Cynthia Larose

Cynthia Larose

Mintz Levin

Contact  |  View Bio  |  RSS

Latest Publications

Share:

5 Things Every Company's Data Security Program Should Include

If you don’t have to keep it, then don’t keep it. If you have to keep it, encrypt it....more

4/24/2014 - Cybersecurity Cybersecurity Framework Data Breach Data Protection Heartbleed Legal Perspectives Need to Know

State Data Security Breach Notification Laws

The general definition of “personal information” or “PI” used in the majority of statutes is: An individual’s first name or first initial and last name plus one or more of following data elements: (i) Social Security number,...more

4/24/2014

Get your updated Mintz Matrix!

As our readers know, we maintain a summary of the US state data breach notification laws, which we refer to as the “Mintz Matrix.” We update the Mintz Matrix on a quarterly basis, or more frequently if developments dictate....more

4/23/2014 - Breach Notification Rule Data Breach

Privacy & Security Bits and Bytes

There has been so much news swirling in the data privacy and security world in the last few days, that it has been difficult to keep up. We’ll give you a roundup here....more

4/21/2014 - Cloud Computing Cloud-Based Services Data Breach Debit and Credit Card Transactions Facebook Google Heartbleed Michaels Microsoft Network Security Notice Requirements Personally Identifiable Information

Privacy Tuesday – April 14, 2014: Heartbleed Headaches

Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more

4/15/2014 - Cybersecurity Data Breach Data Protection Heartbleed Internet Privacy

FTC Data Security Authority Confirmed, For Now: Wyndham’s Motion to Dismiss Denied

The FTC’s Claim - A New Jersey federal judge has confirmed the Federal Trade Commission’s (“FTC”) authority to regulate data security and bring claims against companies suffering data breaches due to inadequate...more

4/15/2014 - Cybersecurity Data Breach Data Protection FTC Wyndham

First Glance: Legal Implications of the Heartbleed OpenSSL Bug?

The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more

4/10/2014 - Cybersecurity Data Breach Data Protection Encryption First Glance Heartbleed HIPAA Legal Perspectives

Is Your HIPAA Compliance Program Going Out the Window with XP?

April 8, 2014 marks the end of Microsoft’s support for the Windows XP operating system, which means the end of security updates from Microsoft and the beginning of new vulnerability to hackers and other intruders into systems...more

4/9/2014 - Compliance Data Protection HIPAA Technology

Stop Phoning It in on Mobile Security: What Your Business Needs to Know About the FTC’s Settlements with Fandango and Credit Karma

If you’re like most Americans, you probably think that the worst thing that Fandango, the online movie ticket service, has ever done to you is make you watch those commercials with the creepy talking paper bags before your...more

4/4/2014 - Cybersecurity Fandango FTC Mobile Devices

Banks Withdraw Lawsuits Against Target and Trustwave

UPDATE to our story yesterday: In what apparently is a big “oops,” two banks that took legal action against Target over its recent data breach have withdrawn their claims. The suits were withdrawn due to an erroneous...more

4/2/2014 - Banks Data Breach Data Protection Target Trustwave

Privacy Monday – March 31, 2014 OPENING DAY!

Last Monday in March (Opening Day for you baseball fans) - some privacy/security bits and bytes to close out the month....more

3/31/2014 - Data Breach Privacy Laws Target

The Target Breach Update

It has been difficult to keep up with all the various permutations of the Target data breach saga. Yesterday, the fingerpointing continued in the form of the release of a Harris Poll and testimony on Capitol Hill at a...more

3/28/2014 - Cybersecurity Data Breach Data Protection Target

Privacy Monday – March 24, 2014

Welcome to March Madness — although if your brackets look anything like mine do this morning, it is not particularly “welcome.” Let’s just say that there is no danger of my winning Warren Buffet’s $1 billion....more

3/24/2014 - Data Breach Data Protection Privacy Laws

Privacy Monday – February 24, 2014

On this Privacy Tuesday: US Attorney General Puts Pressure on Congress for Data Breach Disclosures - Today, US Attorney General Eric Holder urged Congress to pass legislation requiring retailers to make...more

