Information Governance: How to Assess Your Status

Size: px
Start display at page:

Download "Information Governance: How to Assess Your Status"

Transcription

1 Information Governance: How to Assess Your Status Jay Yelton, III and Mark Oudersluys December 3, 2015 WNJ.com

2 Agenda What is Information Governance? Why is IG Increasingly Important? Strategic Focus: Asset or Liability? Next Steps Defensible Data Disposition Update Records Management Policy and Retention Schedules Comprehensive Assessment of IG Efforts

3 What is Information Governance? An organization s efforts to define and operationalize programs and improve processes that enable defensible disposal of unnecessary data, increase ediscovery efficiency, and to ensure that regulatory obligations for information are satisfied.

4 Why is IG Increasingly Important? Reason #1: Quantity of data doubling every two years 1 Office Computer 590 GB Workstation (at 10% capacity) 3,888,100 pages ~1300 feet - the height of the Empire State Building

5 Why is IG Increasingly Important? Reason #2: Organizational data is located in more places Computers Desktops Laptops Servers Portable Media USB Devices CD ROMs and DVDs Tapes Portable Hard Drives SSD Cards Small Scale Digital Devices Mobile Phones Tablets/eReaders GPS devices Internet Public/Extranet/Intranet Social Media Facebook/Twitter/LinkedIn Cloud Storage Public/Private

6 Why is IG Increasingly Important? Reason #3: Increase in Data Retention Obligations and Penalties Abercrombie & Fitch fined $1 million for I-9 violations FCPA & SOX: Willful/knowing violation - $5 million in criminal fines and/or prison for up to 20 years for individuals and companies fined up to $20 million Certain statutes/regulations require that you respond with the right records in short order. For example, if the FDA suspects tainted food, records and information must be made available within 24 hours from the receipt of the FDA s request. 21 CFR

7 Why is IG Increasingly Important? Reason #4: Increase in Data Privacy Obligations and Penalties January 2014: FTC settles cases against 14 U.S. companies for falsely claiming compliance with U.S.-EU Safe Harbor Program May 2014: New York Presbyterian Hospital Enters into a $3.3 million settlement over failure to adequately implement HIPAA requirements August 2014: France announces intent to start auditing websites for compliance with EU prohibition against use of cookies without consent

8 Why is IG Increasingly Important? Reason #5: Decrease in Employee Efficiency Employees waste approximately 20% of work hours searching through unmanaged records for information they need.

9 Why is IG Increasingly Important? Reason #6: Increase in Data Discovery Costs and Sanctions In Re Fannie Mae Securities Litigation (2009) Agreed to electronic discovery protocol Over 400 search terms 660,000 potentially responsive documents 50 contract attorneys to review $6 million or 9% of the FNMA s annual budget to complete Civil contempt sanction for failure to meet stipulated deadline Waiver of privilege for all un-reviewed documents as of deadline

10 Why is IG Increasingly Important? Reason #7: Increase in Data Spoliation Sanctions Organization Data Preservation Risk Ramification Philip Morris, Inc. Failed to Suspend Deletion of s Nartion Corporation Computer Records Destroyed $2.75 Million Sanction Witness Preclusion Claims Dismissed Express Wire Services, Inc. s Destroyed Default Judgment Harris County District Attorney Seminole County Sheriff s Department Deletion of 2,000 s $18,900 Sanction Contempt of Court Finding s and Other Data Destroyed Adverse Inference Jury Instruction

11 Why is IG Increasingly Important? Reason #8: Increase in Data Security Risks December 2013: Target announces that stolen credit and debit card data included personal information for 70 million customers May 2014: Target) Target CEO resigns (after 35 years at August 2014: Target reveals data breach will cost shareholders $148 million

12 Strategic Focus: Asset or Liability?

13 Next Steps 1. Defensible Data Disposition Data Disposition Questionnaire Data Repositories Network Locations Size GB/TB Purge/Archive Protocol General Categories of Data Subject to Current Legal Hold Data Date Range Average Annual Storage Cost

14 Next Steps 1. Defensible Data Disposition 2. Update Records Management Policy and Retention Schedules

15 Next Steps 1. Defensible Data Disposition 2. Update Records Management Policy and Retention Schedules 3. Comprehensive Assessment of IG Efforts

