced Forum on Cyber & Data Risk Insurance, September 29, 2014
  • "Data Privacy: Legal Risks, Mitigation, Response and the Impact of the New Florida Information Protection Act," Hospitality Financial and Technology Professionals South Florida Chapter, August 21, 2014
  • "Mobile Technology, Health Care, and Data Security: Minimizing the Risks and Leveraging the Benefits," The American Law Institute Continuing Legal Education, Webinar, June 26, 2014
  • "Small entity cyber liability," NetDiligence Cyber Risk & Privacy Liability Forum, June 12, 2014
  • "Data Security Breaches and Why HR Professionals Should Care," American Society of Employers' Selected Insights Series, May 9, 2014
  • Breach Response Workshops to Insureds, October 2010-present
  • "Cyber Risk Seminar: The Maze of Legal Requirements," January 2013
  • "Data Breach Planning & Response Basics," Webinar, November 2012
  • "Privacy and Security: What You Need to Know to Keep Your Company Safe," Privacy and Security Seminar, November 2012
  • "Data Privacy & Security: Why It's the New Top Concern for Directors and General Counsel," presentation for Fortune 100 Company, September 2012
  • "The Ignored Security Crisis," February 2012
  • "Cyber and Privacy Liability," Seminar, November 2011
  • "Data Privacy and Security – Limit Exposure and Penalties," Seminar, September 2011
  • "Anatomy of a Data Breach," McDonald Hopkins presentation to insureds, July-September 2011
  • "Take a Smarter Approach to Securing your Data," McDonald Hopkins, TouchWorld and IBM Data Privacy Seminar, March 2011
  •  “Administering New Severance Agreements," September 2009 
  • “Administering New Restrictive Agreements,” June 2009