BREACH HOTLINE
844-885-1574

Professionals

P McGurkin

Paul T. McGurkin, Jr.

Partner
426 W. Lancaster Avenue, Suite 200
Devon, PA 19333

Office: (267) 930-4788

Education

Temple University Beasley School of Law
Juris Doctor, 2007, cum laude

The University of Tampa
Bachelor of Arts, Government & World Affairs, 2003, magna cum laude

Admission

  • Pennsylvania
  • U.S. District Court for the Eastern District of Pennsylvania
  • New Jersey

Practice Areas

Paul McGurkin is a Partner with Mullen Coughlin and focuses exclusively on assisting clients prepare for and respond to data privacy and security incidents and breaches, including subsequent regulatory investigations and inquiries. After a data security and privacy incident occurs, Mr. McGurkin assists clients in determining the applicable laws that govern their notice obligations and ensures compliance with such obligations.

Paul also regularly assists clients in preparing for potential incidents by planning and hosting tabletop exercises which practice breach response procedures. He also counsels organizations in regulatory compliance related to the Health Insurance Portability and Accountability Act (HIPAA), payment card industry standards (PCI-DSS) and the New York State Department of Financial Services (DFS).

REPRESENTATIVE MATTERS

  • Assisted a background check company investigate the theft of an employee laptop, notify its customers and individuals who applied for a job with the company whose information was on the laptop and respond to state attorney general inquiries in multiple states due to the event
  • Counseled multiple online retailers in the investigation and response to payment portal compromises; notified affected customers and successfully responded to investigations launched PCI-DSS regulators
  • Assisted a large business services company in investigating data theft from its environment while notifying impacted business partners and individuals whose information was hosted by the entity
  • Counseled school districts impacted by ransomware by directing forensic investigations, drafting communications to the community and media and confirming what, if any, notification obligations the event implicates
  • Assisted multiple hospitals in responding to ransomware events that caused all computers and servers to be inoperable
  • Assisted multiple medical providers and its Business Associates respond to investigations launched by the Department of Health and Human Services, Office of Civil Rights (HHS-OCR)

SPEAKING ENGAGEMENTS & PRESENTATIONS

  • “We Are Under a Cyber Attack: How to Prevent From Becoming a Victim,” Brown & Brown Insurance of Pennsylvania, Virtual, July 13, 2021
  • “Tales from the C-Suite: Protecting Corporate Assets & Cyber and Management Liability (D&O) Insurance,” Biocom California, Virtual, June 22, 2021
  • “Legal Panel,” Mid-Atlantic Gigabit Innovation Collaboratory, Inc. (MAGIC) Business Risks 2020 Conference, Virtual, November 16, 2020
  • “Cyber Security | What Happened and What Do We Do Now?,” Temple University Lifelong Webinar Series, Virtual, September 23, 2020
  • “New Business Models in Insurance,” InsurTech Conference, Philadelphia, PA, November 29, 2018
  • “How to Handle a Ransomware Matter,” Wayne, PA, June 6, 2018
  • “Data Breach! What to Do Now,” Fraud Prevention Institute for Employee Benefit Plans, Boston, MA, July 12, 2018
  • “How to Handle a Ransomware Matter,” Wayne, PA, May 30, 2018
  • “Cyber Extortion Event – Ransom Payment & Bitcoin,” International Insurer Cyber Security Roundtable, October 12, 2017