Presented by: Jason C. Gavejian
|
|
- Terence Rodgers
- 8 years ago
- Views:
Transcription
1 2014 Jackson Lewis P.C. Presented by: Jason C. Gavejian Shareholder, Morristown Office Jackson Lewis P.C.
2 Mobile phones Tablets ipads Laptops Non-company owned PCs USB sticks External hard drives Cloud-based storage (e.g., Drop Box) 2
3 Global Survey by International Data Group Global Solutions of mobile device users from March to May 2013: 41% use their private smartphone for business. 37% use their tablet. 47% of the respondents who did not currently have a tablet said they planned to purchase one in the next year. 3
4 Gartner predicts that 38% of companies will stop providing devices to workers by By 2017, half of employers will require employees to provide their own devices. Source: 4
5 Bring Your Own Device. Employees utilize these devices to perform work for you: Whether company provided or employee s personal device. Result: dual-use device: Both personal and company data and activity. Handling personal matters while at work more difficult to monitor. Why allow it? You may not have a choice! 5
6 Expected in today s fast paced and instant gratification environment: Tablets and smartphones are replacing traditional PCs & laptops. Cost savings: Is it really? Security; Reimbursement, Internal Service, & Risk of lost devices. Less bargaining power in cellular and data plans. Improves employee productivity and availability: Always reachable, employees are familiar with device functions and capabilities. 6
7 7
8 Mobility: Work remotely: Home and on the road. Work/life balance: Good Technology survey: 76% of enterprises support BYOD; 80% of people continue working when leave the office; 7 extra hours/week = 365 hours/year; 50% check work in bed; 38% at dinner table; 57% on family outings. Personalization/familiarity: Employees know their devices. Choice: Eliminate the need for two devices. Allow employees to choose own device. 8
9 9
10 10
11 What are the potential problems with allowing employees access to company on their personal mobile devices? What technical controls can I put in place to minimize those risks? What can I do to limit the company s liability? 11
12 Problems: Upgrades: Too fast for Company to keep up. Data stored on mobile/personal devices not owned by the Company: Corporate information and trade secrets; Personal information of employees and/or customers. Mixing of personal and corporate data. Malicious software attacks. Compliance risks: HIPAA; Encryption (MA & NV); Client demands; e-discovery. Data Loss 12
13 Lost or stolen devices. Consultants using their own PCs to access your internal network. Employees uploading sensitive data to document sharing sites (dropbox.com, etc.). Sales teams copying customer lists to their USB before they leave the company. Employees ing themselves, or others, company information. Accessing company on their own personal iphone or other mobile device. Employees accessing company webmail from their home PC (downloading attachments). Employees upgrading to a new mobile device (discarding of the old). 13
14 Information loss. Financial loss. Public relations. Negative publicity. Loss in customer confidence. A couple of statistics reported by Cisco Systems in their Whitepaper titled Data Leakage Worldwide: Common Risks and Mistakes Employees Make: 46 % of employees admitted to transferring files between work and personal computers when working from home. 13 % of those who work from home admit that they cannot connect to their corporate networks, so they send business to customers, partners, and co-workers via their personal . 43% of Employees have accessed sensitive corporate data on personal device while using an unsecured public network. Osterman Research
15 Compliance requirements Federal Trade Commission Section 5, Data disposal rule, etc. HIPAA (covered entities, business associates) State law data security compliance (e.g., CA, CT, FL, MA, MD, OR) New Florida law Sec : Each covered entity, governmental entity, or third-party agent shall take reasonable measures to protect and secure data in electronic form containing personal information. Encryption (MA & NV) e-discovery 15
16 Have a strategy. Limit BYOD To Certain Employees? Proxy Servers to control access to file-sharing web sites and personal accounts. Limit Types of Data Access, Stored, or Transmitted Data encryption. Anti-virus and spyware protection. MDM (Mobile Device Management) software and enforcement. Server access only. Segregated environment. 16
