Search form

Mary T. Costigan

Of Counsel
Berkeley Heights

P 908-795-5135 F 908-464-2614


Mary T. Costigan


Mary T. Costigan is Of Counsel in the Berkeley Heights, New Jersey, office of Jackson Lewis P.C. She holds a Certified Information Privacy Professional/US designation from the International Association of Privacy Professionals (iapp). Mary advises multinational, national, and regional companies on emerging privacy and cybersecurity issues, including the broad and growing array of mandates, best practices, and preventive safeguards. In particular, she focuses on advising and assisting clients in matters relating to compliance with the General Data Protection Regulation (GDPR) and U.S. privacy and data security standards such as HIPAA/HITECH. She also assists clients with data breach preparation and response, biometric data collection policies, vendor security assessments, and data security agreements, including business associate agreements.

Mary started her career as a litigation associate in private practice and worked as a senior litigator and advisor to the Massachusetts Department of Revenue in its Boston and New York City offices. Prior to joining Jackson Lewis, she was a Global Privacy Manager at KPMG where she advised internal stakeholders and project teams on global data protection and privacy matters, with a concentration on software applications.

Professional Associations and Activities

  • American Bar Association
  • International Association of Privacy Professionals
  • New Jersey Bar Association

Pro Bono and Community Involvement

  • Franklin Lakes Office of Emergency Management, ham radio operator

Published Works

"New Jersey - Data Protection Overview," OneTrust DataGuidance (January 2020) [Author]


  • “How to Comply with GDPR Requirements: What Every U.S. Company Needs to Know,” EVERFI Webinar (May 2018)
  • “Navigating the Patchwork: Complying With Your Legal Obligations to Safeguard Data - Impact of the GDPR on US-Based Organizations,” New York State Bar Association (webinar, October 2018) (speaker)
  • “The EU General Data Protection Regulation,” Carolinas Credit Union League Compliance Legal Update (Winston-Salem, NC, August 2018) (speaker)