Melissa J. Krasnow

Melissa J. Krasnow

Partner, VLP Law Group LLP

Contact Info

VLP Law Group LLP
Minneapolis, MN

www.vlplawgroup.com

Background

Melissa Krasnow writes on cyber and privacy risk and insurance issues for IRMI.com.

Ms. Krasnow is a partner in Minneapolis at VLP Law Group LLP, whose practice encompasses the following.

Privacy, data security, big data, and artificial intelligence/chatbots
- The Health Insurance Portability and Accountability Act, Family Educational Rights and Privacy Act, financial services regulatory laws, state laws, EU General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard, National Institute of Standards and Technology, Controlling the Assault of Non-solicited Pornography and Marketing Act, and Telephone Consumer Protection Act
- Data breaches and crisis situations, including preparation that involves written information security programs (e.g., organizational and employee); US, Canada, and GDPR incident response plans; and tabletop exercises
- Advice to boards of directors and senior executives (e.g., privacy, data security, and technology)
- Cyber-liability insurance policy review
- Privacy policies and terms (including those regarding the GDPR, California Consumer Privacy Act, geolocation, big data, and artificial intelligence/chatbots)
Technology transactions
- Master services agreements (e.g., cloud, communications, email and text messages,
  laboratory services, telecommunications, security, and payment services)
- Non-disclosure agreements
- Business associate agreements
- Data license agreements/big data initiatives
- GDPR data processing agreements
Mergers and acquisitions

Ms. Krasnow serves as a Bloomberg BNA editorial advisor and an Advisory Board member for the International Association of Privacy Professionals.

She also is a Certified Information Privacy Professional/US and a board leadership fellow of the National Association of Corporate Directors.

Ms. Krasnow holds a bachelor of arts degree in Chinese studies and political science from Wellesley College and a juris doctor from Northwestern University School of Law. She also attended the University of British Columbia.

Expert Commentary

Date	Article
Apr 2018	Nevada Passes New Privacy Notice Law
Mar 2018	Application of EU's General Data Protection Regulation
Jan 2018	State Breach Notification Laws: Personal Information Definition
Dec 2017	Changes in State Breach Notification and Security Procedures Laws
Sep 2017	Business Associate Agreement Requirements and Negotiated Provisions
Feb 2017	Cyber-Security Event Recovery Plans
Jan 2017	Guidance on Ransomware
Aug 2016	Target Cyber-Attack Directors and Officers Litigation
May 2016	Changes in State Breach Notification and Security Procedures Laws
Mar 2016	CFPB Issues First Data Security Action
Aug 2015	Revisiting Privacy Policies and Practices in Light of Delaware Law
Jun 2015	State Breach Notification Laws Continue To Change
May 2015	Guidance for Incident Response Plans
Feb 2015	Board Oversight of Cyberrisks: Directors and Officers Litigation
Oct 2014	California Privacy Laws Change: Identity Theft Prevention and Mitigation Services
Aug 2014	Changes in State Breach Notification Laws
May 2014	Guidance for Managing Cybersecurity Risks
Feb 2014	Canada's Anti-Spam Legislation
Oct 2013	Revisiting Privacy Policies in Light of California Law
Sep 2013	California Minors under Age 18: Privacy Requirements for Deleting Content/Information and Advertising/Marketing
Aug 2013	State Social Media Account Laws for Educational Institutions
May 2013	FTC Updates Children's Online Privacy Protection (COPPA) Rule
Feb 2013	The Federal Trade Commission Issues Mobile Privacy Disclosures Report and Mobile Security Guidance for Application Developers
Nov 2012	Mobile Application Privacy Policy Enforcement by the California Attorney General
Sep 2012	Digital Copier Privacy Regulation
May 2012	FTC Consumer Privacy Framework and Next Steps
Jan 2012	Hacking, Malware, and Social Engineering—Definitions of and Statistics about Cyber Threats Contributing to Breaches
Dec 2011	Securities and Exchange Commission Issues Guidance on Cybersecurity and Cyber Incident Disclosure
Sep 2011	Massachusetts Enacts Privacy Regulations