MOFO SEMINAR SERIES. Data Protection Masterclass: Hot Topics in Employee Privacy and Technology

Size: px
Start display at page:

Download "MOFO SEMINAR SERIES. Data Protection Masterclass: Hot Topics in Employee Privacy and Technology"

Transcription

1 MOFO SEMINAR SERIES Data Protection Masterclass: Hot Topics in Employee Privacy and Technology London 13 June 2013

2 MoFo Seminar. Data Protection Masterclass: Hot Topics in Employee Privacy and Technology Table of Contents Presentation... 1 Speaker Biographies... 2 About Morrison & Foerster... 3 Selected Articles and Alerts... 4 Socially Aware: The Social Media Law Update Volume 4 January/February 2013 Bring Your Own Device Brings its Own Challenges June Morrison & Foerster (UK) LLP mofo.com

3 Tab 1 Presentation Data Protection Masterclass: Hot Topics in Employee Privacy and Technology

4 June 13 Data Protection Masterclass: Hot Topics in Employee Privacy and Technology 13 June 2013 Ann Bevitt Carlos García-Mauriño Christine Lyon Karin Retzer Caroline Stakim 2013 Morrison & Foerster LLP All Rights Reserved mofo.com Background Checks by Ann Bevitt and Caroline Stakim 12 June 2013 Presented By 2013 Morrison & Foerster LLP All Rights Reserved mofo.com 1

5 June 13 Background Checks Common practice to conduct some background checks for most types of employment Types of checks depend on nature of position Right to respect for private life (Article 8, Human Rights Act 1998) Not absolute, so employer may be able to justify conducting background checks that collect information about prospective employee s private life UK = ICO s Employment Practices Code and Supplementary Guidance 3 Basic Principles Company must: Balance its business needs v. applicants privacy rights Use reliable sources which are likely to provide relevant information Ensure check/examination/testing is necessary and justified, e.g.: Is the applicant fit to do the job? Is there a legal reason to obtain this information, e.g., to join pension or life insurance schemes, to make any reasonable adjustments for disability, etc? Allow applicant to make representations regarding information that will affect hiring decision 4 2

6 June 13 Third Party Checks Third party conducts background checks (e.g. credit checks) - written contract which contains appropriate data protection provision, e.g.: Limitation on use Information security (access controls, encryption, etc.) Transfer and disclosures Data breach Audit Destruction/return on termination Explain the nature of and sources from which information might be obtained 5 Types of Background Check References Credit checks Court judgments Medicals Drug and alcohol testing Criminal record checks 6 3

7 June 13 Changes to Criminal Record Checks 1 December 2012: Criminal Records Bureau + Independent Safeguarding Authority = Disclosure & Barring Service Disclosure Scotland / Access Northern Ireland Basic, standard and enhanced disclosures Disclosure of spent and unspent cautions and convictions, police reprimands and warnings and relevant police information 29 May 2013: protected convictions and protected cautions not disclosed on DBS certificate 17 June 2013: online update service available 7 Google and Social Networking Sites Where permitted: Explain to the applicant the nature of and sources from which information might be obtained and, if necessary, get consent Only Google to obtain specific information, not as a means of general intelligence gathering Allow applicant to make representations regarding information that will affect hiring decision Risk of exposure to discrimination claims 8 4

8 June 13 Germany Background checks to supplement CVs not very common Federal Data Protection Act (BDSG 4(2)): Personal data should be collected directly from applicant; collection via third parties only where nature of business purpose necessitates and no overriding legitimate interest of individual, i.e.: where particular position requires certain information to be confirmed/supplemented through background checks, e.g., where trustworthiness of applicant is particularly relevant, e.g.: financial services institutions child care where qualifications essential for employment decision New 32 BDSG: data on applicants may only be collected where required for establishment of employment relationship 9 France Right to respect for private life (Article 9, French Civil Code) French Labour Code and French Criminal Code prohibit questions during recruiting process relating to: National/ethnic origin Sex and sexual orientation Morals Age Family situation State of health, disability and genetic characteristics Political opinions Labor union activities Religious beliefs Pregnancy 10 5

9 June 13 France (2) CNIL s guidance on privacy in the workplace (February 2013): Personal data collected during recruitment process only used to evaluate candidate/take hiring decision Candidates social security numbers, information about their family, parents, friends, political opinions, or trade union membership must not be collected Candidates must be provided with information about personal data collected and purposes; data must not be collected using any system that has not been notified to candidate Access to candidate data must be limited 11 Finland Act on Protection of Privacy in Working Life: Employee must be primary source of information related to him Employer may not conduct background checks without applicant s consent unless necessary for employment relationship Act on Background Checks: Allows more extensive processing for applicants for jobs in airports, power plants, telecommunications centres and certain authorities Data Protection Ombudsman issued opinion expressly prohibiting employers from obtaining information on an applicant from the Internet without applicant s prior consent 12 6

10 June 13 Poland Right to respect for private life (Article 47 of the Constitution) Article 22 of Polish Labour Code contains list of data that may be requested from applicants Even if applicant specifically and expressly consents to collection of additional data, consent is not sufficient Paragraph 1 of Ordinance of Minister of Labour and Social Policy regarding documentation in employment relationship matters specifies documents that may be requested from applicants 13 Carlos García-Mauriño Oracle Corporation Madrid

11 June 13 Background checks the view from a Data Processor Global and regional Security standards and best practices require BCs to be performed by Companies on their employees (and contractors) - ISO 27001/ISO (Section 8) - PCI DSS (Requirement 12.7) - UK Financial Services Authority (2008 Report) - Cloud Computing recommendations (De-BSI, ENISA) Two extremes Vendor will ensure that its employees with access to customer data have undergone appropriate BCs vs the fullest practicable use shall be made of the technique of background investigation. Background checks the view from a Data Processor UK ICO Do not vet workers just because a customer for your products or services imposes a condition requiring you to do so, unless you can satisfy yourself that the condition is justified. Golden rule - Always free, specific and informed consent required from employee. No retaliation in case of refusal. Challenges - obtaining assurances from customer vs. business pressure - specific requirements from customers vs internal policies (e.g. drug testing) - approvals of Workers Councils 8

12 June 13 Background checks the view from a Data Processor Scenario A - Customer (Commercial) manages the process - Vendor does not get the specific results. Employee provides info directly to the Customer. - Need to receive assurances from Customer about proper handling. Scenario B - Customer (Public Sector) manages the process ( Security Clearances ) - Extremely invasive. - Required by law. - Imposes strict obligations / liabilities) directly on employee. Privacy issues in Online Recruitment Recruiting has evolved: - From reactive (job postings) to proactive sourcing. - From niche Recruitment solutions to integrated Talent Management tools. - From Local to truly Global. - Technology allows for collection and analysis of Candidates information in multiple new ways. 9

