Melissa J. Krasnow, JD
Partner
Ms. Krasnow writes on cyber and privacy risk and insurance issues for IRMI.com.
She is a partner in Minneapolis at VLP Law Group LLP and is recognized in Chambers Global Privacy & Data Security and USA—Nationwide Privacy & Data Security: Cybersecurity; USA—Nationwide Privacy & Data Security: Privacy; and USA—Nationwide Technology in 2024 and in Chambers USA—Nationwide Privacy & Data Security and USA—Nationwide Technology in 2022 and 2023.
Her practice encompasses the following.
- Privacy, data security, big data, and artificial intelligence
- The Health Insurance Portability and Accountability Act; Family Educational Rights and Privacy Act; financial services regulatory laws (including Gramm-Leach-Bliley Act); state laws, including the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) and other state laws; EU General Data Protection Regulation
- Data breaches/incidents/other events (ransomware, account takeover, business email compromise, phishing, and vulnerabilities), cyber governance, and crisis management
- Written information security programs, incident response plans, tabletop exercises
- Cyber-liability insurance policy review
- Advice to boards of directors and officers on privacy, data security, and technology oversight and developments
- Website and mobile application privacy policies and terms and technology policies
- Technology and commercial transactions
- Master service agreements
- Nondisclosure agreements
- Data security addenda
- Business associate agreements
- Data processing agreements
- CCPA/CPRA and other state privacy law agreements
- Mergers and acquisitions
Ms. Krasnow is a Certified Information Privacy Professional/US and a board leadership fellow of the National Association of Corporate Directors.
Ms. Krasnow holds a bachelor of arts degree in Chinese studies and political science from Wellesley College and a juris doctor from Northwestern University School of Law. She also attended the University of British Columbia.
Articles
Cyber and Privacy Risk and Insurance
Colorado Artificial Intelligence Law: Enforcement and Exceptions
Cyber and Privacy Risk and Insurance
Colorado Artificial Intelligence Law: Developer Disclosure Requirements
Cyber and Privacy Risk and Insurance
Colorado Artificial Intelligence Law: Deployer Disclosure Requirements
Cyber and Privacy Risk and Insurance
Colorado Artificial Intelligence Law: Deployer and Developer Definitions
Cyber and Privacy Risk and Insurance
New Jersey Privacy Law: Notices, Controllers and Processors, and Enforcement
Cyber and Privacy Risk and Insurance
New Jersey Privacy Law: Application, Definitions, and Consumer Rights
Cyber and Privacy Risk and Insurance
Texas Data Privacy Act: Application, Definitions, Rights, and Notice
Cyber and Privacy Risk and Insurance
Texas Data Privacy Act: Controllers, Assessments, Data, Enforcement
Cyber and Privacy Risk and Insurance
California Age-Appropriate Design Code Act: Application, Assessments
Cyber and Privacy Risk and Insurance
California Privacy Rights Act: Consumer Rights, Enforcement, Security
Cyber and Privacy Risk and Insurance
Connecticut Data Privacy Act: Controllers and Processors, Assessments, De-identified Data, and Enforcement
Cyber and Privacy Risk and Insurance
UCPA: Application, Definitions, Consumer Rights, and Obligations
Cyber and Privacy Risk and Insurance
Colorado Privacy Act: Controllers, Assessments, Data, and Enforcement
Cyber and Privacy Risk and Insurance
Colorado Privacy Act: Application, Definitions, Rights, and Notices
Cyber and Privacy Risk and Insurance
VCDPA: Assessments, De-Identified Data, Enforcement, and Exceptions
Cyber and Privacy Risk and Insurance
VCDPA: Application, Definitions, Consumer Rights, and Obligations
Cyber and Privacy Risk and Insurance
California Privacy Rights Act: Background, Application, and Definitions
Cyber and Privacy Risk and Insurance
Further Amendment to the California Consumer Privacy Act of 2018
Cyber and Privacy Risk and Insurance
California Consumer Privacy Act Regulations: Privacy Policy and Notice
Cyber and Privacy Risk and Insurance
Breach Notification Laws—State Attorney General or Regulator Notice
Cyber and Privacy Risk and Insurance
State Breach Notification Laws: Personal Information Definition
Cyber and Privacy Risk and Insurance
Changes in State Breach Notification and Security Procedures Laws
Cyber and Privacy Risk and Insurance
Business Associate Agreement Requirements and Negotiated Provisions
Cyber and Privacy Risk and Insurance
California Privacy Laws Change: Identity Theft Prevention and Mitigation Services
Cyber and Privacy Risk and Insurance
California Minors under Age 18: Privacy Requirements for Deleting Content/Information and Advertising/Marketing
Cyber and Privacy Risk and Insurance
Hacking, Malware, and Social Engineering—Definitions of and Statistics about Cyber Threats Contributing to Breaches
Cyber and Privacy Risk and Insurance
