Cynthia Larose

Cynthia Larose

Mintz Levin

Contact  |  View Bio  |  RSS

Latest Publications

Share:

House Energy & Commerce Committee Holds Hearing on Security of the Internet of Things

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its...more

12/1/2016 - Cybersecurity Data Breach Distributed Denial of Service Internet of Things

The Cyber President? What To Expect From the Trump Administration On Cybersecurity And Privacy

Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were...more

11/17/2016 - Cybersecurity Cybersecurity Information Sharing Act (CISA) Data Security Donald Trump EU Data Protection Laws EU-US Privacy Shield Internet of Things Presidential Elections Trump Administration US-EU Safe Harbor Framework

California AG Guidance for the Ed Tech Industry: 6 Recommendations to Protect Student Data Privacy

Developers and operators of educational technology services should take note. Just before the election, California Attorney General Kamala Harris provided a document laying out guidance for those providing education...more

11/16/2016 - Data Collection Data Privacy Data Security Data Use Policies Privacy Policy Safeguards Rule Students Transparency

How did the Internet of Things allow the latest attack — on the Internet?

Over the last week, details have become available to explain how an attack against a well-known domain name service (DNS) provider occurred. What about the potential legal risks? We will attempt to provide insights into...more

10/28/2016 - Cybersecurity Denial of Service Attacks Domain Names Internet Internet of Things

FCC Adopts Controversial Broadband Privacy Regs

BREAKING NEWS – The FCC has voted 3-2 along party lines to require internet service providers (ISPs) to get a customer’s explicit consent before they can use or share what is termed “sensitive” personal information. ...more

10/28/2016 - Broadband Consent FCC Internet Service Providers (ISPs)

3 Guidelines to Maximize Value of Data

Imagine you are the CEO of company sitting across from an interviewer. The interviewer asks you the age old question, “So tell me about your company’s strengths and weaknesses?” You start thinking about your competitive...more

10/24/2016 - Cybersecurity Data Breach Data Collection Data Protection Data Security

Attorney General Kamala D. Harris Provides New Online Tool to Report California Online Privacy Protection Act (CalOPPA) Violations

It’s time for a compliance check on those website or mobile app privacy policies, before the California Attorney General comes knocking. Attorney General Kamala D. Harris has announced the release of a new tool for...more

10/20/2016 - Attorney Generals CalOPPA Kamala Harris Mobile Apps Online Privacy Protection Act Penalties Policy Violations Privacy Policy Websites

Three Steps to the Right Cloud for Your Business

The term “cloud computing,” — a process by which remote computers are used to store, manage and process data — is no longer an unfamiliar term. According to at least one estimate, “approximately 90 percent of businesses...more

10/4/2016 - Cloud Computing Cloud Storage Data Privacy Data Security Personal Data

TechConnect - Your Law Firm Link to Industry News - September 2016

Letter from the Editors - Dear Readers, The world of raising capital for emerging companies has experienced a revolution. Prior to the enactment of the JOBS Act in 2012, raising capital for private companies was...more

9/29/2016 - Capital Raising Crowdfunding Crowdsourcing Data Breach Data Security Dwolla E-2 Entrepreneurs FinTech Good Faith H-1B Innovation IPO JOBS Act Parole Privacy Laws Private Placements Public Offerings Rule 506 Visas

New York Proposes First-Ever Cybersecurity Regulation for Financial Institutions

The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches. ...more

9/19/2016 - Cyber Attacks Cybersecurity Data Breach Financial Institutions Financial Sector

Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way

As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile...more

9/6/2016 - Attorney Generals Breach Notification Rule Data Breach Data Security Encryption Personally Identifiable Information Safe Harbors Security Breach State Data Breach Notification Statutes State Legislatures

Eddie Bauer Latest Victim of POS Malware Attack

Last week the clothing retailer Eddie Bauer LLC issued a press release to announce that its point of sale (“POS”) system at retail stores was compromised by malware for more than six months earlier this year. The...more

8/23/2016 - Cybersecurity Data Breach Malware Point of Sale Terminals Retail Sales State Data Breach Notification Statutes

To Protect Data: Keep Your Network Access Close, and Your Vendors Closer

Two recent data breach incidents in the healthcare industry prove what readers of this blog have heard all too often: KNOW THY VENDORS....more

8/9/2016 - Cyber Attacks Data Breach HIPAA Hospitals Point of Sale Terminals Third-Party Risk Vendors

“Privacy Shield” Open For Business – Fees?