17 Legal Human Resources Finance Communication/Employee Relations Information Technology 17
18 Put employees on notice; consequences to employee should something happen. Make decisions about which devices, platforms, networks can be used. Clearly state company ownership of information. Company ability to access and control that information. Company ability to remove data from the device upon departure. Remote wipe/mdm (Mobile device management). 18
19 Eligibility: Eligibility requirements. Device support limitations. Risk and responsibilities. Access limitations: Role/Title/Geography. Applicability of other policies. 19
20 Conditions for reimbursement: Device purchase and/or replacement. Plans. Limitations (e.g. max amount). Substantiation of expenses. California requires reimbursement (Labor Code 2802) Cochran v. Schwan s Home Service, Inc., Court of Appeal of California, Second Appellate District, (August 12, 2014). employers always have to reimburse an employee for the reasonable expense (reasonable percentage of employee s cellphone bill) or the mandatory use of a personal cell phone 20
21 Security: Prohibit: Jail Breaking or Rooting. Modifications to device hardware or operating software beyond routine updates. Process and timing for reporting loss, theft, new device, unauthorized access, and cessation of employment: Breach Policy. Remote Wipe. Password and/or encryption requirements: Encryption required? Failed Login. 21
22 End-User (employee) support: Define what devices are supported. Define types of support provided: Applications, services, scenarios. Self-service. How to request support. 22
23 Data: Classify devices, users and data accessed. Clarify ownership of apps and data. Establish allowable apps and banned apps. Employee exit procedure. Monitoring: Balance the expectations of privacy: Reserve right to monitor. Voluntary acceptance of program. Explicit consent in writing. Notice postings (Walls, Login Screen, Homepage) (Required in Some States (CT & DE) City of Ontario v. Quon, 130 S.Ct (2010) 23
24 Policy Violations: Clear on consequences: Up to and including termination. May need to notify business partners. Guidelines on device configuration. Safety (e.g. vehicle use). Plan for breach. Develop process for litigation preservation, data deletion, device and security updates. Training. 24
25 Different throughout the world. EU most restrictive. Adapt for locations/countries. Encryption. Do you need to get possession of device? Storage card. Handling old devices destruction. Lowering expectation of privacy. Accessing truly personal information/content: Multiple accounts. GINA/Disability Information. Need to access device to update software; monitor up to date. Privileged communications. Stengart (N.J. Supreme Court) 25
26 E-Discovery Safety: Mobile device use and driving. Unions. Employee Conduct: Negligent hiring/supervision. Discrimination, harassment, retaliation. An employer may be held liable for an employee s wrongful acts if the employer knew or had reason to know of the risk the employment created. Doe v. XYC Corp., N.J. Super. 122 (2005) (Court found employer liable as it had duty to investigate and respond in case of alleged negligent supervision of employee who was criminally charged with child pornography using workplace computer.) e-discovery obligations: Preserving data in connection with litigations. 26
27 Tracking software/apps: Find My iphone: Features include tracking location, remote erase. Android Lost App: Features include viewing SMS messages, erasing SD card, taking remote pictures. mspy/webwatcher/keylogging/spyware: Monitor calls, track messages, read s, bugging, websites visited, keystrokes typed. 27
28 Tracking employees using GPS and/or phone tracking ability: Real-time updates. Streamline travel. Taking breaks? Tracking time? Generally, no expectation of privacy in employerowned phone, but what about BYOD phone? CT/DE Laws Ask yourself why are we doing this? What are the goals? 28
29 29
30 Tips: Create a GPS Tracking policy. No expectation of privacy in employer-owned property. Only monitor during work hours. Focus only on relevant information: Impacting job performance. Interferes with job performance. Ignore the visit to the AA meeting at lunch time 30