13 June 13 Privacy issues in Online Recruitment Recruitment goes Social (and Mobile and Geospatial) - Employee referrals, through their own social networks, is the Holy Grail. - Collection of Candidates public information through Social Media. - Apps optimized for for tablets and smartphones (BYOD). - Mobile location linked to the Recruitment tool: know which potential candidates are close to you now. Privacy issues in Online Recruitment Recruitment in the Cloud - Most of the most successful e-recruitment solutions are in the Cloud - As with any other Cloud service, Customers need to discuss with their vendors: Security Data location and subcontracting Exercise of Candidates rights to access/rectify/delete Data return upon termination of the services 10

14 June 13 Privacy issues in Online Recruitment Recruitment and Big Data - Companies and Recruiting companies can amass information of hundreds of thousands of Candidates - This information can be shared and analyzed to detect trends - Is true anonymization possible in this context? - Can Big Data be used to reject upfront certain Candidates? Privacy issues in Online Recruitment Recruitment and the ecosystem of Processors - Recruitment is no longer a one-company show - Core solutions are integrated with the solutions of dozens of niche service providers (e.g. Background checks) - Niche Service Providers subprocessors or processors? 11

15 June 13 Privacy issues in Online Recruitment Recommendation - Find out what your Recruiters are doing and make sure that your Privacy Policy is up to date. - Many of these features are beneficial for the Candidate, so ensure that he/she understands and agrees upfront. - Avoid automated decisions (Section 15.1 Directive 95/46): Member States shall grant the right to every person not to be subject to a decision which produces legal effects concerning him or significantly affects him and which is based solely on automated processing of data intended to evaluate certain personal aspects relating to him, such as his performance at work, creditworthiness, reliability, conduct, etc. Social Media Developments by Christine Lyon 12 June 2013 Presented By 2013 Morrison & Foerster LLP All Rights Reserved mofo.com 12

16 June 13 Merging of Personal and Work Social Media Employers initial areas of focus: Personal use of company-owned devices Personal activity during work time Statements that appear to be made on company s behalf Now expanding concerns about all social media activity Company-owned or personal devices Work time or after hours Personal opinions or statements affecting the company Desire to regulate employees off-duty social media activity may conflict with employees protected rights 25 Employer Control Over Social Media Activity During Work Hours or Using Company Resources External Postings on Behalf of Company Off-Duty Using Personal Device 13

17 June 13 Limitations on Employer Access to Personal Social Media U.S.: Growing number of states prohibit employers from asking applicants or employees to provide access to personal social media accounts Stored Communications Act Common law reasonable expectation of privacy analysis International: Data protection laws requiring notice and a lawful basis for monitoring Regulators cautioning employers about seeking access to personal social media 27 Restrictions on Employer Use of Social Media Complex interplay of privacy and employment laws Laws limiting an employer s ability to take action based on information revealed by personal postings, such as: Political or religious beliefs Sexual orientation Trade union membership Medical condition, family medical history Off-duty alcohol or tobacco use Other lawful off-duty conduct Laws restricting an employer s ability to regulate off-duty social media activity Example: U.S. social media cases under the National Labor Relations Act (NLRA) 28 14

18 June 13 Best Practices for Handling Employee Social Media Use Limit the inspection or use of personal social media in hiring or employment decisions Train HR and internal audit to understand legal restrictions on use of personal social media in investigations Develop a social media policy Train employees about appropriate use of social media 29 Bring Your Own Device Implications for Your Business by Karin Retzer 2013 Morrison & Foerster LLP All Rights Reserved mofo.com 15

19 June 13 Advantages Convenience for all Reduced device/end point hardware costs Reduced operational support costs Greater employee flexibility and mobility Increased employee productivity Increased employee satisfaction 31 Challenges Legal and regulatory compliance Privacy and data security Commingled data Higher risk of infection Theft or loss of devices &/or (company) data + cybercrime Employee monitoring issues Incompatibility issues Labor law issues IP rights/data ownership and recovery Licensing implications Insurance implications Investigation and litigation 32 16

20 June 13 ICO Guidance Highlights the following risks: Data security breaches by loss, theft or unauthorized access (including by family members) Unauthorized secondary use of personal data General blurring of professional and private use of data Increased or unintended employee monitoring Loss of control over where and how data is stored and processed Lack of ownership and control over the device 33 ICO Guidance II How to mitigate the risks: Carry out BYOD audit Develop policy (department collaboration involve IT, HR, finance, legal, etc.): oidentification of data to be processed on the device opermitted types of storage media, apps and software osecurity procedures (PIN codes, passwords, etc.) oinformation on procedures for end of employment contract (including consequences of (remotely) wiping company data from the device) Implement appropriate security measures: opin codes, strong passwords, high level encryption, encrypted channels for data transfers, ring-fencing of data and automatic locking of devices opublic clouds should be used with extreme caution, if at all (heighten risk of interception by the cloud provider and foreign law enforcement authorities) Ensure control over the data and the device: oremote management of the device (including wiping/deleting if breached) oconsider geolocation tracking (if lost or stolen) 34 17

21 June 13 BSI Guidance Technical measures to be implemented: Clear separation of private and professional data Storage of business data on servers and not on the devices Access to business data through secure network, ensuring employer access (e.g., thin client technology or VPN) Encryption of data when in transit, as well as of all business data stored on devices Prohibit the use of rooting or jail breaking devices Ensure regular backup and archiving of information Implement automated security scans Technical measures are insufficient, must be supported by organizational measures: Clear BYOD policy in place; and Written agreement with employees. 35 BSI Guidance II Security measures to be included in the agreements: Classification of employees eligible for BYOD programs Restrictions on the types of devices and operation systems permitted Access to company network only through restricted channels Storage of business data only on servers and not on devices Clear establishment of rules for employees that require: oimplementation of anti-virus software ostrong passwords osynchronization of data sources oprocedures for reporting lost or stolen devices osafe return of data upon termination of employment Employees should be made aware that in the case of a security breach, personal data/information may be lost if a device needs to be wiped clean

