James J. Giszczak
Co-President
Detroit
Cleveland
Baltimore
Chicago
Columbus
West Palm Beach
P: 248.220.1354
jgiszczak@mcdonaldhopkins.com
Jim is Co-President of McDonald Hopkins. He also serves as Co-Chair of the Data Privacy and Cybersecurity Practice Group, and serves on the firm's Board of Directors and Executive Committee. Jim previously served as Chair of the firm’s Litigation Department. He advises clients regarding data security measures and responding to security breaches involving sensitive personal information and protected health information. He also works with clients in a myriad of industries to assess and implement appropriate data security safeguards. If a data breach occurs, Jim acts as a breach coach, ensuring compliance and minimizing exposure. Jim also works with federal, state and local authorities, as well as third party vendors. Moreover, Jim litigates matters involving data security and data privacy, including defending single plaintiff and class action litigation. Jim is a frequent speaker and writer in data privacy law and regularly conducts Incident Response Workshops for clients and their data breach risk management teams. If you suspect that your business has suffered a data breach, call our Hotline: 855-MH-DATA1 (855-643-2821).
Jim has extensive knowledge advising clients concerning auditing and litigating non-compete, non-disclosure and trade secret matters in nearly every industry. In addition, he has considerable nationwide experience prosecuting and defending employers and employees in non-compete, non-disclosure and trade secret litigation, as well as injunction hearing expertise. Jim has litigated these types of matters in 37 states and counseled in all 50 states. Jim often advises clients regarding restrictive covenant, trade secret and employment issues related to physicians, sales representatives, customer account representatives, key administrators, and technical and clinical personnel. His practice also focuses on business and commercial litigation with trial, litigation and consultation expertise in sales representative and business disputes.
Jim has successfully tried cases in state and federal courts, and has successfully arbitrated cases before the American Arbitration Association. In addition, he has represented clients in both state and federal appellate courts.
A frequent speaker and commentator on data breach issues, Jim was interviewed on WWJ and FOX2 (WJBK) in Detroit. Jim and his team were named a finalist for Advisen’s 2017 Cyber Risk Awards for Cyber Law Firm of the Year and Advisen’s 2015 Cyber Risk Awards in the Cyber Risk Pre-Breach Team of the Year category.
Jim earned a J.D., cum laude, from Notre Dame Law School in 1992. He received a B.A., with honors, from Michigan State University's James Madison College in 1989.
Admissions - Court
- U.S. Court of Appeals for the 6th Circuit
- U.S. District Court for the Eastern District of Michigan
- U.S. District Court for the Western District of Michigan
Admissions - State
- Michigan
Education
- Notre Dame Law School
- Michigan State University, James Madison College
Honors and Awards
- Selected for inclusion in Michigan Leading Lawyers for Data Privacy and Trade Secrets/Unfair Competition Law (2018)
- Selected for inclusion in Michigan Super Lawyers (2010-2022)
- Named one of the Best Lawyers in America (2022-2023)
Professional Membership
- State Bar of Michigan
- Detroit Metropolitan Bar Association
- Oakland County Bar Association
- Federal Bar Association
- International Lawyers Network Cybersecurity & Data Privacy Specialty Group (Co-Chair)
- InfraGard (Member)
Public Service and Volunteerism
- Leadership Oakland Board of Directors (President: 2010-2011)
Alerts
- Federal government issues new cybersecurity incident reporting rule for banks and bank service providers
- Businesses urged to take action to protect against the growing threat of ransomware
- Potential imminent cyber threat to hospitals and healthcare providers
- Joint alert issued on exploitation of COVID-19 by malicious cyber actors
- 9 tips for keeping your workforce CyberSavvy while working from home
- Cybercriminals exploit coronavirus fears
- 10 cyber savvy holiday shopping tips
- 12 back-to-school cybersecurity tips for parents
- New Jersey revises data breach law, expands definition of personal information to include online account information
- Supreme Court of Illinois holds no actual injury is required to state a claim under the Illinois Biometric Information Privacy Act
- Big changes coming for post-data breach protections
- Companies with employees in Massachusetts will be affected by non-compete agreement reform
- 50 out of 50: Every state in US now has a breach notification law
- Best practices for data privacy and cybersecurity employee awareness training
- OCR's HIPAA breach "wall of shame" breaks 2,000
- OCR's HIPAA breach "wall of shame" breaks 2,000
- OCR issues guidance on cyber threat reporting and monitoring
- March 1 deadline approaching to submit breach reports
- Who is a HIPAA business associate?
