Gregory Bautista Partner




Gregory Bautista, as co-chair of Wilson Elser’s Cybersecurity & Data Privacy practice and a member of the Information Governance Leadership Committee, has embraced the concept of information governance, which melds the disciplines that exist in all businesses into a powerful enterprise-wide strategy. Greg is an experienced civil litigator with a focus on data breach response and e-discovery matters and has earned the designation of U.S. Certified Information Privacy Professional (CIPP/US) from the International Association of Privacy Professionals (IAPP). He is keenly aware of the growing importance of helping clients to develop and implement data security risk management measures related to the receipt and use of highly sensitive and confidential data.

Greg is a contributing editor to Wilson Elser’s ESI Case Law Update, an annual compendium of cases dealing with issues and developments surrounding electronically stored information. In addition, Greg serves as an adjunct professor at Pace University School of Law.

Areas of Focus

Cybersecurity & Data Privacy / Risk Management

Data Breach Response and Defense
Greg leads Wilson Elser’s Cybersecurity & Data Privacy breach response team, providing 24/7 counseling to effectively and efficiently respond to data breaches while protecting each client’s business and reputation. He has counseled clients through a multitude of data breach incidents impacting all types of organizations, including e-commerce, hospitality and health care organizations; financial institutions and professional services firms; and educational institutions, public utilities and nonprofit organizations.

He advises clients on their legal notification obligations under state, federal and international laws and industry professional standards and through contractual relationships. Greg also interacts with clients' information technology support teams and engages forensic investigators to investigate the scope and nature of an incident and help ensure that recommendations for remediation are appropriate and investigations are handled efficiently to address the threat posed to clients’ systems and data.

Greg regularly represents clients in regulatory investigations brought by various state and federal regulators. He also represents clients when third-party claims are asserted arising from data breach events, including single-plaintiff and class-action lawsuits.

Cyber Risk Management
Greg advises clients on data privacy and security risks and assists them in developing privacy policies and incident response plans; he also assists clients in practicing established plans through tabletop exercises. Greg helps to identify how risk can best be reduced or eliminated and assists clients in acting on the resulting objectives, which frequently include putting appropriate systems and protocols in place and conducting employee training. He routinely advises clients on compliance with PCI Data Security Standards, HIPAA, New York State Department of Financial Services Cybersecurity Regulation, NAIC Insurance Data Security Model Law, and the EU General Data Protection Regulation (GDPR).

Information Governance
In counseling his clients in the realm of information governance, Greg includes the processes, roles, standards and metrics that help ensure the effective and efficient use of information and the protections necessary for an organization to meet its goals. Emphasizing accountability, Greg recommends a hierarchy that fortifies defenses against risk while allowing the organization to obtain full value from its information resources. This break from compartmentalized thinking is, he believes, the next step in the evolution of sound information management.

Electronic Discovery
Greg provides his clients with knowledge and guidance on e-discovery matters, including case- and client-specific advice about meeting preservation obligations as well as “meet and confer” obligations and addressing e-discovery matters with the court. Greg also delivers cost-efficient strategies for data preservation, collection, review and production and helps clients to develop and implement document retention policies and practices.

Accountants / Class Action Defense
Greg handles complex matters involving professional liability, particularly in the accounting field. He provides comprehensive legal services to accountants and related professionals, including business managers and consultants. Greg offers advice and representation in connection with litigation, risk management, regulatory investigations, commercial negotiations, and partnership and practice issues. He is experienced in class action litigation, from removal under the Class Action Fairness Act, to motions to dismiss, class certification proceedings, discovery, trial, settlement, and appeal. Greg leverages Wilson Elser’s considerable litigation experience, national footprint and cutting-edge technologies to handle these matters quickly and efficiently.