22 June 13 ANSSI Guidance Recommendations on security for mobile devices: Recommendations for company-issued devices used to process company information, which may include personal data Existing security measures not sufficient Personal use of professional devices creates higher security risk Recommendations not applicable to BYOD policies BYOD not advised problematic If BYOD is used, companies should: Apply dedicated security measures for BYOD Ensure that professional and personal usage is clearly separated in closed environments Be vigilant about different security solutions available on the market Consider existing ANSSI recommendations and certification in areas such as WiFi, passwords, information security architecture and encryption (see next slide) 37 Where to Start Prior to developing your BYOD strategy, consider: Company security requirements & risk management strategies and existing BYOD use understand your risks and needs; involve all departments; and investigate the company situation first Local legal and regulatory requirements (e.g., Works Council approval) How to ensure compliance with applicable industry standards and other existing company policies Which terms and conditions have to be met, i.e., implemented into a BYOD policy Whether the conditions are too restrictive/unacceptable for your employees Licensing implications: do your company software licenses allow personal devices to access virtual desktop? Obtain necessary license extensions Insurance implications: does your insurance cover use of devices owned by employees for work purposes? Obtain necessary coverage Make the use of BYOD voluntary Develop a written policy and give clear notice to employees Obtain agreement to the policy prior to allowing network access 38 19

23 June 13 What to Include in Your BYOD Policy Identify devices that may be used Identify applications that may be used Identify employees, departments and functions that qualify Decide how data will be accessed (e.g., by remote access or copying data onto the device in an encrypted sandbox ) Make clear that work materials have to remain segregated from personal files Require that all intellectual property created by an employee (whether at work or outside work) is owned by the company Explain which, if any, costs of using a personal device for work purposes are covered by the company (e.g., a percentage of the full-time employee s annual Internet service) 39 What to Include in Your BYOD Policy II Indicate how data must be protected: impose technical and organizational security standards on employees as a condition for network access (e.g., encryption, remote wipe, brick or block, anti-virus software and strong password if not passphrase). Indicate employee s obligation to report loss of any device and employer s right to wipe it. If applicable, explain that you will use geolocation applications to identify the device s location in case of theft or loss. Explain in the clearest terms the potential risks and consequences for the employees and their privacy. Whether or not employee s family members or friends will be able to use a device that is used for work purposes. Indicate what happens when employee leaves employment (e.g., further access will be prevented by revoking passwords or remotely deleting work data from the device)

24 June 13 What to Include in Your BYOD Policy III Refer to company monitoring and other relevant policies (e.g., use of social media) make clear that they still apply Indicate which sanctions may be expected for any policy violations Have employees agree to make their personal devices available if required for audits, investigations and incident response or litigation (discovery request) purposes Exclude company liability for any damage, data costs, corruption or deletion of data or software, loss of use or liability associated with the use of a personal device for company reasons 41 Policy is Ready Now What? Enforce your policy Stay on top of things perform regular audits and Privacy Impact Assessments Review your policy regularly it needs to be kept up-to-date with changes in technology and local laws and regulations Educate and train your staff regularly 42 21

25 June 13 Reading Materials Guidance on Consumerization and Bring Your Own Device, German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik (BSI), 4 February 2013 (in German): https://www.bsi.bund.de/shareddocs/downloads/de/bsi/grundschutz/download/ Ueberblickspapier_BYOD_pdf.pdf? blob=publicationfile Guidance on Bring Your Own Device, ICO, 7 March 2013: cuments/library/data_protection/practical_application/ico_bring_your_own_device _byod_guidance.ashx YouGov survey commissioned by the Information Commissioner s Office (ICO), 2013: tection/research_and_reports/yougov_survey_processing_of_personal_info_on_p ersonal_devices_for_work_purposes.ashx 43 Reading Materials II Recommandations de sécurité relatives aux ordiphones, French Agency for the Security of Information Systems (ANSSI), 15 May 2013 (in French): Password Security Recommendations: (Recommandations de Securité Rélatives aux Mots de Passe) WiFi Security Recommendations: (Recommandations de Securité Rélatives aux Reseaux Wi-Fi) SANS Mobility/BYOD Security Survey, March 2012: Information Security Community, BYOD & Mobile Security Report, April 2013:

26 June 13 Thank you Karin Retzer Morrison & Foerster LLP Brussels Forthcoming DP Seminars Data Protection Masterclass Seminars dates for your diaries: 10 September 2013 Online Behavioural Advertising and Profiling 12 November 2013 FCPA (Foreign Corrupt Practices Act) 46 23

27 Tab 2 Speaker Biographies Data Protection Masterclass: Hot Topics in Employee Privacy and Technology

28 Attorney Bio Ann Bevitt Partner London Ann Bevitt is a UK-qualified partner and head of the London office s EU Privacy Group. Her practice covers all aspects of privacy and data security-related matters, both contentious and non-contentious. She assists clients develop strategies for managing their data that enable them to meet both their business objectives and their legal obligations. Ms. Bevitt has extensive expertise advising clients on international data protection and privacy issues, in particular with reference to the movement of personal data within and outside the EU, including in the context of cross-border litigation or regulatory investigations, and employee privacy issues. Ms. Bevitt regularly advises clients on multi-jurisdictional compliance projects, helping them to navigate their way through myriad local laws. She also assists clients in crafting internal policies governing the use of personal data, technology in the workplace, including BYOD, and social media, as well as external privacy policies for consumers. Ms. Bevitt works with a wide range of clients, including multinationals and large corporations, from a broad spectrum of industry sectors, including insurance; technology; banking and financial services; venture capital and private equity; recruitment and employment; biotechnology; pharmaceuticals; and hotel and leisure. Ms. Bevitt is a contributing author to Employee Privacy: Guide to U.S. and International Law published by BNA Books. She is also a sought after speaker on privacy topics and a frequent speaker at the major privacy conferences run by Privacy Laws & Business, Privacy & Data Protection and the International Association of Privacy Professionals. She is also quoted frequently in both the national and industry press. Ms. Bevitt is an active member of the International Association of Privacy Professionals and on the Publications Advisory Board. Ms. Bevitt has rights of audience in all civil courts and significant experience as an advocate. She was called to the Bar in 1992, after graduating from Oxford University in Ms. Bevitt practised as a barrister for seven years before qualifying as a solicitor in She joined Morrison & Foerster in June Ann Bevitt

29 Speaker biography Carlos Garcia-Mauriño Oracle Corporation Madrid Carlos Garcia-Mauriño is the EMEA Senior Legal Director Privacy & Security at Oracle Corporation. Carlos oversees Oracle s compliance efforts with national Data Privacy regulations in Europe, Middle East and Africa and is a key contributor to the design of the Oracle Global Privacy program. He trains and provides advice to the different Lines of Business and Commercial Legal Groups on data privacy and security aspects of Oracle s services portfolio (e.g. Cloud Computing) and provides strategic guidance to senior management on business decisions which might be affected by Data Privacy considerations. As part of his role, he frequently leads complex negotiations with corporate customers from different business sectors and regions. Prior to this, Carlos held several senior positions in the Oracle Legal Department, including the management of the Compliance & Ethics program for the EMEA Division. He is an attorney at law with expertise in data protection, IT law, commercial and contract law. Oracle Iberica S.R.L., C/José Echegaray, 6, Las Rozas, Madrid, Spain