16 How to Accurately Assess Your IG Efforts 16 Business Processes Which Must Operate at High Maturity and Reliability to Defensibly Dispose of Unnecessary Data and Mitigate Risk A. Employees on Legal Holds B. Data on Legal Hold C. Hold Publication D. Legal Interviews E. Evidence Collection F. Evidence Analysis & Cost Controls G. Legal Record H. Master Retention Schedule & Taxonomy I. Privacy & Data Protection J. Data Source Catalog & Stewardship K. System Provisioning L. Disposal & Decommissioning M. Legacy Data Management N. Storage Alignment O. Audit

17 How to Accurately Assess Your IG Efforts

18 Recommended IG Resources Compliance, Governance and Oversight Council (www.cgoc.com) ARMA International (www.arma.org) The Sedona Conference Commentary on Information Governance (http://thesedonaconference.org) IG Assessment Vendors: IBM, Cohasset Associates, Huron Consulting Group and Contoural Warner Norcross Data Solutions Mailing List

Electronic Discovery How can I be prepared? September 2010

Electronic Discovery How can I be prepared? September 2010 Electronic Discovery How can I be prepared? September 2010 Presented by Brian Wilkinson, Director of ediscovery & Computer Forensics brian.wilkinson@us.pwc.com 410-659-3473 Table of Contents Page 1 Electronic

More information

DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS

DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS Overview. DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS A comprehensive and consistently applied document retention policy is necessary to reduce the risk of being charged with spoliation

More information

Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015

Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015 Breaking Down the Silos: A 21st Century Approach to Information Governance May 2015 Introduction With the spotlight on data breaches and privacy, organizations are increasing their focus on information

More information

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline) CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline) David J. Chavolla, Esq. and Gary L. Kemp, Esq. Casner & Edwards, LLP 303 Congress Street Boston, MA 02210 A. Document and Record Retention Preservation

More information

Litigation Hold Notices & Electronic Discovery A R E S O U R C E F O R W S U E M P L OY E E S

Litigation Hold Notices & Electronic Discovery A R E S O U R C E F O R W S U E M P L OY E E S Litigation Hold Notices & Electronic Discovery A R E S O U R C E F O R W S U E M P L OY E E S What is a Litigation Hold Notice? Notice from an authorized department (e.g., Attorney General s Office Torts

More information

Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI)

Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI) University of California, Merced Measures Regarding Litigation Holds and Preservation of Electronically Stored Information (ESI) Responsible Officials: Executive Vice Chancellor and Provost Vice Chancellor

More information

UNDERSTANDING E DISCOVERY A PRACTICAL GUIDE. 99 Park Avenue, 16 th Floor New York, New York 10016 www.devoredemarco.com

UNDERSTANDING E DISCOVERY A PRACTICAL GUIDE. 99 Park Avenue, 16 th Floor New York, New York 10016 www.devoredemarco.com UNDERSTANDING E DISCOVERY A PRACTICAL GUIDE 1 What is ESI? Information that exists in a medium that can only be read through the use of computers Examples E-mail Word Documents Databases Spreadsheets Multimedia

More information

4/10/2015. Be Prepared: How The New Changes To The FRCP Affect Information Governance. Your Presenters. Agenda

4/10/2015. Be Prepared: How The New Changes To The FRCP Affect Information Governance. Your Presenters. Agenda Be Prepared: How The New Changes To The FRCP Affect Information Governance Presented by John Isaza, Esq., FAI CEO, Information Governance Solutions, LLC Wednesday, April 15, 2015 1:00 p.m. (PDT) Your Presenters

More information

Data Preservation Duties and Protocols

Data Preservation Duties and Protocols Data Preservation Duties and Protocols November 2008 HOU:2858612.3 Discussion Outline I. The Differences Between Electronic and Paper Discovery II. The Parameters of Electronic Discovery III. Rule 37(e)

More information

Electronic Discovery: Litigation Holds, Data Preservation and Production

Electronic Discovery: Litigation Holds, Data Preservation and Production Electronic Discovery: Litigation Holds, Data Preservation and Production April 27, 2010 Daniel Munsch, Assistant General Counsel John Lerchey, Coordinator for Incident Response 0 E-Discovery Rules Federal

More information

Developing an Integrated e-discovery and Corporate Records Management Program. Presented by: Janeine Charpiat Information Security Professional

Developing an Integrated e-discovery and Corporate Records Management Program. Presented by: Janeine Charpiat Information Security Professional Developing an Integrated e-discovery and Corporate Records Management Program Presented by: Janeine Charpiat Information Security Professional What is ediscovery? any process in which electronic data is