- OCR to step up investigations of small HIPAA breaches
- EU-U.S. Privacy Shield formally adopted, set to launch Aug. 1 for U.S. businesses
- IRS launches identity theft awareness campaign aimed at tax preparers
- Illinois toughens up on privacy by bolstering its breach notification law
- 3 notable features of the newly passed Defend Trade Secrets Act
- Phase 2 HIPAA audits are coming
- EU and US agree to Privacy Shield to replace the Safe Harbor
- OCR strikes again with 3 recent HIPAA settlements
- Finally, EU officials agree on new data protection reform
- 3 questions to consider before terminating a sales representative
- Recent HIPAA settlement reinforces importance of encryption, risk analysis, and mobile device security
- Merchants beware: You could be on the hook for the next data breach
- Threat of identity theft is enough for your consumers to sue
- Communications with your cybersecurity consultant and forensic reports may now be protected
- The Art of (Cyber) War: Cybersecurity Tactics for All Financial Institutions
- President Obama Signs Executive Order Imposing Sanctions on Foreign Hackers
- Communications sector adopts first-of-its-kind cybersecurity measures
- Decoding the new payment card security standard
- Who will fight against cyber crime?
- March 1 deadline approaching for HIPAA covered entities to submit breach reports
- Anthem's two small details that led to one big breach
- International hacking ring executes $1 billion banking breach
- White House announces new cyber threat agency
- Cybersecurity breach rocks Anthem
- Significant data breach class action ruling
- What if the Personal Data Notification & Protection Act Passes?
- ISIS hacks U.S. military social media accounts
- President Obama’s new data privacy agenda
Blog Posts
- OFAC sanctions necessitate improved cybersecurity preparedness and an experienced incident response team
- 10 ways to stay CyberSavvy while employees return to work
- Coronavirus relief funds mistakenly being direct deposited to cybercriminals
- Coronavirus will lead to litigation funding boom
- OCR announces penalty waivers for telehealth COVID-19 emergency and other treatment
- Google fined millions for alleged GDPR violations
- New data privacy laws continue to change the landscape for compliance
- Risk of future identity theft may be sufficient to confer standing in data breach litigation
- Construction contractors must remain vigilant to minimize cybersecurity risks
- Act promptly to address HIPAA violations
- Michigan State University confirms data breach of server containing 400K records
- Yahoo-oops! At least 500M user accounts compromised
- Pass or fail? Data privacy and cybersecurity risks in higher education
- EU privacy regulators offer dubious endorsement of Privacy Shield
- 5 ways US companies can prepare for the Privacy Shield
News
- McDonald Hopkins Announces Transition to New Co-Presidents, Leadership Team
- No end in sight for cyber threats, Crain's Detroit Business
- 50 McDonald Hopkins attorneys recognized in the 2023 editions of The Best Lawyers in America® and Best Lawyers: Ones to Watch in America™
- McDonald Hopkins Announces New Co-Presidents to Lead Firm Into the Future
- 50 McDonald Hopkins attorneys recognized in The Best Lawyers
- McDonald Hopkins attorneys selected to 2021 Michigan Super Lawyers and Rising Stars Lists
- Four McDonald Hopkins attorneys among speakers to be featured at 30th annual Ohio Business Tax Conference
- Cyber Master Class presented by MCPc and McDonald Hopkins
- Nine McDonald Hopkins attorneys recognized as Michigan Super Lawyers and Rising Stars
- McDonald Hopkins nominated again for Cyber Law Firm of the Year
- "Cyber Perspectives on Coronavirus"
- James Giszczak quoted in Metromode in advance of Jan. 29 Detroit area Cybersecurity For Business event
- Giszczak discusses back to school cybersecurity tips on Cleveland WKYC TV-3's Live on Lakeside
- "Important Cyber Tips for Parents Kids Heading Back to School"
- "Labs Should Heed Lessons from Huge Data Breach"
- McDonald Hopkins’ new Litigation Finance Practice Group is one of the first of its kind and unique to the legal market
- "Cyber safe harbor: What to know about Ohio's new data protection law"
- McDonald Hopkins nominated for Cyber Law Firm of the Year