30 Attorney Bio Christine E. Lyon Partner Palo Alto (650) Christine Lyon s practice focuses on privacy and employment law. Ms. Lyon assists clients in developing global strategies to comply with laws regulating the collection, use, disclosure, and transfer of personal information about their customers and employees. She also advises clients about privacy issues in cloud computing and social media, security breach notification requirements, laws regulating the use of personal data for direct marketing purposes, and workplace privacy issues. Ms. Lyon counsels clients regarding all aspects of employment law, including compliance with California and federal employment laws, investigations of workplace complaints, and reductions in force. She regularly assists clients with multinational employment issues related to mergers and acquisitions, outsourcing transactions, and corporate restructuring. Legal 500 US 2012 recommends Ms. Lyon as a rising star in the area of privacy and data protection. She frequently writes and speaks on the topics of global data protection laws, workplace privacy issues, and data security laws. She is a co-editor of Global Employee Privacy and Data Security Law (BNA Books, 2011) and a member of the editorial board of the World Data Protection Report. Education University of Iowa (B.A., 1996) Stanford Law School (J.D., 1999) Christine E. Lyon

31 Attorney Bio Karin Retzer Partner Brussels Karin Retzer s practice focuses on the data protection, privacy and security as well as marketing. Ms. Retzer assists clients with privacy and data security compliance and risk management, involving both national and international multi-jurisdictional dimensions. She advises on questions regarding data transfers, the handling of information in shared service centers and sourcing transactions, regulatory investigations, ediscovery, breach notification, and the use of and the Internet in the workplace. She has drafted privacy policies and guidelines, notices, agreements for data list management, and data transfer and processing contracts for dozens of multinational clients. She also assists clients in their dealings with data protection authorities, developing appropriate responses to requests for information and complaints, and provides legislative and policy advice to clients. Ms. Retzer has particular expertise with regard to the implications of legislative restrictions for online tracking, analytics, and personalization of Internet content, behavioural advertising, and direct marketing communications. She regularly advises clients on the use of location data gathered through smart phones and location-based services. In addition, Ms. Retzer advises clients on issues relating to electronic commerce, such as online terms of use, the requirements for online contracts, disclosure obligations, liability for website content, and the legal aspects of online auction sites. She has developed template agreements and negotiated complex commercial agreements for many clients, counseling them not only with respect to legal ramifications, but also taking into account applicable business and technical considerations. Her work spans a wide range of industry sectors. Clients include internationally renowned consumer product companies, financial services organizations, technology and telecommunications providers as well as clients in the advertising, hospitality, media and entertainment, healthcare, pharmaceutical, and retail industries. Prior to joining Morrison & Foerster, Ms. Retzer worked in Paris at the European headquarters of Sterling Commerce, a U.S. supplier of e-commerce products. From 1997 to 1998, Ms. Retzer worked at the European Commission, where she was involved mainly with examining and monitoring Member States' implementation of European Community directives. Ms. Retzer regularly writes for a wide variety of publications and is a contributing author in the publication, Employee Privacy: Guide to US and International Law. She is a member of the Munich bar and the Brussels EU bar, after studies in Regensburg (Germany), Utrecht (The Netherlands), and Munich (Germany). Ms. Retzer is fluent in German, English, and French and has a working knowledge of Dutch. She is a member of the International Association of Privacy Professionals, the German Association for Data Protection and Data Security, the Licensing Executives Society, and the Association for Industrial Property and Copyright Law. Karin Retzer

32 Attorney Bio Caroline Stakim Associate London Caroline Stakim is an associate in the London office of Morrison & Foerster and is a member of the firm s Employment and Labour Group. Ms. Stakim s practice focuses on employment law matters and employee privacy and data security law. Ms. Stakim advises senior management and human resources professionals on all aspects of employment law including employment documentation, policy, senior executive appointments and terminations, change programmes, employment disputes, post-termination restrictions, business immigration and strategic HR issues, often on a cross-jurisdictional basis. She also advises on the legal and tactical employee and privacy related issues arising in corporate transactions including mergers and acquisitions and restructurings and the application of the TUPE Regulations to outsourcing arrangements and solvent and insolvent business transfers. She also advises on questions regarding the collection, use and disclosure of employee data, cross-border employee data transfers; employee monitoring and surveillance; and privacy and the use of and the internet in the workplace. Ms. Stakim received her LL.B (Hons.) from the University of Glasgow in She was admitted to practice in Scotland in 2008 and in England and Wales in She is a member of the Employment Lawyers Association. Caroline Stakim

"Bring Your Own Device" Brings its Own Challenges

Bring Your Own Device Brings its Own Challenges 6 June 2012 "Bring Your Own Device" Brings its Own Challenges By Susan McLean and Alistair Maughan The consumerisation of IT is the growing trend for information technology to emerge first in the consumer

More information

You re hired! Privacy issues when onboarding new employees. Ann Bevitt, Morrison & Foerster. John Gevertz, ADP. 19 April 2013 Presented By

You re hired! Privacy issues when onboarding new employees. Ann Bevitt, Morrison & Foerster. John Gevertz, ADP. 19 April 2013 Presented By 2012 Morrison & Foerster (UK) LLP All Rights Reserved mofo.com You re hired! Privacy issues when onboarding new employees Ann Bevitt, Morrison & Foerster 19 April 2013 Presented By John Gevertz, ADP Agenda

More information

BRING YOUR OWN DEVICE

BRING YOUR OWN DEVICE BRING YOUR OWN DEVICE Legal Analysis & Practical TIPs for an effective BYOD corporate Policy CONTENTS 1. What is BYOD? 2. Benefits and risks of BYOD in Europe 3. BYOD and existing Policies 4. Legal issues

More information

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com Cyber, PrivaCy & Data SeCurity 360 www.mpplaw.com about our PraCtiCe Data is the lifeblood of our global economy. Collected, stored and transmitted, digital data not only imparts great opportunities, but

More information

HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU

HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU 10 April 2014 Monica Salgado Advogada registered with the Portuguese Ordem dos Advogados Registered European Lawyer with the SRA Kirsti Laird Solicitor, (qualified

More information

www.bonddickinson.com Cyber Risks October 2014 2

www.bonddickinson.com Cyber Risks October 2014 2 www.bonddickinson.com Cyber Risks October 2014 2 Why this emerging sector matters Justin Tivey Legal Director T: +44(0)845 415 8128 E: justin.tivey The government estimates that the current cost of cyber-crime

More information

NORTHERN VIRGINIA. Hogan & Hartson LLP

NORTHERN VIRGINIA. Hogan & Hartson LLP NORTHERN VIRGINIA Hogan & Hartson LLP PRACTICE AREAS: Antitrust Business, Finance, and Tax Capital Markets Corporate and Securities Corporate Governance Estate Planning and Administration Government Contracts

More information

Data Protection Act 1998. Bring your own device (BYOD)

Data Protection Act 1998. Bring your own device (BYOD) Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...