More information

DOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents

DOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents WhitePaper Concise Guide to E-discovery Contents i. Overview ii. Importance of e-discovery iii. How to prepare for e-discovery? iv. Key processes & issues v. The next step vi. Conclusion Overview E-discovery

More information

Director, Value Engineering

Director, Value Engineering Director, Value Engineering April 25 th, 2012 Copyright OpenText Corporation. All rights reserved. This publication represents proprietary, confidential information pertaining to OpenText product, software

More information

Acknowledgments Introduction: Welcome to the Labyrinth. CHAPTER 1 Gathering the Evidence 1. CHAPTER 2 Third-Party Experts 25

Acknowledgments Introduction: Welcome to the Labyrinth. CHAPTER 1 Gathering the Evidence 1. CHAPTER 2 Third-Party Experts 25 Acknowledgments Introduction: Welcome to the Labyrinth xi xiii CHAPTER 1 Gathering the Evidence 1 Form 1.1: General Preliminary Electronic Evidence Questions for Your Client 3 Form 1.2: Checklist to Define

More information

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence.

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence. This is a sample approach to developing a sound document collection process, referenced at Section II(7)(vi) of the Guidelines on Best Practices for Litigating Cases Before the Court of Chancery. It should

More information

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws

ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws ESI Risk Assessment: Critical in Light of the new E-discovery and notification laws Scott Bailey, CISM Christopher Sobota, J.D. Enterprise Risk Management Group Disclaimer This presentation is for informational

More information

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10) MIT s Information Security Program for Protecting Personal Information Requiring Notification (Revision date: 2/26/10) Table of Contents 1. Program Summary... 3 2. Definitions... 4 2.1 Identity Theft...

More information

Discovery Technology Group

Discovery Technology Group Discovery Technology Group E-mail Retention: Readiness Survey E-mail now represents the largest source of new documents and records generated within a company, and the most troublesome from a retention

More information

Agenda. You are not in the business to manage records

Agenda. You are not in the business to manage records Global Records and Information Management Risk: Proactive and Practical Approaches to Effective Records Management September 16, 2014 Maura Dunn, MLS, CRM Lee Karas, MBA Agenda Drivers for your Records

More information

How to Avoid The Biggest Electronic Evidence Mistakes. Ken Jones Senior Technology Architect Pileum Corporation

How to Avoid The Biggest Electronic Evidence Mistakes. Ken Jones Senior Technology Architect Pileum Corporation How to Avoid The Biggest Electronic Evidence Mistakes Ken Jones Senior Technology Architect Pileum Corporation Why is Proper Handling of Electronic Data Important? Most of the evidence in your case isn

More information

Governance from the Cloud. threat protection compliance archiving & governance secure communication

Governance from the Cloud. threat protection compliance archiving & governance secure communication Governance from the Cloud threat protection compliance archiving & governance secure communication Speakers Darren Lee Vice-President & GM, Proofpoint 2 Agenda for Today s Discussion Agenda Who is Proofpoint?

More information

E-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising

E-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising E-Discovery and Data Management Managing Litigation in the Digital Age Attorney Advertising Every day, 12 billion corporate e-mails are created. That number doubles annually. Litigation success starts

More information

Navigating E-Discovery, And The

Navigating E-Discovery, And The Navigating E-Discovery, And The l f C S Role of ACEDS 1 IDF Conference December 2012 Overview Introduction to US E-Discovery Important E-Discovery Trends Role of ACEDS Mission of ACEDS in Japan 2 E-Discovery

More information

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM

STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM STATE OF NEVADA DEPARTMENT OF HEALTH AND HUMAN SERVICES BUSINESS ASSOCIATE ADDENDUM BETWEEN The Division of Health Care Financing and Policy Herein after referred to as the Covered Entity and (Enter Business

More information

In-House Solutions to the E-Discovery Conundrum

In-House Solutions to the E-Discovery Conundrum 125 In-House Solutions to the E-Discovery Conundrum Retta A. Miller Carl C. Butzer Jackson Walker L.L.P. April 21, 2007 www.pointmm.com I. OVERVIEW OF THE RULES GOVERNING ELECTRONICALLY- STORED INFORMATION

More information

Information Governance Manage in Place Use Cases Workshop

Information Governance Manage in Place Use Cases Workshop Information Governance Manage in Place Use Cases Workshop James Seeley Vice President, Governance Sales threat protection compliance archiving & governance secure communication Information Governance -

