Cynthia Larose

Cynthia Larose

Mintz Levin

Contact  |  View Bio  |  RSS

Latest Publications

Share:

Time to Step Up Your COPPA Compliance

The Federal Trade Commission (FTC) has made good on its promise to actively enforce the recently amended Children’s Online Privacy Protection Act (COPPA). Here is what you should know about the latest enforcement actions...more

9/26/2014 - COPPA Data Collection FTC Parental Consent Settlement TinyCo Yelp

Privacy Tuesday – September 2014

Happy autumnal equinox Home Depot Breach – By the Numbers: - 56 million cards at risk (compare to Target = 40 million) - $62 million in estimated costs (compare to Target =$146 million and...more

9/23/2014 - Business Associates Covered Entities Cybersecurity Data Breach HIPAA Home Depot OCR Proposed Legislation Same-Sex Marriage Target

Privacy Monday – September 2014

Back to school, back to traffic jams … back to Privacy Mondays! Our look at bits and bytes and goofs and gaffes in data privacy and security....more

9/8/2014 - Costco Cybersecurity Data Breach Health Care Providers Healthcare Home Depot Retailers Wal-Mart

Another day, another data breach…..DIYers, beware. This time it’s Home Depot.

It appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black...more

9/4/2014 - Credit Cards Data Breach Data Protection Home Depot

“Backoff” Update — More Widespread, PCI Council Issues Call to Action — If You Accept Credit Cards Via Point-of-Sale, You Need to...

Some weeks ago, we wrote a piece “What You Need to Know About Backoff Malware: The New Threat Targeting Retailers” . It’s apparently gotten worse. Any business utilizing point-of-sale (POS) terminals for “swiping” credit...more

8/28/2014 - Credit Cards Cybersecurity Data Protection Point of Sale Terminals Retailers

Privacy Tuesday: August 2014 #2

There is another retail data breach to talk about in this Privacy Tuesday post – privacy & security bits and bytes to start your week....more

8/19/2014 - AOL Data Breach Debit and Credit Card Transactions Do Not Track Grocery Stores PCI Retailers

Privacy Tuesday – August 2014

We are just two Mondays away from Labor Day, the traditional end of summer in the United States. Here are some privacy tidbits to get your week started. See especially Jake Romero’s piece on the new Delaware data...more

8/12/2014 - Cybersecurity Data Breach Data Retention Document Destruction FCRA Gramm-Leach-Blilely Act Hackers HIPAA Personally Identifiable Information Russia

The Great Russian Internet Heist – What Now?

A breach of this nature is reportable under the breach notification laws in both California and Florida, as recently amended: “Personal Information” includes user name or email address, in combination with a password or...more

8/7/2014 - Cybersecurity Data Breach Data Protection First Glance Personally Identifiable Information Popular Russia

Privacy Tuesday: July 2014 #3

We are now officially in the throes of “midsummer” on this Privacy Tuesday. And, on occasion in the data privacy world, we agree with Will Shakespeare’s words….“Lord, what fools these mortals be!”...more

7/22/2014 - Data Protection Privacy Laws

Privacy Tuesday - July 2014

There are quite a few privacy-related things taking effect July 1. Some reminders: Florida Amendments to Data Breach Notification Law - The Florida Information Protection Act of 2014 (“FIPA”) takes effect...more

7/1/2014 - Canada CASL Cybersecurity Data Breach FIPA Notice Requirements Privacy Policy

Making Use of Social Media: FDA Releases Two Draft Guidelines on the Use of Social Media Platforms by Drug and Device...

The Food and Drug Administration (FDA) has released two long-awaited draft guidance documents for the drug and device industries revolving around the use of social media platforms by drug and device manufacturers —...more

6/27/2014 - Advertising Draft Guidance FDA Medical Devices Pharmaceutical Prescription Drugs Social Networks

Privacy Tuesday – June 2014 #2

DC Update from Politico Morning Tech - “DATA BREACH DRAFT DELAYED – The thorny issue of FTC enforcement has slowed efforts to release a draft of Rep. Lee Terry’s data breach bill, according to sources close to the...more

6/24/2014 - Data Breach Enforcement FTC Internet Retailers Proposed Legislation Retailers

Privacy Wednesday

What’s that old saying … “a day late and a dollar short?” Here is our Privacy Monday roundup … on Wednesday. Office for Civil Rights HIPAA Crackdown? The Office for Civil Rights (OCR) — the enforcement arm of...more