- Eleven attorneys at McDonald Hopkins honored as Michigan Super Lawyers and Rising Stars
- "Click at your own peril"
- "A Cybersecurity Update and Resource Guide for Healthcare Organizations"
- McDonald Hopkins named a finalist for Advisen’s 2017 Cyber Risk Awards
- Shawn M. Riley becomes president of McDonald Hopkins
- "Disaster insurance experts: Business survival depends on preparedness, business continuity planning"
- "Manufacturers beef up cybersecurity"
- "U.S. Steel presses Chinese import ban"
- "Cyber insurance offers companies a safety net from online hackers"
- "Car Hacking Growing More Likely, Security Experts Say"
- "APA Cyber Security Briefing at the DAC"
- "Cybersecurity"
- "Cyber security requires preparedness"
- "In the Future Auto Cybersecurity Onus Could Be on Owners"
- Twelve attorneys at McDonald Hopkins honored as Michigan Super Lawyers and Rising Stars
- McDonald Hopkins issues new white paper: 7 tactics for winning the cyber war
- "Head in the cloud? Many companies remain uninsured against cyberattacks"
- "The Art of (Cyber) War: Cybersecurity Tactics for All Financial Institutions"
- McDonald Hopkins Named a Finalist for Advisen’s 2015 Cyber Risk Awards
- "International Lawyers Network Forms Cybersecurity & Data Privacy Specialty Group," PRLeap features Jim Giszczak
Podcasts
External Publications
- "Nearly One Million Patient Records of Hospitals, Health Clinics, Medical Laboratories, and other Providers Stolen in Ransomware Attack on Medical Records Company," quoted in Dark Daily, September 19, 2022
- "Preventing and Responding to Payroll Fraud Incidents," PEO Insider, Volume 23/No. 1, February 2019
- "Click at your own peril," quoted in Crain's Cleveland Business, July, 29, 2017
- "HIPAA: The Time for Compliance Is Now," Northern Ohio Physician, Volume 101/No. 4, July/August 2016
- "Head in the cloud? Many companies remain uninsured against cyberattacks," quoted in Crain's Detroit Business, July 26, 2015
- "The Art of (Cyber) War: Cybersecurity Tactics for All Financial Institutions," Bloomberg BNA's Banking Report, May 19, 2015
- "You may be in the crosshairs of a new Florida statute, even if you are located outside of Florida," PEO Insider, September 2014
- "How to brace your business against cyber attacks and avoid being the next Target," quoted in The Plain Dealer, July 17, 2014
- Protecting IP: Q&A with James Giszczak of McDonald Hopkins," Net Diligence Blog, October 2013
- "Ten Steps: Best Practices in Hiring Laboratory Professionals," White Paper with Richard Cooper and Slone Partners, October 2013
- “Data Privacy: Protecting PEO Assets, Data, and Client Information,” PEO Insider, August 2013
- Quoted, "Data Breach Cases Turning Plaintiffs' Way Attorneys Say," Law360, June 6, 2013
- "Risky Business: Sharing Health Data while Protecting Privacy," Trafford Publishing, 2013
- "Anatomy of a Data Breach: A 3 Part Series - Part 3: Immediate Action Items Upon a Data Breach," Risky Business - The Privacy Analytics Newsletter, August 2012
- "How to minimize the risk of, or respond to, a data breach," Smart Business Magazine, August 2012
- "Anatomy of a Data Breach: A 3 Part Series - Part 2: Proactive Measures and Requirements to Minimize the Risk of a Data Breach," Risky Business - The Privacy Analytics Newsletter, June 2012
- "Data Breach at Your Laboratory? Immediate Action Items! How to Deal with a PHI Violation," G2 Intelligence Compliance Report - Perspectives, July-August 2012
- "Data Breach? Immediate Action Items!" PEO Insider, April 2012
- "Anatomy of a Data Breach: A 3 Part Series - Part 1: Data Privacy Regulations, Penalties and Statistics," Risky Business - The Privacy Analytics Newsletter, March 2012
- "3 New state data breach notification statutes and expiration of a grandfather clause in 2012," RBMA Monthly Legal Update Digest, March 2012
- "Attorneys General and FTC continue to increase legal standards for data privacy compliance and penalties for noncompliance" RMBA Monthly Legal Update Digest November 2011
- "Are you legally vulnerable?" Smart Business Detroit, October 2011
- "How sales representative agreements can provide both a shield and a sword," Smart Business Detroit, September 2011
