Dominic A. Paluzzi

Dominic A. Paluzzi: Attorney with McDonald Hopkins LLC
  • Member at McDonald Hopkins LLC (143 Attorneys)
  • 39533 Woodward Avenue, Suite 318, Bloomfield Hills, MI 48304
    View Dominic A. Paluzzi's office location
  • Peer Reviews
    No Reviews
    Client Reviews
    No Reviews
  • Profile Visibility [ i ]



Dominic is co-chair of the firm’s national Data Privacy and Cybersecurity Practice Group. He advises organizations on data privacy and cybersecurity risks on both a national and international basis, including proactive compliance, incident response strategies and management, and defense of regulatory enforcement actions and single-plaintiff and class action litigation. Dominic has counseled clients through over 1,000 data breaches and privacy incidents where he works closely with local, state and federal law enforcement, forensic investigators and third-party vendors to offer his clients efficient and effective breach response services in compliance with the numerous state, federal, international and industry-specific legal obligations. Dominic has significant experience defending organizations in third-party and regulatory enforcement actions arising out of a data breach. He also focuses his practice on proactively protecting clients’ personal, sensitive and confidential information and minimizing the risk of a data privacy incident. He has conducted more than 200 breach response workshops and training sessions for organizations and their risk management teams, and helps clients with the development of their written information security programs and incident response plans. In recognition of his efforts in this area, Dominic was named to Cybersecurity Docket’s inaugural Incident Response 30 , a list of the “best and brightest” data breach response attorneys and compliance professionals in the industry. Dominic and his team were also named a finalist for Advisen’s 2017 Cyber Risk Awards for Cyber Law Firm of the Year and Advisen’s 2015 Cyber Risk Awards in the Cyber Risk Pre-Breach Team of the Year category.

His work in this area covers a multitude of industries, including, higher education, healthcare, hospitality, retail, automotive, utilities, accounting, financial services, law, information technology, staffing services, manufacturing, professional employer organizations, fleet services, franchising, non-profits, drug and pharmacy, municipalities, and insurance. Dominic is also a frequent speaker and writer on data privacy law. If you suspect that your organization has suffered a data breach, call our 24/7 Hotline: 855-MH-DATA1 (855-643-2821).

Dominic also has significant experience in the area of trade secret and non-compete law, counseling clients in nearly every industry. He has considerable nationwide experience prosecuting and defending employers and employees in non-compete, non-solicit, non-disclosure and trade secret litigation. Dominic’s national practice also involves drafting of complex restrictive covenant agreements and auditing of protectable business assets.

Dominic earned a J.D./M.B.A., cum laude, from University of Detroit Mercy School of Law in 2007. He received a B.S.A., summa cum laude, from University of Detroit Mercy in 2004.

Honors and Awards

•Cybersecurity Docket’s Incident Response 30 (2016)
•Selected for inclusion in Michigan Rising Stars (2013-2017)
•Jason Long Editing Award, University of Detroit Mercy Law Review
•Wall Street Journal Award, University of Detroit Mercy College of Business Administration

Public Service and Volunteerism

•St. John Hospital and Medical Center Guild (Board of Directors)
•University of Detroit Mercy School of Law Alumni Association (Board of Directors)
•University of Detroit Mercy College of Business Administration Alumni Association (Board of Directors)
• Run for the Ribbon (Committee Officer)