More information

10 Steps to Establishing an Effective Email Retention Policy

10 Steps to Establishing an Effective Email Retention Policy WHITE PAPER: 10 STEPS TO EFFECTIVE EMAIL RETENTION 10 Steps to Establishing an Effective Email Retention Policy JANUARY 2009 Eric Lundgren INFORMATION GOVERNANCE Table of Contents Executive Summary SECTION

More information

Presented By: Attorney/Legal Technologist Cosgrave Vergeer Kester LLP. Paine Hamblen LLP 805 SW Broadway, 8 th Floor

Presented By: Attorney/Legal Technologist Cosgrave Vergeer Kester LLP. Paine Hamblen LLP 805 SW Broadway, 8 th Floor Everything You Wanted to Know About ESI and E-Discovery but Were Afraid to Ask Jason M. Pistacchio Presented By: Gregory S. Johnson Attorney Attorney/Legal Technologist Cosgrave Vergeer Kester LLP Paine

More information

Fundamentals of Information Governance:

Fundamentals of Information Governance: Fundamentals of Information Governance: More than just records management PETER KURILECZ CRM CA IGP Hard as I try, I simply cannot make myself understand how Information Governance isn t just a different

More information

WHAT S IN STORE FOR E-DISCOVERY IN 2015? TOP 4 TRENDS TO WATCH

WHAT S IN STORE FOR E-DISCOVERY IN 2015? TOP 4 TRENDS TO WATCH WHAT S IN STORE FOR E-DISCOVERY IN 2015? TOP 4 TRENDS TO WATCH 1 Exclusive News and Analysis Monthly Members-Only Webcasts Networking with CEDS, Members On-Demand Training Resources Jobs Board bits + bytes

More information

POWER PROTECT PROMOTE. Information Governance In The Cloud

POWER PROTECT PROMOTE. Information Governance In The Cloud Information Governance In The Cloud Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions Topics Cloud Characteristics And Risks Information Management In

More information

ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery. ZL TECHNOLOGIES White Paper

ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery. ZL TECHNOLOGIES White Paper ZL UNIFIED ARCHIVE A Project Manager s Guide to E-Discovery ZL TECHNOLOGIES White Paper PAGE 1 A project manager s guide to e-discovery In civil litigation, the parties in a dispute are required to provide

More information

Welcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013

Welcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013 Welcome to ChiroCare s Fourth Annual Fall Business Summit October 3, 2013 HIPAA Compliance Regulatory Overview & Implementation Tips for Providers Agenda Green packet Overview of general HIPAA terms and

More information

E-DISCOVERY & PRESERVATION OF ELECTRONIC EVIDENCE. Ana Maria Martinez April 14, 2011

E-DISCOVERY & PRESERVATION OF ELECTRONIC EVIDENCE. Ana Maria Martinez April 14, 2011 E-DISCOVERY & PRESERVATION OF ELECTRONIC EVIDENCE Ana Maria Martinez April 14, 2011 This presentation does not present the views of the U.S. Department of Justice. This presentation is not legal advice.

More information

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures TODAY S AGENDA Trends/Victimology Incident Response Remediation Disclosures Trends/Victimology ADVERSARY CLASSIFICATIONS SOCIAL ENGINEERING DATA SOURCES COVERT INDICATORS - METADATA METADATA data providing

More information

3 "C" Words You Need to Know: Custody - Control - Cloud

3 C Words You Need to Know: Custody - Control - Cloud 3 "C" Words You Need to Know: Custody - Control - Cloud James Christiansen Chief Information Security Officer Evantix, Inc. Bradley Schaufenbuel Director of Information Security Midland States Bank Session

More information

***This sample is provided solely for informational purposes. Nothing in this document constitutes legal advice***

***This sample is provided solely for informational purposes. Nothing in this document constitutes legal advice*** ***This sample is provided solely for informational purposes. Nothing in this document constitutes legal advice*** DOCUMENT RETENTION AND DESTRUCTION POLICY OF EAST HARLEM ARTS ARTICLE I Purpose East Harlem

More information

Taming the Beast Open Records and Discovery for E-mail

Taming the Beast Open Records and Discovery for E-mail Taming the Beast Open Records and Discovery for E-mail Christina Weber, Assistant City Attorney, Arlington, Texas Beth Ann Unger, Information Systems Manager, Frisco, Texas Open Records and Discovery What

