Search form

Mary T. Costigan


P 973-451-6367
F 973-540-9015


Mary T. Costigan is an Associate in the Morristown, New Jersey, office of Jackson Lewis P.C. She holds a Certified Information Privacy Professional/US designation from the International Association of Privacy Professionals (iapp). Ms. Costigan advises multinational, national, and regional companies on emerging privacy and cybersecurity issues, including the broad and growing array of mandates, best practices, and preventive safeguards. In particular, she focuses on advising and assisting clients in matters relating to compliance with the General Data Protection Regulation (GDPR) and U.S. privacy and data security standards such as HIPAA/HITECH. She also assists clients with data breach preparation and response, biometric data collection policies, vendor security assessments, and data security agreements, including business associate agreements.

Ms. Costigan started her career as a litigation associate in private practice and worked as a senior litigator and advisor to the Massachusetts Department of Revenue in its Boston and New York City offices. Prior to joining Jackson Lewis, she was a Global Privacy Manager at KPMG where she advised internal stakeholders and project teams on global data protection and privacy matters, with a concentration on software applications.

Professional Associations and Activities

  • American Bar Association
  • International Association of Privacy Professionals
  • New Jersey Bar Association

Pro Bono and Community Involvement

  • Franklin Lakes Office of Emergency Management, ham radio operator

Speeches and Presentations

  • “How to Comply with GDPR Requirements: What Every U.S. Company Needs to Know,” EVERFI Webinar (May 2018)
  • “Navigating the Patchwork: Complying With Your Legal Obligations to Safeguard Data - Impact of the GDPR on US-Based Organizations,” New York State Bar Association (webinar, October 2018) (speaker)
  • “The EU General Data Protection Regulation,” Carolinas Credit Union League Compliance Legal Update (Winston-Salem, NC, August 2018) (speaker)

See AllMary T. Costigan in the News

July 9, 2018

Jason Gavejian, Joseph Lazzarotti and Mary Costigan Discuss Successful Compliance With GDPR

July 9, 2018

Jason Gavejian, Joseph Lazzarotti and Mary Costigan discuss steps for businesses to take in the age of GDPR in "How the GDPR gives new meaning to established privacy and security principles," published by EVERFI. Subscription may be required to view article Read More

See AllPublications

November 8, 2017

How Cybersecurity Lapses Hurt Auto Dealerships and What Dealerships Can Do

November 8, 2017

Automobile dealerships’ cybersecurity vulnerabilities can drive away customers, according to a survey by auditing firm Total Dealer Compliance. Automotive News said the survey of 200 dealerships in five states found that: Nearly 84 percent of consumers would not buy another car from a dealership that had a data security breach... Read More

See AllBlog Posts by Mary T. Costigan

California Consumer Privacy Act Amendment Signed Into Law
September 25, 2018

On September 23, 2018, Governor Jerry Brown signed into law SB-1121 amending certain provisions of the California Consumer Privacy Act of 2018 (CCPA) which was enacted in June of this year. Read More

U.S. Employers with EU Employees Gearing Up for GDPR
January 10, 2018

With the continuing parade of high profile data security breaches, the concern U.S. organizations have about the security of their systems and data has been steadily growing. And rightly so. Almost every organization processes (collects, uses, stores, or transmits) individually identifiable data. Read More

Its Tax Time – Alert Your HR and Payroll Teams About W2 Phishing Scams
December 18, 2017

Last February, the IRS issued a warning to all employers regarding the resurgence of a W-2 based cyber scam. Read More