•OCR s HIPAA breach wall of shame breaks 2,000
•OCR issues guidance on cyber threat reporting and monitoring
•March 1 deadline approaching to submit breach reports
•Who is a HIPAA business associate?
•OCR to step up investigations of small HIPAA breaches
•EU-U.S. Privacy Shield formally adopted, set to launch Aug. 1 for U.S. businesses
•Illinois toughens up on privacy by bolstering its breach notification law
•Phase 2 HIPAA audits are coming
•HIPAA enforcement heats up with two more settlements
•EU and US agree to Privacy Shield to replace the Safe Harbor
•OCR strikes again with 3 recent HIPAA settlements
•Finally, EU officials agree on new data protection reform
•Recent HIPAA settlement reinforces importance of encryption, risk analysis, and mobile device security
•Merchants beware: You could be on the hook for the next data breach
•Threat of identity theft is enough for your consumers to sue
•Communications with your cybersecurity consultant and forensic reports may now be protected
•President Obama Signs Executive Order Imposing Sanctions on Foreign Hackers
•Decoding the new payment card security standard
•Who will fight against cyber crime?
•March 1 deadline approaching for HIPAA covered entities to submit breach reports
•Anthem s two small details that led to one big breach
•International hacking ring executes $1 billion banking breach
•White House announces new cyber threat agency
•Cybersecurity breach rocks Anthem
•Significant data breach class action ruling
•What if the Personal Data Notification & Protection Act Passes?
•ISIS hacks U.S. military social media accounts
•President Obama’s new data privacy agenda
•Board members beware: The SEC is watching
•Florida raises the bar on data privacy, security and breach notification with passage of new law
•Record settlement underscores escalating HIPAA risks
•Who enforces data security protections?
•HIPAA covered entities and business associates face plethora of cyber security enforcers
•Federal data breach bills pile up in Senate
•First of its kind lawsuit for unnecessary delay in data breach notices
•Detroit s employees confront data breach
•HIPAA covered entities face March 1 deadline for breach reports
•Class action puts bulls eye on Target s directors and officers
•Data Breach? The FTC May Be Calling
•A surge in healthcare data breaches: Failure to comply with HIPAA is costly
•Don t be a TARGET -- No pun intended
•U.S. House examines state data breach notification laws and potential federal preemption
•Professional service firms are the new target of cyber/data thieves
•Final Rule implements HITECH revisions to Privacy and Security Rules

Blog Posts

•Act promptly to address HIPAA violations
•Michigan State University confirms data breach of server containing 400K records
•Yahoo-oops! At least 500M user accounts compromised
•Pass or fail? Data privacy and cybersecurity risks in higher education
•EU privacy regulators offer dubious endorsement of Privacy Shield
•5 ways US companies can prepare for the Privacy Shield
•It s Data Privacy Day: Time to protect your digital footprint
•5.6 million fingerprints compromised in OPM breach - you can t change your fingerprint!
•Live from IAPP Global Privacy Summit in D.C.: FTC Weighs in on Consumer Privacy Bill of Rights
•Happy Data Privacy Day 2015!
•Sony CEO and Secretary Shared TMI
•Fighting Cyber Attacks: Beazley on Bloomberg TV
•An FBI briefing on the Cyber Threat Q and A
•Florida passes new breach notification law with sweeping changes
•Who enforces data security protections? A federal court says yes to the FTC
•Target CEO Target won t be defined by the breach, but how we handle the breach. Either way, it s not pretty!
•Happy Data Privacy Day!
•Target lives up to its name: data breach on Black Friday- Update
•Are you the lucky one? 1 in 4 data breach notification recipients become a victim of identity fraud
•New York Times Website Hacked by Supporters of Syrian President
•McDonald Hopkins submits statement for the record to a congressional committee regarding state data breach notification laws
•5 Indicted in Largest U.S. Data Breach Scheme
• Like it or not, Facebook suffers data breach
•City of Akron is Talking Turkey About Cybersecurity
•Another One Bites the Dust! Senate Refuses to Vote on House Cybersecurity Bill
•Enjoy that Orange Jumpsuit! 7 Sentenced to Prison After Stealing Personal Information in Chicago
•Associated Press Twitter Account Hacked; Dow and S&P Crash Temporarily
•Take 2: House passes cybersecurity bill again while Obama threatens to veto it
•Professional service firms are the new target of cyber/data thieves
•Tax season is heaven for cyber criminals -- Tips to avoid ID theft
•Aloha! Uh oh! Data breach in Hawaii after surgeon s computer is stolen on vacation
• Phantom Chads - First Known Cyberattack on Election Data
•Data Breaches More than Doubled in 2012
•Global Payments Breach Cost: $94 Million
•Twitter confirms hacking of 250,000 accounts
•The Final HITECH Rule is Out - Is Your Organization Ready?
•Recent Study on data breach notifications shows customer loyalty and trust are at serious risk
•Do you know the cost of not complying with data privacy laws?