More information

Hot Topics for Start-Up Companies in Global Employment Law and Equity Compensation

Hot Topics for Start-Up Companies in Global Employment Law and Equity Compensation Hot Topics for Start-Up Companies in Global Employment Law and Equity Compensation Austin HR Roundtable April 16, 2014 Ute Krudewagen, Partner, DLA Piper Dean Fealk, Partner, DLA Piper Agenda Common employment

More information

Bloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs

Bloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs Bloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs *This is a sample course catalog. BBNA is in the process of moving all of our recorded content on to our new platform. Not all

More information

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I.

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I. International Chamber of Commerce The world business organization Policy Statement Employee privacy, data protection and human resources Prepared by the Commission on E-Business, IT and Telecoms I. Introduction

More information

BYOD Privacy and Security in Europe

BYOD Privacy and Security in Europe BYOD Privacy and Security in Europe BYOD: Overview 2 BYOD Overview 38% of companies expect to stop providing electronic devices to their employees by 2016 (1) According to a 2013 survey conducted by Cisco,

More information

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),

More information

Guides & Advice. Our Employment Service

Guides & Advice. Our Employment Service Guides & Advice Our Employment Service Our Employment Team With a strong reputation in the region our Employment team provides expert advice to organisations and individuals on all aspects of the employment

More information

ALI-ABA Audio Seminar

ALI-ABA Audio Seminar ALI-ABA Audio Seminar Tiffany v. ebay: Roadmap for Avoiding Liability or Short Detour for Trademark Owners? August 6, 2008 Telephone Seminar/Audio Webcast PROGRAM SCHEDULE FACULTY PARTICIPANTS FACULTY

More information

pharmaceutical & biotechnology

pharmaceutical & biotechnology pharmaceutical & biotechnology Our specialist lawyers find practical solutions to legal problems and help pharma and biotech companies to operate and grow their businesses effectively and compliantly.

More information

Ethan J. Wall ASSOCIATE. Location: Miami Direct: 305.373.4050

Ethan J. Wall ASSOCIATE. Location: Miami Direct: 305.373.4050 Richman Greer Professional Association Ethan J. Wall RELATED PRACTICE AREAS ASSOCIATE Commercial and Complex Litigation Location: Miami Direct: 305.373.4050 Employment Law Intellectual Property Litigation

More information

Top Issues for Safeguarding Brand Reputation When Engaging In Social Media Activities

Top Issues for Safeguarding Brand Reputation When Engaging In Social Media Activities Top Issues for Safeguarding Brand Reputation When Engaging In Social Media By: Alan L. Friel, Akash Sachdeva, Jesse Brody and Jatinder Bahra Social media has changed the way people communicate, and enabled

More information

Summary of the Dutch Data Protection Authority s guidelines for the Data Breach Notification Act

Summary of the Dutch Data Protection Authority s guidelines for the Data Breach Notification Act Summary of the Dutch Data Protection Authority s guidelines for the Data Breach Notification Act On 1 January 2016, the Dutch Data Breach Notification Act will enter into force. The Dutch DPA issued Guidelines

More information

Our specialist insurance services for Professionals risks

Our specialist insurance services for Professionals risks Our specialist insurance services for Professionals risks Price Forbes & Partners is an independent Lloyd s broker based in the heart of London s insurance sector. We trade with all of the major international

More information

What is Cyber Security? Why work with us?

What is Cyber Security? Why work with us? & Cyber Security The threat: trojans, trap doors malware, packet sniffers, worms, viruses, hacking and denial of service. Physical security is insufficient protection against these new forms of threat.

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

New York Employment Law Update

New York Employment Law Update Recent Legislative Developments in New York State Regarding Reductions in Force and Criminal Conviction Records SUMMARY A number of new New York State statutes of significance to employers will soon become

More information

ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014.

ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014. ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014. The Rohit Group of Companies ( Rohit Group, Company, our, we ) understands

More information

Client Alert December 2011

Client Alert December 2011 Client Alert December 2011 In This Issue: Global Recruitment and Social Media Hiring Traps Global Trends The Americas Canada United States Latin America Europe France Germany United Kingdom Asia Pacific

More information

Practical Legal Aspects of BYOD

Practical Legal Aspects of BYOD Practical Legal Aspects of BYOD SESSION ID: LAW-F01 Lawrence Dietz General Counsel & Managing Director TalGlobal Corporation ldietz@talglobal.net +1 408 993 1300 http://psyopregiment.blogspot.com Francoise

More information

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister Presenter Miriam Wugmeister Morrison & Foerster LLP New York

More information

Ifrah Law Internet Advertising Practice

Ifrah Law Internet Advertising Practice IfrahLaw Hands-on Counsel, Gloves-off Litigation Ifrah Law Internet Advertising Practice About Ifrah Law Ifrah Law, headquartered a block from the White House in Washington, D.C., is a leading provider

More information

What is Cyber Security?

What is Cyber Security? & Cyber Security The threat: trojans, trap doors malware, packet sniffers, worms, viruses, hacking and denial of service. Physical security is insufficient protection against these new forms of threat.

More information

DEFINITIVE ADVICE PRACTICAL GUIDANCE POWERFUL ADVOCACY LLP

DEFINITIVE ADVICE PRACTICAL GUIDANCE POWERFUL ADVOCACY LLP European Funds Practice DEFINITIVE ADVICE PRACTICAL GUIDANCE POWERFUL ADVOCACY LLP European Funds Practice Dechert s international Financial Services Practice features an industry-leading group of experienced

More information

PARRY G. CAMERON, Senior Attorney

PARRY G. CAMERON, Senior Attorney Phone: 310.557.2009 Fax: 310.551.0283 Email: pcameron@tocounsel.com Parry Cameron has over twenty-three years experience in commercial and business litigation at both the trial and appellate levels. He

More information

Legal Considerations: Best Practice Overview. EMPLOYMENT GROUP: DLA Piper UK LLP

Legal Considerations: Best Practice Overview. EMPLOYMENT GROUP: DLA Piper UK LLP SENIOR EXECUTIVE ISSUES Legal Considerations: Best Practice Overview EMPLOYMENT GROUP: DLA Piper UK LLP Senior executives have a massive impact on all aspects of a business: from setting and delivering