More information

Information Lifecycle Governance. Surabhi Kapoor & Jan Lambrechts

Information Lifecycle Governance. Surabhi Kapoor & Jan Lambrechts Information Lifecycle Governance Surabhi Kapoor & Jan Lambrechts Information Lifecycle Governance Executive Overview 1 Introduction to Information Lifecycle Governance 2 It s no longer about one thing

More information

ACADEMIC AFFAIRS COUNCIL ******************************************************************************

ACADEMIC AFFAIRS COUNCIL ****************************************************************************** ACADEMIC AFFAIRS COUNCIL AGENDA ITEM: 8.D DATE: March 15, 2007 ****************************************************************************** SUBJECT: Electronic Records Discovery Electronic records management

More information

Information Governance

Information Governance Information Governance The New Records Management Rudy Moliere Director, Information Goverance & Records Management Terrence J. Coan, CRM Senior Director Information Management Practice Agenda Introductions

More information

The E-Discovery Challenge Moves to the C-Suite

The E-Discovery Challenge Moves to the C-Suite The E-Discovery Challenge Moves to the C-Suite New Legislation is Upping the Ante Even Further, Making It Crucial to Manage E-Discovery at the Enterprise Level Understanding E-Discovery Risk Whether information

More information

Electronic Discovery

Electronic Discovery Electronic Discovery L. Amy Blum, Esq. UCLA University of California, Los Angeles 1 Topics Not Covered Best practices for E-mail E use and retention in the ordinary course of business Records Disposition

More information

E-Discovery and Electronically Stored Information (ESI):

E-Discovery and Electronically Stored Information (ESI): E-Discovery and Electronically Stored Information (ESI): How Can It Help or Hinder a Case? Rosevelie Márquez Morales Harris Beach PLLC New York, NY Rosevelie Márquez Morales is a partner at Harris Beach

More information

E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers

E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers MARCH 7, 2007 E-Discovery: The New Federal Rules of Civil Procedure A Practical Approach for Employers By Tara Daub and Christopher Gegwich News of the recent amendments to the Federal Rules of Civil Procedure

More information

Clients Legal Needs in HIPAA Security Compliance

Clients Legal Needs in HIPAA Security Compliance Clients Legal Needs in HIPAA Security Compliance Robyn A. Meinhardt, JD, RN FOLEY & LARDNER LLP 2004 Preserving Attorney-Client Privilege and Work Product Protections 1 Relevance to Security Compliance

More information

WHAT TO DO WHEN YOU RECEIVE A LITIGATION HOLD NOTICE. A Guide for University Faculty, Staff, and Others

WHAT TO DO WHEN YOU RECEIVE A LITIGATION HOLD NOTICE. A Guide for University Faculty, Staff, and Others WHAT TO DO WHEN YOU RECEIVE A LITIGATION HOLD NOTICE A Guide for University Faculty, Staff, and Others What is a Litigation Hold Notice? Notice from an authorized UW department (Attorney General s Office,

More information

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007 Lowering E-Discovery Costs Through Enterprise Records and Retention Management An Oracle White Paper March 2007 Lowering E-Discovery Costs Through Enterprise Records and Retention Management Exponential

More information

How to Win the Battle Over Electronic Discovery in Employment Cases. By Philip L. Gordon, Esq.

How to Win the Battle Over Electronic Discovery in Employment Cases. By Philip L. Gordon, Esq. How to Win the Battle Over Electronic Discovery in Employment Cases By Philip L. Gordon, Esq. IMPORTANT NOTICE This publication is not a do-it-yourself guide to resolving employment disputes or handling

More information

white paper Mitigate Risk in Handling ediscovery Data Subject to the U.S. Export Control Laws and Regulations

white paper Mitigate Risk in Handling ediscovery Data Subject to the U.S. Export Control Laws and Regulations white paper Mitigate Risk in Handling ediscovery Data Subject to the U.S. Export Control Laws and Regulations WWW.EPIQSYSTEMS.COM 800 314 5550 Mitigate Risk in Handling ediscovery Data Subject to the U.S.

