Home > People > James Shreve

James Shreve


312 580 5087 direct

Washington, D.C.
312 580 5087 direct

Jim serves as a trusted advisor to clients facing complex cybersecurity and privacy issues — particularly those in the country's most highly regulated industries. He is the chair of Thompson Coburn's Cybersecurity group, was named a Fellow of Information Privacy, and holds CIPP/US and CIPT certifications from the International Association of Privacy Professionals.

Jim advises all types of companies on the myriad legal concerns surrounding confidential information and how such information is stored and transmitted. Applying the law to rapidly changing technology and software capabilities, Jim provides clients with a profile of their potential risk, then works closely with executive leadership, legal, IT, and compliance information security teams to develop a comprehensive and practical plan for risk avoidance and responding to cyber and data-related issues.

Should a company face a security breach, Jim draws on his years of experience handling thousands of incidents to counsel clients through every step of cyber and information security incidents, including notification, reporting, and all associated state, federal, and global regulatory requirements.

Jim helps clients develop robust and responsive security and privacy policies and governance documents, meet applicable data safeguarding requirements, and implement compliance programs.

A recognized thought leader in the fields of cybersecurity and privacy, Jim has presented on a variety of in-the-news cybersecurity topics for industry organizations and associations, including the RSA Conference, the International Association of Privacy Professionals, the ABA and the Mortgage Bankers Association.

Data Breach Response

Successfully assisted clients through thousands of data security incidents, including interactions with federal, state, and foreign agencies, forensic investigations, consumer notifications, and remedial steps following any incident.

Regulatory Advice

Guides client responses to regulatory inquiries, investigations, and enforcement actions relating to privacy, information security, or cybersecurity issues.

Coordinates with a broad range of financial institutions, including banks, Securities and Exchange Commission (SEC)-regulated entities, mortgage lenders or servicers, or service providers to financial institutions in meeting bank-level security expectations of regulators or business partners. Jim also counsels entities working with financial institutions and who must meet the more stringent security requirements of the financial industry.

Fintech Experience

Advises new and expanding fintech companies regarding the application of privacy and security to new technologies and business models as well as related financial services requirements, such as payments standards, anti-money laundering compliance, and licensing.


Proposed federal privacy bills exceed even California’s CCPA requirements in some respects

Blog Browse: Higher education should pay attention to the CCPA

Higher education should pay attention to the CCPA

What businesses need to know about the Attorney General’s proposed CCPA regulations

California ballot initiative would further strengthen the state’s consumer privacy laws

Examining the six amendments to the CCPA awaiting Governor Newsom’s signature

Ransomware attacks: What higher education institutions need to know

BIPA litigation offers no legislative reprieve to employers – yet

‘Aggrieved Persons’ can bring suit under Biometric Information Privacy Act

Pennsylvania Supreme Court provides new route for data security breach plaintiffs


Preparing for the California Consumer Privacy Act: Practical Ways to Mitigate Risk and Develop Litigation Defenses

Colleges Held for Ransom: Responding to a Ransomware Attack