•McDonald Hopkins to examine GDPR s impact on American businesses
•Eleven attorneys at McDonald Hopkins honored as Michigan Super Lawyers and Rising Stars
•McDonald Hopkins named a finalist for Advisen’s 2017 Cyber Risk Awards
• 5 data breach predictions for 2017
• What will the data breach landscape look like in 2017?
•Shawn M. Riley becomes president of McDonald Hopkins
•Dominic Paluzzi named to Cybersecurity Docket s Incident Response 30
•Data privacy and cybersecurity attorney Dominic A, Paluzzi elected Member at McDonald Hopkins
•Twelve attorneys at McDonald Hopkins honored as Michigan Super Lawyers and Rising Stars
•McDonald Hopkins Named a Finalist for Advisen’s 2015 Cyber Risk Awards
•McDonald Hopkins to launch higher education live webcast series
•Eleven attorneys at McDonald Hopkins honored as Michigan Super Lawyers and Rising Stars
• How to brace your business against cyber attacks and avoid being the next Target

External Publications

•Co-Author of the Data Privacy and Cybersecurity Blog @ the online business community- Business Advocate
• Digging Into the President’s Data Breach Notification Bill, JUNTO Blog, March 10, 2015
• President Obama’s New Personal Data Notification & Protection Act: Overview, Analysis, and Challenges, ID Experts Webinar Q&A, February 12, 2015
• Florida toughens breach notice law, quoted in Data Breach Today, June 27, 2014
•“Data Privacy: Protecting PEO Assets, Data, and Client Information,” PEO Insider, August 2013
• Aloha! Uh oh! Data Breach in Hawaii after Physician's Computer is Stolen on Vacation, RBMA Monthly Legal Update Digest April 2013
• Risky Business: Sharing Health Data while Protecting Privacy, Trafford Publishing, 2013
•“HITECH Final Rule Revises Privacy, Security and Breach Notification Rules,” Northern Ohio Physician - Academy of Medicine of Cleveland & Northern Ohio, March/April 2013
• Anatomy of a Data Breach: A 3 Part Series - Part 3: Immediate Action Items Upon a Data Breach, Risky Business - The Privacy Analytics Newsletter, August 2012
• How to minimize the risk of, or respond to, a data breach, Smart Business Magazine, August 2012
• Data Breach at Your Laboratory? Immediate Action Items! How to Deal with a PHI Violation, G2 Intelligence Compliance Report - Perspectives, July-August 2012
• Anatomy of a Data Breach: A 3 Part Series - Part 2: Proactive Measures and Requirements to Minimize the Risk of a Data Breach, Risky Business - The Privacy Analytics Newsletter, June 2012
• Data Breach? Immediate Action Items!, PEO Insider, April 2012
• Anatomy of a Data Breach: A 3 Part Series - Part 1: Data Privacy Regulations, Penalties and Statistics, Risky Business - The Privacy Analytics Newsletter, March 2012
• 3 New state data breach notifications statutes and expiration of a grandfather clause in 2012, RBMA Monthly Legal Update Digest, March 2012
• Attorneys General and FTC continue to increase legal standards for data privacy compliance and penalties for noncompliance, RBMA Monthly Legal Update Digest November 2011
• OESA North American OEM Production P.O. Terms and Conditions Comparative Analysis, co-author, September 2008, 2009
• Trade Secrets and Agreements Not to Compete, co-author, Michigan Chapter, Defense Research Institute (DRI), Winter 2008
Beard v. Whitmore Lake School District, 84 U. DET. MERCY L. REV. 15, Fall 2006


•Ohio Concrete Annual Meeting Thursday, December 7, 2017
•Is Your Business Ready for the GDPR? Tuesday, November 28, 2017
•Cyber Risk and Data Security Seminar Thursday, October 26, 2017
•Current cyber trends, value of a policy, and anatomy of a breach Thursday, October 19, 2017
•CyberOhio Business Summit Friday, March 31, 2017
•Cyber: Prepare, Prevent, Mitigate, Restore Thursday, March 16, 2017
•HFTP Annual Convention Wednesday, October 19, 2016
•NetDiligence Cyber Risk and Privacy Liability Forum Tuesday, October 18, 2016
•Outbreak - Ransomware Reporting Requirements in the Health Care Industry Thursday, September 22, 2016
•Help, a Data Breach! Who to Tell, How Much and When... Tuesday, September 20, 2016
•IAPD/IPRA Soaring to New Heights conference Thursday, January 28, 2016
•Data Privacy: Somewhat Prepared is NOT Prepared! Tuesday, June 30, 2015
•The top 10 data privacy threats confronting colleges and universities Wednesday, November 19, 2014
•Anatomy of a data breach Wednesday, November 19, 2014
•Webcast -- Data Privacy: Legal Risks, Mitigation and Response for Municipalities Tuesday, July 22, 2014
•An FBI briefing on the Cyber Threat Wednesday, July 16, 2014
•The new HIPAA standards: Are you ready? Changes and action steps for HIPAA covered entities and business associates Thursday, August 22, 2013