More information

Data, Privacy, Cookies and the FTC in 2013. Kevin Stark - ExactTarget Maltie Maraj - ExactTarget Nicholas Merker - Ice Miller

Data, Privacy, Cookies and the FTC in 2013. Kevin Stark - ExactTarget Maltie Maraj - ExactTarget Nicholas Merker - Ice Miller Data, Privacy, Cookies and the FTC in 2013 Kevin Stark - ExactTarget Maltie Maraj - ExactTarget Nicholas Merker - Ice Miller BIOS Kevin Stark: Product Manager at ExactTarget. Focused on data security,

More information

what your business needs to do about the new HIPAA rules

what your business needs to do about the new HIPAA rules what your business needs to do about the new HIPAA rules Whether you are an employer that provides health insurance for your employees, a business in the growing health care industry, or a hospital or

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

Our Vendor Code of Conduct

Our Vendor Code of Conduct Our Vendor Code of Conduct Jones Lang LaSalle and LaSalle Investment Management Vendor Code of Conduct Copyright Jones Lang LaSalle IP, Inc. Ethics Everywhere Where we stand Jones Lang LaSalle stands for

More information

Field Fisher Waterhouse

Field Fisher Waterhouse Field Fisher Waterhouse Field Fisher Waterhouse is more than just a full-service European law firm. It s our ability to embrace change and to navigate and capitalise on the changing market that makes us

More information

Measurabl, Inc. Attn: Measurabl Support 1014 W Washington St, San Diego CA, 92103 +1 619.719.1716

Measurabl, Inc. Attn: Measurabl Support 1014 W Washington St, San Diego CA, 92103 +1 619.719.1716 Measurabl, Inc. ( Company ) is committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data (as defined below) we collect from

More information

UNIVERSAL INSURANCE HOLDINGS, INC. CODE OF BUSINESS CONDUCT AND ETHICS. Revised as of March 3, 2014

UNIVERSAL INSURANCE HOLDINGS, INC. CODE OF BUSINESS CONDUCT AND ETHICS. Revised as of March 3, 2014 I. Statement of Policy UNIVERSAL INSURANCE HOLDINGS, INC. CODE OF BUSINESS CONDUCT AND ETHICS Revised as of March 3, 2014 Universal Insurance Holdings, Inc. ( UIH ) and its subsidiaries (collectively,

More information

APEC General Elements of Effective Voluntary Corporate Compliance Programs

APEC General Elements of Effective Voluntary Corporate Compliance Programs 2014/CSOM/041 Agenda Item: 3 APEC General Elements of Effective Voluntary Corporate Compliance Programs Purpose: Consideration Submitted by: United States Concluding Senior Officials Meeting Beijing, China

More information

SEC s Proposed Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Employers. November 12, 2010

SEC s Proposed Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Employers. November 12, 2010 SEC s Proposed Rules for Implementing Dodd-Frank Whistleblower Provisions: Important Implications for Employers November 12, 2010 The Securities and Exchange Commission (SEC) has proposed rules to implement

More information

MoFo Seminar Series. Data Protection London Masterclass: Privacy in the Cloud

MoFo Seminar Series. Data Protection London Masterclass: Privacy in the Cloud MoFo Seminar Series Data Protection London Masterclass: Privacy in the Cloud London 22 January 2013 MoFo Seminar. Data Protection Masterclass: Privacy in the Cloud Table of Contents Presentation... 1 Speaker

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

Legal Ethics in the Information Age: Unique Data Privacy Issues Faced by Law Firms. v2.18.11, rev

Legal Ethics in the Information Age: Unique Data Privacy Issues Faced by Law Firms. v2.18.11, rev Legal Ethics in the Information Age: Unique Data Privacy Issues Faced by Law Firms v2.18.11, rev 1 Presenters Joseph DeMarco, Partner DeVore & DeMarco, LLP Lauren Shy, Assistant General Counsel Fragomen,

More information

Law & Ethics, Policies & Guidelines, and Security Awareness

Law & Ethics, Policies & Guidelines, and Security Awareness Law & Ethics, Policies & Guidelines, and Security Awareness Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of

More information

FRANCE. Chapter XX OVERVIEW

FRANCE. Chapter XX OVERVIEW Chapter XX FRANCE Merav Griguer 1 I OVERVIEW France has an omnibus privacy, data protection and cybersecurity framework law. As a member of the European Union, France has implemented the EU Data Protection

More information

The Art of Constructing Global Whistleblowing Programmes

The Art of Constructing Global Whistleblowing Programmes The Art of Constructing Global Whistleblowing Programmes Mark E. Schreiber Chair, Privacy & Data Protection Group Steering Committee Edwards Wildman Palmer LLP 111 Huntington Avenue Boston, MA 02199 617-239-0585

More information

PLEASE NOTE: THIS POLICY WILL END EFFECTIVE NOVEMBER 10, 2013 AND WILL BE REPLACED BY THE INTERACTIVE RESOLUTION POLICY ON NOVEMBER 11, 2013.

PLEASE NOTE: THIS POLICY WILL END EFFECTIVE NOVEMBER 10, 2013 AND WILL BE REPLACED BY THE INTERACTIVE RESOLUTION POLICY ON NOVEMBER 11, 2013. PLEASE NOTE: THIS POLICY WILL END EFFECTIVE NOVEMBER 10, 2013 AND WILL BE REPLACED BY THE INTERACTIVE RESOLUTION POLICY ON NOVEMBER 11, 2013. TOYOTA ASSOCIATE DISPUTE RESOLUTION ( T-ADR ): Summary Description

More information

INTERNATIONAL EMPLOYMENT GROUP. Employment Services in Oman

INTERNATIONAL EMPLOYMENT GROUP. Employment Services in Oman INTERNATIONAL EMPLOYMENT GROUP Employment Services in Oman We continue to recommend them to others because of their strength in dealing with detail CHAMBERS GLOBAL 2015 10-5112821-9 0 Addleshaw Goddard's

More information

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act International Life Sciences Arbitration Health Industry Alert If you have questions or would like additional information on the material covered in this Alert, please contact the author: Brad M. Rostolsky

More information

DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT

DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT Advisor Article DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT By James R. Carroll, David S. Clancy and Christopher G. Clark* Skadden, Arps, Slate, Meagher & Flom Customer data security

More information

EADS-NA Code of Ethics

EADS-NA Code of Ethics Page: 1 of 7 EADS-NA Code of Ethics Introduction The Company demands high ethical standards of conduct from its directors, employees, and agents and will conduct its business with honesty, integrity, and