More information

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection

More information

Navigating Information Governance and ediscovery

Navigating Information Governance and ediscovery Navigating Information Governance and ediscovery Implementing Processes & Technology to Reduce Downstream ediscovery Cost and Risk Shannon Smith General Counsel, Globanet March 11 12, 2013 Agenda 1 Overview

More information

Preservation and Production of Electronic Records

Preservation and Production of Electronic Records Policy No: 3008 Title of Policy: Preservation and Production of Electronic Records Applies to (check all that apply): Faculty Staff Students Division/Department College _X Topic/Issue: This policy enforces

More information

102 ediscovery Shakedown: Lowering your Risk. Kindred Healthcare

102 ediscovery Shakedown: Lowering your Risk. Kindred Healthcare 102 ediscovery Shakedown: Lowering your Risk Long-Term Care Session HCCA Compliance Institute April 27, 2009 Las Vegas, Nevada Presented by: Diane Kissel, Manager IS Risk & Compliance Kindred Healthcare,

More information

Chapter 153. Violations and Fines 2013 EDITION. Related Laws Page 571 (2013 Edition)

Chapter 153. Violations and Fines 2013 EDITION. Related Laws Page 571 (2013 Edition) Chapter 153 2013 EDITION Violations and Fines VIOLATIONS (Generally) 153.005 Definitions 153.008 Violations described 153.012 Violation categories 153.015 Unclassified and specific fine violations 153.018

More information

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions

Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What

More information

Corporate Governance - The Importance of a Compliant Record Retention Program. by Christopher N. Weiss 1

Corporate Governance - The Importance of a Compliant Record Retention Program. by Christopher N. Weiss 1 Corporate Governance - The Importance of a Compliant Record Retention Program by Christopher N. Weiss 1 A. Rationale for a Sound Record Retention Policy Record retention is crucial to disciplined corporate

More information

HIPAA Update Focus on Breach Prevention

HIPAA Update Focus on Breach Prevention HIPAA Update Focus on Breach Prevention Objectives By the end of this program, participants should be able to: Identify top reasons why breaches occur Review the breach definition and notification process

More information

COLORADO COMMUNITY COLLEGE SYSTEM SYSTEM PRESIDENT S PROCEDURE ELECTRONIC COMMUNICATIONS MANAGEMENT AND RETENTION PROCEDURES

COLORADO COMMUNITY COLLEGE SYSTEM SYSTEM PRESIDENT S PROCEDURE ELECTRONIC COMMUNICATIONS MANAGEMENT AND RETENTION PROCEDURES Page 1 of 6 SP 3-125d COLORADO COMMUNITY COLLEGE SYSTEM SYSTEM PRESIDENT S PROCEDURE ELECTRONIC COMMUNICATIONS MANAGEMENT AND RETENTION PROCEDURES EFFECTIVE: June 14, 2009 REFERENCE: BP 3-125; Electronic

More information

plantemoran.com What School Personnel Administrators Need to know

plantemoran.com What School Personnel Administrators Need to know plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of

More information

How E-Discovery Will Affect Your Life as a Storage Professional. David Stevens, Carnegie Mellon University

How E-Discovery Will Affect Your Life as a Storage Professional. David Stevens, Carnegie Mellon University How E-Discovery Will Affect Your Life as a Storage Professional David Stevens, Carnegie Mellon University SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies

More information

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 HIPAA and the HITECH Act Privacy and Security of Health Information in 2009 What is HIPAA? Health Insurance Portability & Accountability Act of 1996 Effective April 13, 2003 Federal Law HIPAA Purpose:

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation MELISSA J. KRASNOW, DORSEY & WHITNEY LLP

More information

Record Retention, ediscovery, Spoliation: Issues for In-House Counsel

Record Retention, ediscovery, Spoliation: Issues for In-House Counsel Record Retention, ediscovery, Spoliation: Issues for In-House Counsel CCCA Webinar April 1, 2015 Presenters: Gavin Tighe, Partner (Certified Specialist in Litigation) Stephen Thiele, Partner, Director

More information

STI GROUP DISCUSSION WRITTEN PROJECT

STI GROUP DISCUSSION WRITTEN PROJECT STI GROUP DISCUSSION WRITTEN PROJECT ediscovery FOR GIAC ENTERPRISES - DATA CLASSIFICATION, RETENTION, AND LITIGATION POLICIES AND PROCEDURES Version 1.1 September 22, 2007 Team: Russell Meyer, Brad Ruppert

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

How E-Discovery Will Impact Your Life as a Storage Professional. David Stevens, Carnegie Mellon University

