Search form

Mary T. Costigan

Associate
Morristown

P 973-451-6367
F 973-540-9015
Mary.Costigan@jacksonlewis.com

Biography

Mary T. Costigan is an Associate in the Morristown, New Jersey, office of Jackson Lewis P.C. She holds a Certified Information Privacy Professional/US designation from the International Association of Privacy Professionals (iapp). Ms. Costigan advises multinational, national, and regional companies on emerging privacy and cybersecurity issues, including the broad and growing array of mandates, best practices, and preventive safeguards. In particular, she focuses on advising and assisting clients in matters relating to compliance with the General Data Protection Regulation (GDPR) and U.S. privacy and data security standards such as HIPAA/HITECH. She also assists clients with data breach preparation and response, biometric data collection policies, vendor security assessments, and data security agreements, including business associate agreements.

Ms. Costigan started her career as a litigation associate in private practice and worked as a senior litigator and advisor to the Massachusetts Department of Revenue in its Boston and New York City offices. Prior to joining Jackson Lewis, she was a Global Privacy Manager at KPMG where she advised internal stakeholders and project teams on global data protection and privacy matters, with a concentration on software applications.

Professional Associations and Activities

  • American Bar Association
  • International Association of Privacy Professionals
  • New Jersey Bar Association

Pro Bono and Community Involvement

  • Franklin Lakes Office of Emergency Management, ham radio operator

Speeches and Presentations

  • “How to Comply with GDPR Requirements: What Every U.S. Company Needs to Know,” EVERFI Webinar (May 2018)
  • “Navigating the Patchwork: Complying With Your Legal Obligations to Safeguard Data - Impact of the GDPR on US-Based Organizations,” New York State Bar Association (webinar, October 2018) (speaker)
  • “The EU General Data Protection Regulation,” Carolinas Credit Union League Compliance Legal Update (Winston-Salem, NC, August 2018) (speaker)

See AllMary T. Costigan in the News

July 9, 2018
EVERFI

Jason Gavejian, Joseph Lazzarotti and Mary Costigan Discuss Successful Compliance With GDPR

July 9, 2018

Jason Gavejian, Joseph Lazzarotti and Mary Costigan discuss steps for businesses to take in the age of GDPR in "How the GDPR gives new meaning to established privacy and security principles," published by EVERFI. Subscription may be required to view article Read More

See AllPublications

March 11, 2019

New Jersey Bills Would Give Consumers Control Over Their Personal Data Privacy

March 11, 2019

New Jersey has joined a growing list of states considering legislation on data privacy to promote transparency, accountability, and individual choice. One bill would create new obligations for commercial entities whose online website or services collect personally identifiable information (PII) from individuals in New Jersey. A second... Read More

January 28, 2019

California Consumer Privacy Act: FAQs for Employers

January 28, 2019

Data privacy and security regulation is growing rapidly around the world, including in the United States. In addition to strengthening the requirements to secure personal data, individuals are being given an increasing array of rights concerning the collection, use, disclosure, sale, and processing of their personal information.... Read More

November 8, 2017

How Cybersecurity Lapses Hurt Auto Dealerships and What Dealerships Can Do

November 8, 2017

Automobile dealerships’ cybersecurity vulnerabilities can drive away customers, according to a survey by auditing firm Total Dealer Compliance. Automotive News said the survey of 200 dealerships in five states found that: Nearly 84 percent of consumers would not buy another car from a dealership that had a data security breach... Read More

See AllBlog Posts by Mary T. Costigan

New Jersey on the Forefront of Consumer Privacy and Security Law
March 11, 2019

Since the start of 2019, New Jersey has shown it is on the forefront of consumer privacy and security law. Last week we reported on Assembly Bill 3245 (AB 3245) that would enhance the state’s data breach notification requirements. Read More

The Status of the GDPR As the One-Year Mark Gets Closer
February 19, 2019

In honor of Data Privacy Day (Data Protection Day in Europe), the European Commission (“the Commission”) released a statement on the status of the EU’s General Data Protection Regulation (“GDPR”) which took effect on May 25, 2018. Read More

California Consumer Privacy Act: FAQs for Employers
January 29, 2019

Data privacy and security regulation is growing rapidly around the world, including in the United States. In addition to strengthening the requirements to secure personal data, individuals are being given an increasing array of rights concerning the collection, use, disclosure, sale, and processing of their personal information. Read More