Speaking Engagements

•Educational Institutions Risk Management Day, August 17, 2017

• Third Party Risk and Auditing in Today's Cybersecurity Environment, May 25, 2017

•2017 MPL Leadership Conference, Cyber Panel: Are You Ready For An Attack?, March 9, 2017

• Corporate Governance Developments, 20th Annual Donnelley Financial Solutions SEC Hot Topics Institute, November 17, 2016
•Understanding Risk Assessments: Key issues in managing data privacy risk and implementing measures to combat security threats, November 15, 2016
•Cyber 2.0 - Demystifying the Coverage and Coverage Triggers of Cyber/Crime Coverage, October 11, 2016
• Attorney/Client Privilege Issues Arising out of Breach Notification: Attorneys’ Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged, and Determining Whether Forensic Reports Should be Turned Over, 2nd National Forum on Data Breach & Privacy Litigation and Enforcement, September 2016
• Attorney/Client Privilege Issues Arising out of Breach Notification: Attorney’s Ethical Duties When Clients Seek Advice During a Breach, Examining the Communication That is Considered Privileged and Determining Whether Forensic Reports Should be Turned Over, American Conference Institute's Data Breach and Privacy Litigation and Enforcement Conference, March 18, 2016
• Public Entity Cybersecurity Risks, IAPD/IPRA Soaring to New Heights conference, January 29, 2016
• Cybersecurity: Protecting Your Information, Assets, & Officers, Clear Law Institute webinar, October 28, 2015
•“Tales from the Crypt XIV: The Anatomy of a Data Breach,” Worldwide Employee Benefits Network, October 22, 2015
• Tabletop Exercise on Different Breach Scenarios and With Various Departments (IT, Security, Privacy Officers, CIO), American Conference Institute's 11th National Advanced Forum on Cyber & Data Risk Insurance, September 30, 2015
•“Handling a Cyber Incident from Beginning to End,” Assurex Loss Control & Claims Seminar, September 22, 2015
•“Cyber Security, Defenses and Handling a Cyber Incident,” Assurex E&O Plus Quality Management Seminar, September 22, 2015
•“Lessons from the Anthem Breach - What PEOs Need to Know and Need to Do with Respect to their Health Plans and 401(k)s,” NAPEO’s 2015 Annual Conference & Marketplace, September 12, 2015
•“How Cyber Liability Can Jump Up & Bite You!,” Assurex Global Financial Management Conference, June 26, 2015
•“The Evolving Liabilities of Healthcare Cyber, Privacy & Security Risks,” Connecticut Orthopaedic Society, June 16, 2015
•“Do you have appropriate data privacy policies and a response plan in place? Will the regulators and the courts agree?,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015
•“How to Properly Respond to a Data Breach and Regulatory Investigation,” Third Annual Michigan Cyber Range Cybersecurity Conference, May 12, 2015
•“Exercising Your Data Breach Response Plan,” RIMS 2015 Annual Conference, April 28, 2015
•“The Latest Legal and Financial Implications of Today’s Cyber Risks for US Organizations,” New England Association for Financial Professionals Annual Conference, April 16, 2015
• A Pound of Cure: Strategies for Preventing and Responding to Data Breaches, Part 2, webinar with Epiq Systems, March 31, 2015
• An Ounce of Prevention: Preparing for a New Era of Data Breaches, Part 1, webinar with Epiq Systems, March 24, 2015
• Cybersecurity: Crimes & Consequences, University of Detroit Mercy College of Business Administration Alumni Week, March 17, 2015
• President Obama’s New Personal Data Notification & Protection Act, webinar with ID Experts, February 12, 2015
• Data Breaches: From Prevention to Reaction, The Institute of Internal Auditors (IIA) and Information Systems Audit and Control Association (ISACA), December 8, 2014
• Yes, it CAN happen to you! Are you prepared?, webinar with Enterprise Risk Management, November 14, 2014
•“Establishing a Perimeter - Data Privacy & Security in Practice,” The American Pathology Foundation, October 30, 2014
•“Managing Public Entity Cyber Risk Exposure,” National League of Cities Risk Information Sharing Consortium Staff Conference, October 21, 2014
• Emerging Regulatory and Enforcement Activities and the Growing Authority of the State AG Offices, American Conference Institute's 9th National Advanced Forum on Cyber & Data Risk Insurance, September 29, 2014
• Data Privacy: Legal Risks, Mitigation, Response and the Impact of the New Florida Information Protection Act, Hospitality Financial and Technology Professionals South Florida Chapter, August 21, 2014
• Mobile Technology, Health Care, and Data Security: Minimizing the Risks and Leveraging the Benefits, The American Law Institute Continuing Legal Education, Webinar, June 26, 2014
• Small entity cyber liability, NetDiligence Cyber Risk & Privacy Liability Forum, June 12, 2014
• Data Security Breaches and Why HR Professionals Should Care, American Society of Employers' Selected Insights Series, May 9, 2014
•Breach Response Workshops to Insureds, October 2010-present
• Cyber Risk Seminar: The Maze of Legal Requirements, January 2013
• Data Breach Planning & Response Basics, Webinar, November 2012
• Privacy and Security: What You Need to Know to Keep Your Company Safe, Privacy and Security Seminar, November 2012
• Data Privacy & Security: Why It's the New Top Concern for Directors and General Counsel, presentation for Fortune 100 Company, September 2012
• The Ignored Security Crisis, February 2012
• Cyber and Privacy Liability, Seminar, November 2011
• Data Privacy and Security - Limit Exposure and Penalties, Seminar, September 2011
• Anatomy of a Data Breach, McDonald Hopkins presentation to insureds, July-September 2011
• Take a Smarter Approach to Securing your Data, McDonald Hopkins, TouchWorld and IBM Data Privacy Seminar, March 2011
•“Administering New Severance Agreements, September 2009
•“Administering New Restrictive Agreements,” June 2009