How E-Discovery Will Impact Your Life as a Storage Professional. David Stevens, Carnegie Mellon University How E-Discovery Will Impact Your Life as a Storage Professional David Stevens, Carnegie Mellon University SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies

More information

Electronic Discovery and Disclosure:

Electronic Discovery and Disclosure: Electronic Discovery and Disclosure: Managing & Producing Electronic Information Washington State Office of the Attorney General 1 Overview of Presentation EDD (Electronic Discovery and Disclosure) ESI

More information

E-Discovery in Practice: A Roadmap for Financial Institutions

E-Discovery in Practice: A Roadmap for Financial Institutions E-Discovery in Practice: A Roadmap for Financial Institutions Martha R. Mora Martha R. Mora, Esq. ARHM&F Avila Rodriguez Hernandez Mena & Ferri LLP 2525 Ponce de Leon Blvd., Suite 1225, Coral Gables, Florida

More information

Meaning Based Computing: Managing the Avalanche of Unstructured Data

Meaning Based Computing: Managing the Avalanche of Unstructured Data Meaning Based Computing: Managing the Avalanche of Unstructured Data Bill Tolson, Director of Information Governance POWER PROTECT PROMOTE Moving away from structured data Accelerated unstructured information

More information

Page 1. Copyright 2009. MFA - Moody, Famiglietti & Andronico, LLP. All Rights Reserved.

Page 1. Copyright 2009. MFA - Moody, Famiglietti & Andronico, LLP. All Rights Reserved. Page 1 Page 2 Page 3 Agenda Defining the Massachusetts Personal Data Security Law Becoming Compliant Page 4 Massachusetts Privacy Law Defining the Massachusetts Personal Data Security Law - 201 CMR 17.00

More information

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually

More information

The E-Discovery Process

The E-Discovery Process POOLING PROVISIONS The E-Discovery Process A publication of Nevada Public Agency Insurance Pool The e- discovery process the search of electronic records for use as legal evidence can cost thousands of

More information

The Business Leader Data Retention and E-Discovery Primer

The Business Leader Data Retention and E-Discovery Primer The Business Leader Data Retention and E-Discovery Primer by Rebecca Herold, CISSP, CISM, CISA, FLMI July 2006 Many organizations are taking advantage of using a wider range of communication systems and

More information

Principles for Improving Internal Audit s Value Proposition

Principles for Improving Internal Audit s Value Proposition Principles for Improving Internal Audit s Value Proposition All organizations depend on information to manage day-to-day operations, comply with regulations, gauge financial performance, and monitor strategic

More information

Real World Strategies for Migrating and Decommissioning Legacy Applications

Real World Strategies for Migrating and Decommissioning Legacy Applications Real World Strategies for Migrating and Decommissioning Legacy Applications Final Draft 2014 Sponsored by: Copyright 2014 Contoural, Inc. Introduction Historically, companies have invested millions of

More information

E-Discovery Toolkit for Educational Institutions

E-Discovery Toolkit for Educational Institutions E-Discovery Toolkit for Educational Institutions The e-discovery process the search of electronic records for use as legal evidence can cost educational institutions thousands of dollars and hours. The

More information

ACE Advantage PRIVACY & NETWORK SECURITY

ACE Advantage PRIVACY & NETWORK SECURITY ACE Advantage PRIVACY & NETWORK SECURITY SUPPLEMENTAL APPLICATION COMPLETE THIS APPLICATION ONLY IF REQUESTING COVERAGE FOR PRIVACY LIABILITY AND/OR NETWORK SECURITY LIABILITY COVERAGE. Please submit with

More information

Predictability in E-Discovery

Predictability in E-Discovery Predictability in E-Discovery Presented by: John G. Roman, Jr. National Manager, Practice Group Technology Services Nixon Peabody LLP Tom Barce Assistant Director of Practice Support Fulbright & Jaworski

More information

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery Today s Topics Introduction to Data Privacy & ediscovery General Overview Data Privacy in the United States Data Privacy in Foreign Countries Intersection of Data Privacy & ediscovery Preservation of Data

More information

THE IMPACT OF THE ELECTRONIC DISCOVERY RULES ON THE EEOC PROCESS

THE IMPACT OF THE ELECTRONIC DISCOVERY RULES ON THE EEOC PROCESS THE IMPACT OF THE ELECTRONIC DISCOVERY RULES ON THE EEOC PROCESS Cynthia L. Gibson, Esq. Katz, Teller, Brant & Hild 255 East Fifth Street Suite 2400 Cincinnati, OH 45202 (513) 977-3418 cgibson@katzteller.com

More information

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer

ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING By: Jerry Jackson Compliance and Privacy Officer 1 1 Introduction Welcome to Privacy and Security Training course. This course will help you

More information

Records and Information Management and Retention

Records and Information Management and Retention Records and Information Management and Retention Association of Corporate Counsel Nonprofit Organizations Committee Legal Quick Hit March 13, 2012 3 pm ET W. Warren Hamel Venable LLP 750 E. Pratt St. Baltimore,

More information

Why Lawyers? Why Now?