- "Don't Risk Customers' Data - Protect your business when a vendor handles clients' personal information" Scotsman Guide Commercial Edition, January, 2011
- "Sales Rep Agreements, are you protected?" HBMA Billing, December 2010
- "Year-end exodus--How to protect your assets and minimize loss due to misappropriation or a data breach," Smart Business Detroit-Insights, Legal Affairs, December 2010
Events
- The Future of Workplace Security: A Cybersecurity Attorney’s Perspective | Thursday, December 9, 2021
- ILN 2021 Fall Virtual Conference | Thursday, November 11, 2021
- Post Breach Restoration & Recovery | Wednesday, July 14, 2021
- ILN Virtual Conference - Ransomware and how to avoid it, respond to it and otherwise recover | Friday, May 21, 2021
- Meeting the Challenges of Data Privacy & Cybersecurity in a New Global Workplace, 2021 Ohio Business Tax Conference | Wednesday, January 20, 2021
- Cyber Master Class Session 2: Understanding legal and cyber risk imperatives | Thursday, October 8, 2020
- Preparing Your Company to Handle a Cyber Incident | Wednesday, October 7, 2020
- Cybersecurity and transitioning back to business as usual | Friday, May 15, 2020
- Welcome to the Next Normal- What will it look like? | Wednesday, May 6, 2020
- Cybersecurity for Business | Wednesday, January 29, 2020
- Key Elements For Your Incident Response Plan | Wednesday, December 11, 2019
- Protecting Business Assets 2018 | Tuesday, March 13, 2018
- Cyber Risk and Privacy Liability Forum | Monday, June 5, 2017
- CyberOhio Business Summit | Friday, March 31, 2017
- Protect Your Business: Find Out How Your Data Security Could Be Compromised | Tuesday, December 6, 2016
- 6th Annual Conference TCIA | Wednesday, November 16, 2016
- HFTP Annual Convention | Wednesday, October 19, 2016
- Victim or Villain: Strategies for the ever-changing cyber security landscape | Wednesday, August 24, 2016
- Working Toward Prevention of the Breach: What Do Phishing Incidents Look Like?; How Do Forensic Investigations Take Place?; and Are There Ways to Try to Prevent the Breach? | Friday, July 29, 2016
- Data Breaches – Yes, it CAN happen in the franchise industry! Are you prepared? | Wednesday, June 29, 2016
- Laboratory Privacy and Security: How to Safeguard Your Data and Ensure Compliance with Tougher Enforcement of Government Guidelines | Thursday, June 23, 2016
- Data Privacy and Security: Fundamentals of Protecting Your Practice | Tuesday, April 12, 2016
- NIRI Cleveland and Northern Ohio Chapter Presents Cybersecurity Preparedness | Wednesday, March 16, 2016
- IAPD/IPRA Soaring to New Heights conference | Thursday, January 28, 2016
- Data Privacy: "Somewhat Prepared" is NOT Prepared! | Tuesday, June 30, 2015
Speaking Engagements
- "Tales from the Crypt: Cybersecurity for Employee Benefit Plans," Worldwide Employee Benefits Network Webinar, October 14, 2021
- "Security and Compliance Challenges, Strategies, and Concepts for Protecting Your Business," Data Partner Inc., March 21, 2019
- "Payroll Fraud and Its Impact on PEOs," NAPEO's 2019 Webinar Series, February 5, 2019
- "Cybersecurity - What To Do in the Event of a Data Breach," AEGIS 2018 Claims Seminar, October 17, 2018
- "Risk Management: The Intersection of Professional Liability and Cyber Insurance," New York City Bar Association & Lockton, June 27, 2017
- "Cybersecurity and Prevention of Data Breaches: In-House Counsel’s Role in Assessment, Preparation, and Response," NACUA 2017 Annual Conference, June 26, 2017
- "Data Privacy and Security: Fundamentals of Protecting Your Practice," APF 2016 Pathology Coding and Practice Management Seminar, April 12, 2016
- "A Big Year for Regulation and Cyber Litigation," 2016 Advisen Cyber Risk Insights Conference, March 2, 2016
- "APA Cyber Security Briefing," Detroit, Michigan, February 3, 2016
- "Public Entity Cybersecurity Risks," IAPD/IPRA Soaring to New Heights conference, January 29, 2016
- Cybersecurity: Protecting Your Information, Assets, & Officers, Clear Law Institute webinar, October 28, 2015
- Strategic Planning to Deal with the Trojan Car, Society of Automotive Analysts, October 28, 2015
- Tales from the Crypt XIV: The Anatomy of a Data Breach, Worldwide Employee Benefits Network, October 22, 2015
- Data Privacy Incidents: How to Stay Defensible Before, During and After, IAPP KnowledgeNet, October 15, 2015
