Melissa Krasnow

She counsels companies on HIPAA, FERPA, financial services regulatory laws, state laws (including the CCPA/California Privacy Rights Act (CPRA)), and the European Union (EU) General Data Protection Regulation (GDPR).

Melissa advises companies on privacy, data security, artificial intelligence, big data, technology matters, and cyber governance, including data breaches/incidents/other events (ransomware, account takeover, business email compromise, phishing, and vulnerabilities), preparing written information security programs (organizational and employee), devising incident response plans, and facilitating and participating in tabletop exercises. She counsels boards of directors and officers on privacy, data security, and technology risk oversight and developments, and reviews cyber liability insurance policies.

Melissa advises companies on regulatory inquiries and complying with state, federal, and international privacy, data security, artificial intelligence, advertising and marketing, governance and compliance, and regulated industry laws. She prepares website and mobile application privacy policies and terms.

Melissa works with companies on negotiating (and renegotiating in the wake of data breaches/incidents/other events) and documenting technology and commercial transactions, including master services agreements (MSAs), non-disclosure agreements (NDAs), data security addenda (DSAs), business associate agreements (BAAs), data license agreements (DLAs), GDPR and other data processing agreements (DPAs), and CCPA/CPRA and other state privacy law agreements.

In mergers and acquisitions, she counsels companies on privacy, data security, and technology matters and on foreign investment filing obligations.