6/18/2014 - HHS HIPAA Hospitals OCR Patient Privacy Rights Privacy Laws Risk Assessment Settlement

Privacy Tuesday: June 2014

Welcome to another week, and our Privacy Tuesday look at top issues. California Attorney General Puts the Focus on the Consumer - As we have discussed, the California Online Privacy Protection Act was amended,...more

6/10/2014 - CalOPPA Data Collection Data Protection Heartbleed Privacy Policy Right to Privacy

Making Privacy Practices Public: the California Attorney General’s New Guidelines Keep the Focus on the Consumer’s Perspective and...

In 2013, the California Online Privacy Protection Act (CalOPPA) was amended to require web sites and other online services to make additional privacy policy disclosures related to online tracking transparency. Within the...more

6/6/2014 - CalOPPA Data Protection Disclosure Requirements Do Not Track Internet Privacy Policy Websites

Privacy Tuesday – June 3, 2014

The first Tuesday in June is also the first Tuesday of meterological summer -and a welcome sight after a brutally-long winter for many of our readers. So, here’s to a happy Summer! Google Receives 12,000 Take-Down...more

6/3/2014 - Cybersecurity Data Protection Facebook Google HIPAA Internet Search Engines WhatsApp

Privacy Tuesday – May 13, 2014

Another busy week in the privacy/security world. We have some bits and bytes to start your week: Verizon 2014 Data Breach Investigation Report – Something Old, Something New - Verizon is out with its 2014...more

5/13/2014 - Anti-Spam Legislation Canada Data Breach Notification Proposed Legislation Verizon

SEC Cybersecurity Initiative: Five Steps ALL Broker-Dealers and Investment Advisers Should be Taking

Last week, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing its Cybersecurity Initiative....more

5/6/2014 - Broker-Dealer Cyber Attacks Cyber Insurance Cybersecurity Cybersecurity Framework Data Breach Data Protection Identity Theft OCIE Red Flags Rule SEC

Privacy Monday: Cinco de Mayo, 2014

Happy Cinco de Mayo! Breaking news this Privacy Monday: The fallout from the massive Target Corporation data breach continues. This morning, the Target board announced that Chief Executive Officer Gregg Steinhafel...more

5/5/2014 - AOL Cybersecurity Data Breach Debit and Credit Card Transactions Sally Beauty Target

Minnesota Proposes Expansive Amendment to Data Breach Notification Law

Two days ago, we heard that Target Corporation has brought in an information security heavy hitter to oversee the company’s post-breach data security and technology operations. Now we learn that its home base of operations,...more

5/2/2014

Privacy Tuesday

For the last Tuesday in April, we have a few privacy and security bits and bytes to start your week. Trending Now – 5 Things Every Company’s Data Security Program Should Include... ...more

4/29/2014 - Amazon Cisco Core Infrastructure Cybersecurity Facebook Google Heartbleed IBM Intel Microsoft Open Source Initiative

5 Things Every Company's Data Security Program Should Include

What's the one thing every company's data security program must include? That's the question we put recently to experts in the field, knowing that, especially after Heartbleed, the diversity of responses would create an...more

4/24/2014 - Corporate Counsel Cybersecurity Cybersecurity Framework Data Breach Data Protection Heartbleed Legal Perspectives Need to Know

State Data Security Breach Notification Laws

The general definition of “personal information” or “PI” used in the majority of statutes is: An individual’s first name or first initial and last name plus one or more of following data elements: (i) Social Security number,...more

4/24/2014 - Breach Notification Rule Data Breach Data Protection

Get your updated Mintz Matrix!

As our readers know, we maintain a summary of the US state data breach notification laws, which we refer to as the “Mintz Matrix.” We update the Mintz Matrix on a quarterly basis, or more frequently if developments dictate....more

4/23/2014 - Breach Notification Rule Data Breach

Privacy & Security Bits and Bytes

There has been so much news swirling in the data privacy and security world in the last few days, that it has been difficult to keep up. We’ll give you a roundup here....more

4/21/2014 - Cloud Computing Cloud-Based Services Data Breach Debit and Credit Card Transactions Facebook Google Heartbleed Michaels Microsoft Network Security Notice Requirements Personally Identifiable Information

93 Results
|
View per page
Page: of 4