The certification forms for the new US-EU Privacy Shield Framework are now available online. What is not easily discernible in the workflow is the fee structure. One needs to refer back to the Federal Register’s...more

8/2/2016 - EU EU-US Privacy Shield Federal Register Fees International Data Transfers

FTC Plants A Flag With LabMD Ruling: What This Means for Enforcement

On Friday, the heads of the Federal Trade Commission overruled the decision of the Administrative Law Judge (“ALJ”) in In the Matter of LabMd., Inc. The FTC concluded that the ALJ had erred in dismissing the Commission’s case...more

8/1/2016 - Actual Injuries ALJ Corporate Counsel Data Security Enforcement Actions FTC FTC Act LabMD Risk Assessment Section 5 Unfair or Deceptive Trade Practices

EU-US Privacy Shield to Launch August 1, Replacing Safe Harbor

I. Introduction: Privacy Shield to Go Live August 1 (at Last) - The replacement for Safe Harbor is finally in effect, over nine months after Safe Harbor was struck down by the Court of Justice of the EU in the Schrems...more

7/25/2016 - Consent Data Protection Authority Data Security EU EU-US Privacy Shield European Commission European Court of Justice (ECJ) FTC International Data Transfers Notice Requirements Personal Data Surveillance U.S. Commerce Department US-EU Safe Harbor Framework

Pokémon Go in the Workplace: Oh Look There’s a Pikachu!

Did you know that the world is now inhabited by creatures called Pokémon? (Or maybe they’ve always been there?) Some run across the plains; others fly through the skies; and some live in the mountains….and some, yes, some,...more

7/21/2016 - Data Security Distracted Driving Employee Engagement Employee Handbooks Games Innovation Technology Video Games Workplace Communication Workplace Safety

FinTech Companies Face Big Privacy Challenges in 2016

According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more

7/20/2016 - CFPB Cybersecurity Data Breach Data Collection Data Privacy Data Security Dwolla FinTech FTC v Wyndham Hackers Personal Data Privacy Laws

Facebook v. Vachani – User Authorization Can Be Revoked By Service Providers

The U.S. Court of Appeals for the Ninth Circuit recently issued a decision that could have far reaching implications for the relationships between companies that provide online services, their customers or users, and third...more

7/20/2016 - Appeals Business Model CAN-SPAM Act Cease and Desist Computer Fraud and Abuse Act (CFAA) Content Aggregators Corporate Executives Facebook Personal Liability Social Networks Startups Terms of Use

EU Adopts Cybersecurity Directive: What US Companies Need to Know

Not all the news coming out of Europe these days is about Brexit. In fact, the forces of unity and harmonization remain a top priority for European regulators hoping to combat digital security threats and create a safer and...more

7/11/2016 - Amazon Cyber Incident Reporting Cyber Threats Cybersecurity Digital Service Providers Digital Single Market eBay EU European Commission Google International Harmonization Member State Multinationals Network and Information Security Directive Operators of Essential Services

Colorado Student Data Privacy Bill – What EdTech software providers need to know

Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to...more

6/28/2016 - Cybersecurity Data Collection Data Protection Data Security Educational Institutions Personally Identifiable Information Public Schools Software Student Privacy

OCR Warns of HIPAA Risks in Third-Party Apps

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more

6/22/2016 - Business Associates Covered Entities Data Protection Data Security Health Information Technologies HIPAA Mobile Health Apps OCR Risk Management Third-Party

“Interim” No More: DHS and DOJ Publish Final CISA Guidance on Cybersecurity Sharing

The Department of Homeland Security (DHS) and the Department of Justice (DOJ) have issued the long-awaited final procedures for both Federal and Non-Federal Entities under the Cybersecurity Information Sharing Act (CISA)...more

6/20/2016 - Cyber Threats Cybersecurity Cybersecurity Information Sharing Act (CISA) DHS DOJ Information Sharing Private Sector

Practice Fusion and FTC Settle Complaint Over Deceptive Statements About the Privacy of Consumer-Generated Online Content

Last week, the Federal Trade Commission (FTC) announced (press release) that Practice Fusion, the largest cloud-based electronic health company in the United States, has agreed to settle FTC charges over deceptive practices...more

6/20/2016 - Cloud Computing Disclosure Requirements EHR FTC Patient Confidentiality Breaches Privacy Policy Public Disclosure of Private Facts Unfair or Deceptive Trade Practices User-Generated Content

203 Results
|
View per page
Page: of 9

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×