States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Get a 360’ view of where these laws stand and what it means for your business.
Modern data privacy laws define “personal information” broadly as data relating to an identifiable individual. But what makes a person “identifiable,” and what techniques can be employed to de-identify data to loosen or eliminate the controls imposed by data privacy laws? This session will explore the various approaches to defining “personal information” and the implications for data analytics.
To drive digital change, legal departments and law firms need great ideas and they need great The full scope of CCPA will not even be revealed until Jan 2020 and with additional tighter regulations in the works, even what we know as of the New Year will likely remain unclear. Add to that, the level of confusion that comes with any new regulation and the only sure thing is that everything related to CCPA will still feel unsure when we get to Feb. 2020. Therefore, we are offering a regulator’s deep dive into the planned enforcement of CCPA.
Not quite a debate and not quite a panel this session will offer two distinct perspectives, one of a data privacy manager and one of a legal professional on how to interpret new regulations and put new data strategies into practice.
Global organizations have a small advantage when it comes to CCPA in that they have already made the adjustments necessary to comply with GDPR. It would be false, however, to assume that adhering to the one prepares you completely to adhere with other. Whitney McCollum led GDPR efforts for AECOM and will bring her expertise to bear in explaining how it can help as a roadmap for CCPA and where it could lead you astray.
Jane Fogarty is an experienced in-house attorney with proven leadership skills at top global technology companies in the U.S and Asia Pacific region. She is currently Vice President, Senior Counsel at SYNNEX Corporation where she heads up compliance globally, leads an international team of lawyers, and manages litigation, M&A, corporate governance and other legal support […]
One of the less obvious booby traps is that you can not prove compliance if you don’t have good practices in place to trace your organization’s collection, storage and usage of data. Data-Centric Encryption can offer a solution to following how your data moves outside and inside of the cloud. It can also help you to demonstrate who has access to what data at a given moment in time.
Sometimes the best way to develop a plan of action is to clearly map out what is definitely known, what is unknown and what areas remain to be explored related to a given issue. Panelists from various roles and organizations will dissect the “black swans” related to state privacy laws.
If you treat challenges to your privacy practices as a “we’ll cross that bridge when we come to it” issue then you are planning to be unprepared. During this interactive session our speakers will present various hypothetical “privacy fires” that you may need to put out in response to new regulations and as a group we will develop response plans to each.
Many organizations have found that the best way to ensure privacy compliance is to build it into all products from the ground up. If you make privacy an inherent part of your products you can breathe more easily when it comes to analyzing how those products are used.
One way to ensure complete customer privacy would be to collect no data whatsoever. That approach would, however, completely cripple most businesses and it is not the actual stated goal of most privacy laws. Somewhere between forgoing all data and facing privacy-related enforcement actions lies a sweet spot that balance compliance with risk in order to ensure your business does not lose unnecessary steam on the tracks laid by new statutes.
With the increasing number of state privacy laws comes an increasing number of potential solutions designed to address these new challenges. Here from a multi-departmental (legal - tech - compliance - marketing) about how to select the right solutions to truly support and track your adherence to these new regulations.
Compliance strategy impacts all departments of an organization. Therefore, that strategy needs to incorporate input and buy-in from all departments. Healthcare organizations have to comply not just with CCPA, but with an alphabet soup of various privacy regulations and have long standing experience developing these cooperative strategies. Learn from their experience how to roll out new data regulations and compliance guidelines for your large scale business.
Patricia Dickerson joined Sutter Health in 2016 to build out the privacy and information security regulatory team. She currently serves as the Director of Awareness, Training and Program Effectiveness where she leads the development and implementation of system-wide privacy and information security awareness and training initiatives and continues to monitor state, federal, and international laws […]
Will the US adopt a federal law that will make compliance easier? What are we hearing on the hill? Will we have 50 privacy laws, plus GDPR? How can that be managed.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.