Michael E. Fitzgerald

He | Him | His

Associate

Philadelphia
T +1.215.564.2740
F +1.215.568.3439

Overview

Focusing his practice on digital risk and cybersecurity issues, Michael Fitzgerald manages data privacy and security incidents on a daily basis. Working with clients across various industries, he offers a practical perspective to ensure that each incident response is tailored to meet the needs of his clients.

Michael assists clients through all stages of data security events from the initial breach response and investigation to notification and regulatory inquiries, treating each incident as a unique situation that requires individualized solutions. When a data breach occurs, he directs forensic investigations and guides clients through post-event analysis and response. He also works with clients to satisfy any notification duties created by a data event and respond to any subsequent regulatory inquiries.

Additionally, Michael advises clients on the interpretation of applicable state, federal and international data privacy laws. He works closely with clients to proactively assess institutional cyber risks and develop privacy and information security policies.

Select Experience

  • Counseled clients in data privacy matters involving data breaches, business email compromises, malware/ ransomware, network intrusions, inadvertent disclosure, theft and third-party vendor breaches.
  • Past clients include municipalities, educational institutions, multinational corporations, insurance companies, health care providers, accountants, retail merchants, utilities and financial institutions.
  • Organizes and coordinates all aspects of breach response, including assisting clients with mitigation efforts, selecting vendors, managing and directing forensic investigations and preparing the requisite notification communications such as individual notification, regulatory notification and media statements.
More »

Experience

  • Counseled clients in data privacy matters involving data breaches, business email compromises, malware/ ransomware, network intrusions, inadvertent disclosure, theft and third-party vendor breaches.
  • Past clients include municipalities, educational institutions, multinational corporations, insurance companies, health care providers, accountants, retail merchants, utilities and financial institutions.
  • Organizes and coordinates all aspects of breach response, including assisting clients with mitigation efforts, selecting vendors, managing and directing forensic investigations and preparing the requisite notification communications such as individual notification, regulatory notification and media statements.
  • Conducts security training and tabletop exercises to build awareness and help companies prepare to effectively and efficiently manage data security threats and incidents.
  • Represented multiple clients in connection with payment card network liability assessments following payment card security incidents.
  • Represented an insurance company in connection with an incident resulting in notifications to over 5.8 million individuals and regulators in over 30 states.

Recognitions and Memberships

Memberships

  • Pennsylvania Bar Association
  • Philadelphia Bar Association

Admissions

  • U.S. District Court, Eastern District of Pennsylvania
  • Pennsylvania

Education

  • J.D., Syracuse University College of Law, 2015
  • B.A., The Catholic University of America, 2009

Blog

In The Blogs

Previous Next
Data Counsel
New EDPB Draft Guidance Provides Practical Scenarios for Data Breach Notification Analysis Under the GDPR
By Michael E. Fitzgerald, Benjamin D. Wanger
February 19, 2021
In certain cases, the General Data Protection Regulation (GDPR) requires entities that experience a personal data breach to provide notice of the incident to relevant national supervisory authorities and the individuals whose personal data...
Read More ->