Areas of Practice (4)

  • Data privacy and cybersecurity
  • Trade secrets
  • Healthcare
  • Business litigation

Education & Credentials

Contact Information:
248-220-1356  Phone
248-646-5075  Fax
University Attended:
University of Detroit Mercy, B.S.A., summa cum laude, 2004
Law School Attended:
University of Detroit Mercy School of Law, J.D., cum laude, 2007; University of Detroit Mercy School of Law, M.B.A., cum laude, 2007
Year of First admission:
2008, Michigan; U.S. District Court for the Eastern District of Michigan

Professional Membership

•State Bar of Michigan
•American Bar Association
•Detroit Metropolitan Bar Association
•Macomb County Bar Association
•Italian-American Bar Association
•Phi Alpha Delta
•Beta Gamma Sigma

Birth Information:
Payment Information:
  • Accepts
  • Fixed Hourly Rates
  • Fixed Fees Available
  • Peer Reviews

    This lawyer does not have peer reviews.

    *Peer Reviews provided before April 15, 2008 are not displayed.

    Client Reviews

    This attorney does not have client reviews.

    Documents ({{amountArticles}})

    Documents by this lawyer on
    Other documents: ,

    Bloomfield Hills, Michigan

    Contact Dominic A. Paluzzi

    Please correct the fields highlighted in red.

    By clicking on the "Submit" button, you agree to the Terms of Use, Supplemental Terms and Privacy Policy. You also consent to be contacted at the phone number you provided, including by autodials, text messages and/or pre-recorded calls, from Martindale and its affiliates and from or on behalf of attorneys you request or contact through this site. Consent is not a condition of purchase.

    You should not send any sensitive or confidential information through this site. Emails sent through this site do not create an attorney-client relationship and may not be treated as privileged or confidential. The lawyer or law firm you are contacting is not required to, and may choose not to, accept you as a client. The Internet is not necessarily secure and emails sent though this site could be intercepted or read by third parties.