Find Lawyers

Craig A. Hoffman
Partner

v-card

Cincinnati
312 Walnut Street
Suite 3200
Cincinnati, OH 45202-4074

T 513.929.3491
F 513.929.0303

Admissions

  • U.S. Court of Appeals, Sixth Circuit
  • U.S. District Court, Southern District of Ohio
  • Kentucky, 2008
  • Ohio, 2002

Education

  • J.D., University of Cincinnati College of Law, 2002
  • B.A., University of Cincinnati, 1999

Craig A. Hoffman

Craig Hoffman focuses his practice on complex business disputes, as well as data privacy, information security and social media. Mr. Hoffman has successfully represented a variety of interests in complex commercial litigation matters in state and federal courts, including contract disputes, construction delay claims, insurance coverage and premises and product liability claims. He has also represented companies in class action litigation arising from data breaches and alleged violations of federal privacy laws and regulations.

Mr. Hoffman regularly counsels clients on notice obligations, remediation strategies and risk avoidance in connection with data breach incidents involving personal information and cardholder data. He is experienced in managing all aspects of incident response—from working with internal resources and external forensic experts to contain and remediate the intrusion, to minimizing reputational harm, to mitigating potential liability. He also helps companies identify, evaluate and manage risks associated with privacy and information security practices. In breaches involving payment card data, Mr. Hoffman guides clients through the PCI DSS revalidation process, while working to minimize assessments and fines by the card brands.

Mr. Hoffman conducts privacy assessments to determine the scope of a company’s legal obligations regarding personally identifiable information under its control and the company’s compliance with those obligations. He also helps companies develop appropriate written information security programs. Mr. Hoffman advises companies involved in transactions on privacy, security and social media issues, including due diligence and drafting appropriate representations and warranties.

In addition, Mr. Hoffman works with companies to develop successful advertising and marketing campaigns, from creating website privacy and terms of use policies, to compliance with FTC and self-regulatory guidelines, to contests and sweepstakes.

Mr. Hoffman serves as the editor of BakerHostetler’s Data Privacy Monitor blog, providing commentary on developments in data privacy, security, social media and behavioral advertising.

Representative Experience

  • Led data breach response teams following network intrusions at manufacturers, retailers and third-party service providers where personal and financial information of millions of individuals were at risk.
  • Member of trial team that pursued delay damages against a subcontractor on behalf of a commercial developer and general contractor
  • Participated in due diligence and contract drafting with buyer’s counsel for the acquisition of a social media company
  • Pursued claims on behalf of a buyer against a seller for breach of representations and warranties following a data breach
  • Member of trial team that obtained a $163 million settlement of False Claims Act and fraud claims against a pharmacy benefit manager
  • Obtained injunctive relief on behalf of a staffing company precluding a start-up staffing company from operating
  • Successfully obtained the dismissal of a product liability complaint over an exploding tire at the close of the plaintiff’s case
 

Publications

  • “Facial Recognition: The End of Privacy or a Precursor for New Laws?” Cincinnati Bar Association Report (December 2011)
  • “Preventing Leaks: Why Data Security, Privacy Matter,” Cincinnati Bar Association Report (March 2011)
  • “Catching Up on Cloud Computing,” www.dataprivacymonitor.com (March 14, 2011)
  • “Noteworthy Data Privacy and Security Events in 2010,” www.dataprivacymonitor.com (December 31, 2010)
  • “Scrutiny Intensifies Over Mortgage Foreclosures,” Dayton Business Journal (September 21, 2007) and Columbus Business First (November 21, 2007)
  • “State Looks to Stem the Tide of Foreclosures,” Dayton Business Journal (April 20, 2007)

Honors / Awards

  • Ohio Super Lawyers “Rising Star” (2009 to 2012)
  • Dayton Business Journal’s “Forty Under 40” (2008)

CLE/Webinars/Seminars

  • “Effective Data Breach Incident Response,” Ohio CISO Executive Summit (June 2012)
  • “Network Security and Privacy Law: A Rapidly Developing Liability Landscape,” Webinar (March 2012)
  • “Data Security and Cyber Liability Update,” LexisNexis Webinar (November 2011)
  • “Are You Ready for a Data Breach?” BakerHostetler CLE (October 2011)

Mr. Hoffman is a member of the Ohio State, Cincinnati and Kentucky Bar Associations, and was a member of Class XIV (2010) of the Cincinnati Academy of Leadership for Lawyers. Prior to joining BakerHostetler, Mr. Hoffman clerked for U.S. Department of Labor Administrative Law Judge Thomas F. Phalen.

Articles
3/26/2013 Hoffman’s Article Details Risks Faced by Merchants When Outsourcing Credit Card Processing
7/18/2012 Hoffman’s Executive Alert Featured in Law360 Expert Analysis Section
12/8/2011 Hoffman Publishes “Facial Recognition: The End of Privacy or a Precursor for New Laws?” in CBA Report

News
12/19/2012 BakerHostetler and The E.W. Scripps Company Win “Sector Deal of the Year”
12/7/2012 173 BakerHostetler Attorneys Named 2012 Super Lawyers; 55 Named Rising Stars
5/11/2012 Hoffman to Speak at Preeminent Conference for IT Security Executives
1/17/2012 Baker Hostetler Announces New Partners
12/31/2011 2011 Super Lawyers Announced

Executive Alert / Newsletters
9/25/2012 NLRB Decision Finds Social Media Provisions Unlawful
7/12/2012 Internet Banking Authentication Security Procedures Found Commercially Unreasonable
4/23/2012 Maryland First to Enact Employee Social Media Credential Ban
1/3/2012 California's Privacy Class Action Litigation Du Jour: "Shine the Light" Law
11/29/2011 Will the Driver's Privacy Protection Act Fuel the Next Wave of Class Actions Against Retailers?
10/26/2011 SEC Issues Guidance on Cyber-Risk Disclosure
8/4/2011 Health Law Update—August 4, 2011
7/21/2011 Health Law Update—July 21, 2011
7/14/2011 Focus on HIPAA
7/6/2011 Restrictions on Commercial Advertising Speech in Vermont Data Mining Law Violate First Amendment

Quotes
1/7/2013 Hoffman Tells Law360 Supreme Court Likely to Bar Access to Driver’s Info
5/21/2012 Hoffman Comments on Dwolla’s Viability as Banks’ Bitcoin Influence Rises in Bank Technology News
2/13/2012 Hoffman Discusses Facebook’s Privacy and Cyber Security Disclosures on LXBN TV
11/23/2011 Dark Reading Quotes Hoffman’s Data Privacy Monitor Blog Post
9/23/2011 Hoffman Comments on Cyber Security Legislation in Columbus C.E.O. Magazine
8/8/2011 Law 360: Hoffman Comments on Lack of Enforcement Surrounding DOC Privacy
8/1/2011 Cincy: Cyber Risk on the Rise: Cyber liability insurance protects against expensive data loss or theft