Steven J. Bonafonte is co-chair of Pullman & Comley's Cybersecurity, Privacy & Infrastructure practice group and a member of the firm's Corporate and Business Department. Steve's practice includes providing general counsel services to corporate and government entities; special privacy counsel; advising on information technology and security contracts and policy; ethics and compliance and corporate governance; and anti-fraud and corporate internal investigations.
Steve is a Certified Fraud Examiner (CFE) and a Certified Information Privacy Professional (CIPP/US).
Previously, Steve served as managing corporate counsel and as the enterprise privacy and corporate compliance officer at a Fortune 100 financial services company, where he led a team of attorneys and other professional staff in managing global privacy practices and diverse corporate compliance initiatives.
Steve also developed legal anti-fraud protocols and directed major case investigations and filing of affirmative civil anti-fraud RICO litigation against suspected fraudulent medical providers and other organized ring activity. Prior to these roles, he provided principal legal counsel to several diverse internal business groups including Information Technology (internal compliance, vendor contracts), Marketing and Communications (legal review and compliance) and Global Sourcing (cross-border data transfer, business continuity).
Steve was appointed by the Chief Justice of the Connecticut Supreme Court as a representative member on the State of Connecticut's Commission on the Death Penalty, serving from 2001-2003. He also served as a member of the City of Hartford's Civilian Police Review Board from 2000-2002 and as the City of Hartford's human relations commissioner from 2000-2002.
Steve serves as the General Counsel of the Connecticut Chapter of the Association of Certified Fraud Examiners (ACFE) and is a member of the newly formed Connecticut Cybersecurity Task Force.
Provide special outside counsel to Fortune 500 insurance companies on anti-fraud and privacy/data sharing issues
Serve as special counsel to regional government entity and as member of statewide Cybersecurity task force to provide counsel on operational risks
Successfully defended against unfounded claims for unemployment benefits and provided counsel to clients on properly managing reduction-in-force issues and compliance with state and federal law regarding workforce management
Actively led data breach response team to include forensic examiners, technical consultants and communications strategy in response to data breach events
Negotiate and resolve regulatory investigations relating to privacy and data breach incidents
Negotiation of complex multi-year and multi-million dollar information technology service contracts and statements of work
Drafting and review of corporate compliance manuals and privacy compliance policies and procedures
Successfully negotiated resolution to insurance coverage dispute relating to policy language and coverage for investigation expense