Search for:
Author

Cristina Messerschmidt

Browsing
Cristina G. Messerschmidt is an associate in the Privacy and Security practice group based in Chicago, advising global organizations on privacy and data security compliance requirements, as well as data security incident response.

On 17 May 2024, Colorado Governor Polis signed the landmark Colorado AI Act (Senate Bill 24-205) into law. Colorado is now the first US state with comprehensive AI regulation, adopting a classification system like the EU’s recent AI Act. The law will take effect 1 February 2026.

Explore Data PULSE, a platform which helps you to navigate the complex landscape of data, regulatory and IP protection concerns at each stage of the medical product life cycle. As you navigate through each key issue, Data PULSE will help you to identify and mitigate risks across multiple jurisdictions and optimize your strategy through research, market authorization and post-market study phases.

A flaw in a widely used software threatens system security and makes companies vulnerable to cyber threats. The Apache Software Foundation released an advisory that Apache Log4j versions up to and including 2.14.1 have a defect that may allow threat actors to execute arbitrary code and deploy viruses including ransomware on that IT infrastructure. Entities that directly or indirectly leverage this software should act with haste to mitigate the risk of a data incident. These events present companies an opportunity to examine internal incident response preparedness and review the allocation of responsibilities in vendor agreements.

The California legislative session ended with a bang on 13 September, when legislators passed several noteworthy amendments to the California Consumer Privacy Act (CCPA). The California governor has until 13 October to act on these amendments. We have outlined below the amendments that materially alter the original scope or requirements…