Gregory Bautista

1266 E. Main Street, Soundview Plaza, Suite 700R
Stamford, CT 06902

Office: (267) 930-1509


Quinnipiac University School of Law
Juris Doctor

Quinnipiac University
Master of Business of Administration

Colgate University
Bachelor of Arts


  • Connecticut
  • U.S. District Court for the District of Connecticut
  • New York
  • U.S. District Court for the Eastern District of New York
  • U.S. District Court for the Southern District of New York

Practice Areas

Professional Memberships

  • International Association of Privacy Professionals (IAPP)


  • U.S. Certified Information Privacy Professional (CIPP/US)

Gregory Bautista, a Partner at Mullen Coughlin, is an experienced cybersecurity attorney and civil litigator. With deep knowledge about the unique and evolving data privacy and security landscape, Greg is routinely sought after by organizations for advice on data privacy and security issues.  

Over the last decade, Greg has counseled hundreds of organizations through the response and investigation into all types of data privacy and security incidents, providing a steady and guiding hand during their most difficult days as they navigate through the recovery, investigation and communication of the incident to protect their business’ financials, data and reputation. 

Greg also counsels organizations in responding to inquiries from state and federal regulators, including various state Attorneys Generals; insurance commissioners; the U.S. Department of Health and Human Services (HHS); the U.S. Department of Education; the Federal Trade Commission (FTC); and the New York Department of Financial Services (NYDFS). He also assists organizations on their data privacy and information security compliance, providing pre-incident Advisory Compliance services such as incident response planning and tabletop exercises.  

Greg’s clients primarily include small- to mid-size organizations representing a wide range of industry group sectors, including professional services; financial services & insurance; healthcare and life sciences; manufacturing and distribution; retail/e-commerce; hospitality and entertainment; public entities; education; and non-profit.  

Greg is a Certified Information Privacy Professional/United States (CIPP/US) and a member of the International Association of Privacy Professionals (IAPP). In 2017, Greg was recognized as a 40 Under 40 Rising Star by the Business Council of Westchester. 

Prior to joining Mullen Coughlin, Greg was the Chair of his former firm’s Cybersecurity & Data Privacy Practice.


  • Counseled a large data collector through an incident that impacted the security of customer information, coordinating notification to thousands of customers and their data subjects
  • Counseled a large health insurance vendor through the investigation and reporting of a potential data breach impacting millions of patients, resulting in the closure of all regulatory investigations with no fines or penalties
  • Advised a national resort chain through a ransomware incident that impacted multiple properties across the United States and Canada
  • Provided counsel to a large law firm through an incident that impacted the security of client information and provided guidance on disclosure obligations to clients and opposing parties 


  • “Municipal Cybersecurity Update,” Massachusetts Municipal Association’s (MMA) 2024 Annual Meeting and Tradeshow, Boston, MA, January 19, 2024
  • “Cyber Insurance Demystified: A Small Business’s Guide to Coverage,” TechSolutions, Inc. Lunch & Learn, Wilmington, DE, October 11, 2023
  • “Public Entities and Cyber,” Safety National Webinar, Virtual, August 31, 2023
  • “Ransomware and Trends,” intouchLive Cybersecurity and Data Privacy Symposium, New York, NY, July 14, 2023
  • “Don’t Take the Bait: Lawyer’s Guide on Phishing in 2023,” Law & Forensics, Virtual, June 7, 2023
  • “Demystifying Cyber Insurance,” ALM LegalWeek, New York, NY, March 22, 2023
  • “Strengthening Your Municipal Cybersecurity Program and Incident Response Planning,” Massachusetts Municipal Association’s (MMA) 2023 Annual Meeting and Tradeshow, Boston, MA, January 20, 2023
  • “Security Threats and Trends,” 2022 NetDiligence Cyber Risk Summit, Hamilton, Bermuda, November 17, 2022
  • “Incidentally Informed – Compliance Issues in Ransomware Claims, and The Pitfalls,” CyberClan Webinar, Virtual, September 29, 2022
  • “Cyber Insurance: Trends, Threats & Opportunities,” 2022 InsurTech Hartford Symposium, Hartford, CT, April 26, 2022
  • “We Have a Privacy Policy in Place. Are We Compliant?,” ALM Legalweek, New York, NY, March 9, 2022
  • “Cybersecurity Training for Executives,” Massachusetts Mayors’ Association’s December Conference, Chatham, MA, December 8, 2021
  • “Proactive Cyber Security Risk Mitigation Strategies,” NCPERS Fall Conference, Scottsdale, AZ, September 26, 2021
  • “Strategies for Securing Your Law Firm and Vendors Post Solar Winds,” Lexeprint, Inc., Virtual, April 14, 2021
  • “Preventing and Responding to Ransomware Attacks,” Argosy Capital, Virtual, April, 13, 2021
  • “Cybersecurity: What Municipalities Need to Know Now,” Massachusetts Municipal Association’s (MMA) 2020 Annual Meeting and Tradeshow, Boston, MA, January, 2020
  • “GDPR Update,” NetDiligence, Santa Monica, CA, October 2019
  • “Applying E-Discovery and Forensic Techniques to Incident Response,” NetDiligence, Philadelphia, PA, June 2019



  • Business Council of Westchester 40 Under 40 Rising Star (2017)