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007 Linde Integrity Line Process and Data Protection Policy 1 July 2007 Page 2 of 10 Table of Contents Preamble 3 1 Scope of application 3 2 Definitions 3 3 Submitting Reports Regular Channels 3 4 Submitting

More information

False Claims Laws: What Every Public Contract Manager Needs to Know By Aaron P. Silberman 1

False Claims Laws: What Every Public Contract Manager Needs to Know By Aaron P. Silberman 1 False Claims Laws: What Every Public Contract Manager Needs to Know By Aaron P. Silberman 1 When Do False Claims Laws Apply? The federal False Claims Act (FCA) applies to any requests for payment from

More information

Setting BYOD Policy: A New Partnership for IT and HR

Setting BYOD Policy: A New Partnership for IT and HR Introduction As the line between office and home life continues to blur, employees increasingly rely on their own smartphones, tablets, and laptop computers for work-related tasks. Today, more than 70

More information

ASSOCIATION OF PERSONAL INJURY LAWYERS SCOTLAND Standard of competence for Litigators

ASSOCIATION OF PERSONAL INJURY LAWYERS SCOTLAND Standard of competence for Litigators ASSOCIATION OF PERSONAL INJURY LAWYERS SCOTLAND Standard of competence for Litigators INTRODUCTION Standards of occupational competence Standards of occupational competence are widely used in many fields

More information

SOFTWARE DEVELOPMENT IN RUSSIA: KEY LEGAL ISSUES

SOFTWARE DEVELOPMENT IN RUSSIA: KEY LEGAL ISSUES SOFTWARE DEVELOPMENT IN RUSSIA: KEY LEGAL ISSUES presenters Brian Zimbler Anastasia Dergacheva May 31, 2016 2016 Morgan, Lewis & Bockius LLP Summary Commercial Background Employment Law Intellectual Property

More information

White Collar Criminal Defense, Internal Investigations & Corporate Compliance

White Collar Criminal Defense, Internal Investigations & Corporate Compliance Butzel Long :: Practice :: Practice Teams :: White Collar Criminal Defense, Internal Investigations & Corporate Compliance Team Contacts David F. DuMouchel Related Lawyers George B. Donnini Damien DuMouchel

More information

Nancy L. Abell. Los Angeles. Practice Areas. Admissions. Education. Partner, Employment Law Department nancyabell@paulhastings.com

Nancy L. Abell. Los Angeles. Practice Areas. Admissions. Education. Partner, Employment Law Department nancyabell@paulhastings.com Nancy L. Abell Partner, Employment Law Department nancyabell@paulhastings.com Nancy Abell is a partner in the Employment Law Department of Paul Hastings. She previously served as the global chair of the

More information

Overview of Employment and Employee Privacy Laws and Key Trends in Austria

Overview of Employment and Employee Privacy Laws and Key Trends in Austria P a g e 1 Privacy Interviews with Experts August 2011 Toronto / Washington DC / Brussels www.nymity.com Rainer Knyrim Attorney and Partner Preslmayr Attorneys at Law Vienna, Austria Overview of Employment

More information

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015

Multi-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015 Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.

More information

Human Resources Policies and Procedures

Human Resources Policies and Procedures SUBJECT: Social Media and Internet Policy PURPOSE The AppleOne Group of Companies ( AppleOne ) recognizes the fast-changing landscape of the Internet which has increased the popularity of social media

More information

the paris office Elizabeth Naud and Luc Poux, architects

the paris office Elizabeth Naud and Luc Poux, architects the paris office Elizabeth Naud and Luc Poux, architects dllp Our commitment is to be the definitive source of practical advisory services and our clients most powerful advocates. DECHERT LLP In-depth

More information

Response to the European Commission consultation on. European Data Protection Legal Framework

Response to the European Commission consultation on. European Data Protection Legal Framework Response to the European Commission consultation on European Data Protection Legal Framework A submission by Acxiom (ID number 02737212854-67) Correspondence Address: Martin-Behaim-Straße 12, 63263 Neu-Isenburg,

More information

Big Data for Law Firms DAMIAN BLACKBURN

Big Data for Law Firms DAMIAN BLACKBURN Big Data for Law Firms DAMIAN BLACKBURN PUBLISHED BY IN ASSOCIATION WITH Big data means big business By Simon Briskman, partner, technology & outsourcing group, Field Fisher Waterhouse LLP BIG DATA is

More information

Data Protection Policy.

Data Protection Policy. Data Protection Policy. Data Protection Policy Foreword 2 Foreword Ladies and Gentlemen, In the information age, we offer customers the means to be always connected, even in their cars. This requires data

More information

Troy Cablevision, Inc. Subscriber Privacy Policy

Troy Cablevision, Inc. Subscriber Privacy Policy Troy Cablevision, Inc. Subscriber Privacy Policy Troy Cablevision, Inc. ( Troy Cable ) is committed to protecting and securely maintaining our customers privacy. The following privacy policy applies to

More information

Toll Manufacturing Transactions: Trade Secret and IP Protection

Toll Manufacturing Transactions: Trade Secret and IP Protection Toll Manufacturing Transactions: Trade Secret and IP Protection Bruce Goldner and Jonathan Hillel, Skadden, Arps, Slate, Meagher & Flom LLP, with PLC Intellectual Property & Technology A Practice Note

More information

Global Information Technology & Communications 2012. Global Privacy and Data Protection

Global Information Technology & Communications 2012. Global Privacy and Data Protection Global Information Technology & Communications 2012 Global Privacy and Data Protection Contents 1. Leading Global Privacy and Information Management Practice 2. Privacy and Data Protection 3. Sound and

More information

BRIGHAM AND WOMEN S HOSPITAL

BRIGHAM AND WOMEN S HOSPITAL BRIGHAM AND WOMEN S HOSPITAL HUMAN RESOURCES POLICIES AND PROCEDURES SUBJECT: SOCIAL MEDIA, ELECTRONIC COMMUNICATION and ACCEPTABLE USE POLICY #: HR-503 EFFECTIVE DATE: January 1, 2008 POLICY This policy

More information

BYOD for 501(c)s: Pros and Perils of Bring Your Own Device

BYOD for 501(c)s: Pros and Perils of Bring Your Own Device BYOD for 501(c)s: Pros and Perils of Bring Your Own Device April 3, 2014, 2:00 p.m. ET Moderator: Jeffrey S. Tenenbaum, Esq., Venable LLP Panelists: Ronald W. Taylor, Esq., Venable LLP Armand J. (A.J.)