2/25/2014 - Data Breach Data Protection Disclosure Requirements Privacy Laws

“Sophisticated” Breach Exposes 300,000 Student Records at University of Maryland: 3 Questions You Should Ask

Officials at the University of Maryland (“University” or “UMD”) announced that UMD was the victim of a significant security breach that took place on Tuesday, February 18 (the “Breach” or “Incident”). The Incident,...more

2/21/2014 - Cyber Attacks Data Breach Data Protection Hackers Student Records Universities

A Guide to FDA Postmarketing Submission Requirements and Reporting Interactive Promotional Media

As part of existing FDA postmarketing reporting requirements, manufacturers, packers, and distributors that are FDA applicants or that act on behalf of FDA applicants (for simplicity, “Applicants”) are required to submit all...more

2/21/2014 - Advertising FDA Marketing Prescription Drugs

BNA Privacy and Security Law Report

Target Corp. announced Dec. 19, 2013, that it had discovered an intrusion that may have compromised approximately 40 million customer payment cards used at its U.S. stores from Nov. 27 to Dec. 15, 2013 (12 PVLR 2133,...more

1/29/2014 - Data Breach Data Protection Target

Data Privacy Day 2014

The “observance” of Data Privacy Day annually on January began in 2008. The National Cyber Security Alliance (NCSA) will be kicking off today’s events with a live stream of its press conference in Washington, DC. ...more

1/28/2014 - Cybersecurity Data Breach Data Protection

Look North, Marketers – Canadian Anti-Spam Law is Coming

The US CAN-SPAM Act is old hat for marketers in the US. But it is time to revisit email marketing compliance programs if you send email north of the US border. Canada’s anti-spam law (known as “CASL”) has been debated for...more

1/21/2014 - Anti-Spam Legislation CAN-SPAM Act Canada CASL Marketing Spam

To 8-K, or not to 8-K? For Target, that is indeed the question.

As anyone with a pulse and a computer, television or carrier pigeon knows, Target Corporation (NYSE: TGT) suffered a major data breach in December – the extent of which is still being uncovered – and pegs the latest number of...more

1/20/2014 - Cybersecurity Data Breach Data Protection Form 8-K Hackers Target

BREAKING NEWS: FTC Announces Major Settlement with Apple

Apple Agrees to Pay Consumers At Least $32.5 Million to Settle Complaint of Unfair Billing Related to Children’s In-App Charges - FTC Chairwoman Edith Ramirez just announced (press conference) that Apple, Inc....more

1/16/2014 - Apple Children's Products FTC Mobile Apps Unfair or Deceptive Trade Practices

Privacy Monday – January 13, 2014

These are busy times in the data privacy/security world. If Misery Loves Company, Target Has Friends - Target was not the only target of data thieves this holiday season. Reports over the weekend revealed that...more

1/14/2014 - CAN-SPAM Act Canada Cyber Attacks Cybersecurity Data Breach Data Protection FTC Privacy Laws Privacy Policy

The Number of The Day: 70 Million (at least)

The Target data breach story keeps getting worse. The December pre-Christmas disclosure was the theft of up to 40 million Target shoppers’ credit and debit card information in what appeared to have been a hack of the Target...more

1/10/2014 - Credit Cards Cybersecurity Cybertheft Data Breach Data Protection Debit Cards Personally Identifiable Information Target

Happy 2014!

After a brief hiatus for the holidays and our “12 Days of Privacy” series, we are back. We have had a series of late year — and new year — data breaches in the news. These latest incidents should prompt New Year’s...more

1/6/2014 - Cybersecurity Data Breach Data Protection Hackers Target

Collection of Email Addresses in Credit Card Transactions May Be Prohibited by California Law

The U.S. District Court for the Eastern District of California has held that the prohibition against requesting or requiring personal identification information in connection with credit card transactions contained in...more

12/11/2013 - Apple Class Action Consumer Protection Act Credit Cards Email Email Policies Internet Payments Internet Retailers Nordstrom Inc. Personally Identifiable Information Privacy Concerns Privacy Laws Retailers Song-Beverly Credit Card Act Williams-Sonoma

72 Results
|
View per page
Page: of 3