Why Lawyers? Why Now? TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement and is made between BEST Life and Health Insurance Company ( BEST Life ) and ( Business Associate ). RECITALS WHEREAS, the U.S.

More information

Ogden City. What HAS and has NOT worked for us in making policies...

Ogden City. What HAS and has NOT worked for us in making policies... Ogden City What HAS and has NOT worked for us in making policies... Records Management Ogden is on it's third system Can you find all the data you need for your single view of the customer? At Ogden City,

More information

Virginia Commonwealth University School of Medicine Information Security Standard

Virginia Commonwealth University School of Medicine Information Security Standard Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval

More information

General Items Of Thought

General Items Of Thought ESI PROTOCOLS & CASE LONG BUDGETS General Items Of Thought What s a GB =??? What Are Sources Of Stored Data? What s BYOD mean??? The Human Factor Is At Play! Litigation Hold Duty Arises When? Zubulake

More information

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA): FACT SHEET FOR NEUROPSYCHOLOGISTS Division 40, American Psychological Association

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA): FACT SHEET FOR NEUROPSYCHOLOGISTS Division 40, American Psychological Association HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA): FACT SHEET FOR NEUROPSYCHOLOGISTS Division 40, American Psychological Association DISCLAIMER This general information fact sheet is made available

More information

Data Privacy and Cybersecurity Task Force

Data Privacy and Cybersecurity Task Force Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,

More information

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com Cyber, PrivaCy & Data SeCurity 360 www.mpplaw.com about our PraCtiCe Data is the lifeblood of our global economy. Collected, stored and transmitted, digital data not only imparts great opportunities, but

More information

E-DISCOVERY AND RECORDS RETENTION PROGRAMS: What Healthcare Administrators Need to Know

E-DISCOVERY AND RECORDS RETENTION PROGRAMS: What Healthcare Administrators Need to Know E-DISCOVERY AND RECORDS RETENTION PROGRAMS: What Healthcare Administrators Need to Know Christopher A. Myers Holland & Knight LLP Progressive Healthcare Conferences December 19, 2007 The future ain't what

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP

More information

Records and Information Management

Records and Information Management Records and Information Management Elizabeth Adkins Dir., Information Governance Grant Thornton LLP Raquel Tamez Chief Legal Officer SourceAmerica Patrick Oot Partner Shook, Hardy & Bacon, LLP Records

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)

More information

Cohasset Associates, Inc. NOTES. 2014 Managing Electronic Records Conference 1.1. The discipline of analyzing the. Value Costs and Risks

Cohasset Associates, Inc. NOTES. 2014 Managing Electronic Records Conference 1.1. The discipline of analyzing the. Value Costs and Risks Understanding Today s Economics of Information Get Your Act Together Now! Sylvan Sibito H Morley III IBM Worldwide Director Information Lifecycle Governance Information Economics: The discipline of analyzing

More information

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP ) The Electronic Discovery Reference Model (EDRM) How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP ) December 2011

More information

BUSINESS ASSOCIATE AGREEMENT

BUSINESS ASSOCIATE AGREEMENT BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) by and between OUR LADY OF LOURDES HEALTH CARE SERVICES, INC., hereinafter referred to as Covered Entity, and hereinafter referred

More information

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT

BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT BENCHMARK MEDICAL LLC, BUSINESS ASSOCIATE AGREEMENT This BUSINESS ASSOCIATE AGREEMENT ( Agreement ) dated as of the signature below, (the Effective Date ), is entered into by and between the signing organization

More information

University of Louisiana System

University of Louisiana System Policy Number: M-17 University of Louisiana System Title: RECORDS RETENTION & Effective Date: OCTOBER 10, 2012 Cancellation: None Chapter: Miscellaneous Policy and Procedures Memorandum Each institution

More information