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

USING LAWYERS IN HONG KONG

USING LAWYERS IN HONG KONG USING LAWYERS IN HONG KONG This Guide deals in general terms with using lawyers in Hong Kong. It aims to help a seafarer understand the legal profession in Hong Kong, and how to select, engage and if need

More information

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries

Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.

More information

Boys and Girls Clubs of Kawartha Lakes B: Administration B4: Information Management & Policy: Privacy & Consent Technology

Boys and Girls Clubs of Kawartha Lakes B: Administration B4: Information Management & Policy: Privacy & Consent Technology Effective: Feb 18, 2015 Executive Director Replaces: 2010 Policy Page 1 of 5 REFERENCE: HIGH FIVE 1.4.3, 2.2.4, 2.5.3, PIDEDA POLICY: Our Commitment Boys and Girls Clubs of Kawartha Lakes (BGCKL) and the

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Privacy & Data Security: The Future of the US-EU Safe Harbor

Privacy & Data Security: The Future of the US-EU Safe Harbor Privacy & Data Security: The Future of the US-EU Safe Harbor NAOMI MCBRIDE, LISA J. SOTTO AND BRIDGET TREACY, HUNTON & WILLIAMS LLP, WITH PRACTICAL LAW US INTELLECTUAL PROPERTY & TECHNOLOGY AND UK IP&IT

More information

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012 Presentation by: Dr. Nathalie Moreno Partner Cloud Computing and Data Protection: an Update 4 October 2012 Our team Speechly Bircham is an ambitious, international mid-size fullservice law firm head-quartered

More information

Corporate Policy. Data Protection for Data of Customers & Partners.

Corporate Policy. Data Protection for Data of Customers & Partners. Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing

More information

Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten. MHC.ie

Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten. MHC.ie Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten MHC.ie Rewriting the Past Oisin Tobin otobin@mhc.ie Agenda 1. Background 2. Findings and impact: a) Jurisdiction b) A

More information

Corporate Reputation Management Vs. Employee Privacy

Corporate Reputation Management Vs. Employee Privacy Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Corporate Reputation Management Vs. Employee Privacy

More information

Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns. Privacy and Information Management Practice / Washington, DC

Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns. Privacy and Information Management Practice / Washington, DC Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns Privacy and Information Management Practice / Washington, DC Disclaimer THIS PRESENTATION IS TO ASSIST IN A GENERAL

More information

Information Management Compliance and Data protection.

Information Management Compliance and Data protection. Information Management Compliance and Data protection. Technology, Media & Telecommunications Information is the life blood of every business. Yet how you use that information is increasingly regulated.

More information

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved.

Align Technology. Data Protection Binding Corporate Rules Controller Policy. 2014 Align Technology, Inc. All rights reserved. Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION

More information

Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws

Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws 16 January 2014 Robert Bond, CCEP Partner and Notary Public Our Team Speechly Bircham is an ambitious, full-service

More information

Information for registrants. What happens if a concern is raised about me?

Information for registrants. What happens if a concern is raised about me? Information for registrants What happens if a concern is raised about me? Contents About this brochure 1 What is fitness to practise? 1 What can I expect from you? 3 How are fitness to practise concerns

More information

Mobile Devices in the Workplace: What Every Employer Needs to Know

Mobile Devices in the Workplace: What Every Employer Needs to Know Mobile Devices in the Workplace: What Every Employer Needs to Know Presented by: Shannon Huygens Paliotta Senior Associate, Littler Mendelson, P.C. spaliotta@littler.com (412) 201-7631 Marcy McGovern Knowledge

More information

1. What information do we collect?

1. What information do we collect? CHURNSPOTTER.IO PRIVACY POLICY Last updated: February 03, 2015 Welcome to the http://churnspotter.io Web site (the Site ) owned by PREDICSIS S.A.S, a corporation organized and existing under the laws of

More information

Employment. Immigration India. wfw.com. Transport Real estate ICT. Finance & investment. Maritime Energy Natural resources

Employment. Immigration India. wfw.com. Transport Real estate ICT. Finance & investment. Maritime Energy Natural resources Employment and Immigration India Finance & investment Maritime Energy Natural resources Transport Real estate ICT Corporate Finance Tax Dispute resolution Employment Regulatory New York Paris Hamburg Munich

More information

Understanding Your Ethics & Code of Conduct Training Requirements. May 29, 2008

Understanding Your Ethics & Code of Conduct Training Requirements. May 29, 2008 Understanding Your Ethics & Code of Conduct Training Requirements May 29, 2008 Shanti Atkins, Esq. President & CEO of ELT. Specialist in online ethics and legal compliance training. Advises clients across

More information

Training Sessions for Clients. UNITED STATES CANADA MEXICO POLAND CHINA millercanfield.com

Training Sessions for Clients. UNITED STATES CANADA MEXICO POLAND CHINA millercanfield.com Training Sessions for Clients UNITED STATES CANADA MEXICO POLAND CHINA millercanfield.com Product Liability This session offers an essential overview of what every manufacturer needs to know. Basics of

More information

Social Networking, Privacy, and Employee Speech in the Workplace

Social Networking, Privacy, and Employee Speech in the Workplace Social Networking, Privacy, and Employee Speech in the Workplace PRESENTED BY Pam Salgado (206) 521-6406 Pam.Salgado@Bullivant.com Katherine Somervell (503) 499-4454 Katherine.Somervell@Bullivant.com Brian

More information

Bring Your Own Device Security and Privacy Legal Risks

Bring Your Own Device Security and Privacy Legal Risks Bring Your Own Device Security and Privacy Legal Risks Introduction Information Law Group, LLP National boutique firm with focus on information law Experienced, nationally-recognized privacy, technology,

More information

privacy and credit reporting policy.

privacy and credit reporting policy. privacy and credit reporting policy. ME, we, us or our refers to Members Equity Bank Ltd and its subsidiary ME Portfolio Management Ltd. about ME Every Australian deserves to get the most out of their

More information

Latin America Practice Overview

Latin America Practice Overview Latin America Practice Overview Pillsbury Winthrop Shaw Pittman LLP www.pillsburylaw.com Latin America Practice Pillsbury Winthrop Shaw Pittman LLP Overview Decades of Experience in Latin America Pillsbury

More information

Employment Law Guide

Employment Law Guide Employment Law Guide Settlement Agreements (Formally known as Compromise Agreements) See the separate guide. Unfair Dismissal Length of employment Employees can only bring a claim for ordinary unfair dismissal

More information

Brand Management Services

Brand Management Services Brand Management Services About Bird & Bird Since 1898 Bird & Bird has led the way in protecting the ideas that have made some of the world s greatest brands successful. It s the firm s excellence in client

More information

Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011

Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011 Presenter Russell Rusty Weiss Partner

More information