- Preparing for a Data Breach Crisis: How to Run A Table Top Exercise, URMIA's 46th Annual Conference, October 13, 2015
- Data Privacy: What ESOP Companies Need to Know, Great Lakes Regional ESOP Conference, October 8, 2015
- A Pound of Cure: Strategies for Preventing and Responding to Data Breaches, Part 2, webinar with Epiq Systems, March 31, 2015
- An Ounce of Prevention: Preparing for a New Era of Data Breaches, Part 1, webinar with Epiq Systems, March 24, 2015
- Live Cyber Incident Simulation Exercise, Advisen 2015 Cyber Risk Insights Conference, March 3, 2015
- President Obama’s New Personal Data Notification & Protection Act, webinar with ID Experts, February 12, 2015
- Data Breaches: From Prevention to Reaction, The Institute of Internal Auditors (IIA) and Information Systems Audit and Control Association (ISACA), December 8, 2014
- Top 10 Data Privacy Threats Confronting Colleges and Universities, webinar with Huron Consulting Group, November 19, 2014
- Yes, it CAN happen to you! Are you prepared?, webinar with Enterprise Risk Management, November 14, 2014
- Establishing a Perimeter – Data Privacy & Security in Practice, The American Pathology Foundation, October 30, 2014
- Vendor Contracts, NetDiligence Cyber Risk & Privacy Liability Forum, October 2014
- Data Breach: It’s Not “If” But “When”… Are you Prepared?, NRRA 2014 National Conference, September 2014
- Is My Data Safe? Why HR Professionals Should Care, American Society of Employers Employment Law Conference, September 2014
- Data Privacy: Legal Risks, Mitigation, Response and the Impact of the New Florida Information Protection Act, Hospitality Financial and Technology Professionals South Florida Chapter, August 21, 2014
- Data Breach/Information Security Readiness, webinar for municipalities and higher education, August 2014
- Intellectual Property: Threats, Valuation & Protection, NetDiligence Cyber Risk & Privacy Liability Forum, June 2014
- Data Breach and Coverage Litigation, NetDiligence Cyber Risk & Privacy Liability Forum, June 2014
- Data Security Breaches and Why HR Professionals Should Care, American Society of Employers' Selected Insights Series, May 9, 2014
- Federal Regulatory, Legislative, and Enforcement Landscape: Changes on the Horizon and Integrating New and Anticipated Initiatives into your Practice, 8th National Advanced Forum on Cyber & Data Risk Insurance, March 2014
- Data Security and Related Liability-- What an ESOP company needs to know, ESOP Association Annual Spring Conference, March 2014
- The Real Cyber Risk: Threats, Valuation & Protection, NetDiligence Cyber Risk and Privacy Liability Forum, October 2013
- Cyber Risk Seminar: The Maze of Legal Requirements, January 2013
- Data Privacy & Security: Why It's the New Top Concern for Directors and General Counsel, presentation to Fortune 100 Company, September 2012
- Privacy and Security: What You Need to Know to Keep Your Company Safe, Privacy and Security Seminar, July 2012
- Commentator, Non-Compete and Trade Secret Matters, Golf Exchange Radio Program, July 2012
- 30 Days of Hell – Preserving Reputation During Plan Failures, NetDiligence, CyberRisk & Privacy Liability Forum, June 2012
- Contracting and Non-Compete Agreements: What You Need to Know, American Pathology Foundation 2012 Distance Learning Leadership Science Series, May 2012
- Social Media Issues -- Best Practices and Procedures, NAPEO's 2012 Legal & Legislative Conference, May 2012
- Cyber and Privacy Liability Seminar, November 2011
- The Secret Behind Laboratory Business Success: Strategies for Hiring and Retaining Key Personnel and Protecting Lab Assets, G2 Intelligence--Lab Institute 2011, October 2011
- Anatomy of a Data Breach, July 2011
- Key Considerations in Employment Contracts for Management and Essential Personnel, Executive War College, May 2011
- Sales Representatives, Data Security, Restrictive Agreements & Insurance: Are You Shooting Yourself in the Foot?, HBMA Spring Education Conference, April 2011
- Take a Smarter Approach to Securing your Data, TouchWorld and IBM Data Privacy Seminar, March 2011
- "Navigating HITECH Real World Issues for your Practice," co-presenter for the RBMA Northeast Chapter Spring Educational Meeting, April 2010