31 Cal. Penal Code Not limited to vehicles; requires employee consent Conn. Gen. Stat d Not limited to vehicles; must give written notice; must post notice of practice Del. Code Ann (a)(8) Limited to vehicles; cannot track without consent Minn St. 626a.35 Not limited to vehicles; requires consent Tex Penal Code Ann Limited to vehicles; cannot track without consent 31
32 Unauthorized use of, or access to, records or data containing personal information. Personal Information (PI) typically includes: First name or first initial and last name in combination with: Social Security Number Driver s Licenses or State identification number Account number or credit or debit card number in combination with access or security code Biometric Information (e.g. NC, NE, IA, WI) Medical Information (e.g. CA, VA) PI typically maintained where? Human Resources-Applications, FMLA, Disability, etc. Accounting-Payroll documents. Benefits-Health, Vision, Dental. 32
33 Loss, theft, improper access, inadvertent disclosure: The lost laptop/bag; Inadvertent access; Data inadvertently put in the garbage; Theft/intentional acts; Inadvertent attachment; Stressed software applications; Rogue employees; Remote access; Wireless networks; Peer to peer networks; Vendors. 33
34 Why does this matter? Fines, penalties, settlements: State Attorney Generals: Vary By State:» Multipliers: Michigan permits civil fines of not more than $250 per failure (each person), with a maximum of $750,000.» Length of notification delay: Florida imposes fines when notification is not provided within the statute s mandated time frame (30 days). Calculate the fine as $1,000 per day for the first 30 days, and $50,000 for each 30 day period thereafter with a maximum fine of $500,000. Health and Human Services: Penalties and settlements in the millions of dollars. Private cause of action: 14 states have some form of private action. 34
35 To defend cases: Wage and Hour cases: Determine worked time using data. Use data to identify meal and rest breaks taken. Could be used for credibility purposes. Harassment, discrimination and retaliation cases: Photographs, texts and call history to refute claims. 35
36 Possible sources of liability: Wage and Hour issues: Checking and texting outside of work hours. Compensable time? Invasion of privacy: Tracking employee whereabouts after hours. Apps that take pictures remotely. Destruction of data and/or evidence: Remote access to company s servers. Deletion of photos, texts or other evidence. 36
37 Google Glass Smart Watches Other Wearables Photo Credit: istock 37
38 Jason C. Gavejian (973)
39 39
BYOD At Your Own Risk Working in the BYOD Era. Shane Swilley swilley@cosgravelaw.com (503)276-6074
BYOD At Your Own Risk Working in the BYOD Era Shane Swilley swilley@cosgravelaw.com (503)276-6074 Remember when mobile technology was more Hollywood fantasy than reality The original Smart Phone By the
More informationPractical Legal Aspects of BYOD
Practical Legal Aspects of BYOD SESSION ID: LAW-F01 Lawrence Dietz General Counsel & Managing Director TalGlobal Corporation ldietz@talglobal.net +1 408 993 1300 http://psyopregiment.blogspot.com Francoise
More informationSouthwest Airlines 2013 Terms of Use Portable Devices Feb 2013
1 TERMS OF USE As of February 3, 2013 The following terms and conditions of use ( Terms of Use ) form a legally binding agreement between you (an entity or person) and Southwest Airlines Co. ( Southwest
More informationBusiness or Pleasure: The Challenges of Bring Your Own Device Policies in the Workplace
Business or Pleasure: The Challenges of Bring Your Own Device Policies in the Workplace Presented by: Gavin Appleby, Littler, Atlanta Dionysia Johnson-Massie, Littler, Atlanta What Is BYOD? In the past:
More informationData Privacy and Security: A Primer for Law Firms
Data Privacy and Security: A Primer for Law Firms All We Do Is Work. Workplace Law. In four time zones and 46 major locations coast to coast. www.jacksonlewis.com JACKSON LEWIS SERVING THE DIVERSE NEEDS
More informationBYOD Policy for [AGENCY]
BYOD Policy for [AGENCY] This document provides policies, standards, and rules of behavior for the use of smartphones, tablets and/or other devices ( Device ) owned by [AGENCY] employees personally (herein
More informationBYOD Policy. Handout
Handout 1 Identify What Mobile Devices Are Allowed It s important that this list is as detailed as necessary, including types of smart phones and/or tablets, operating systems, models, etc. Also identify
More informationUse of Mobile Apps in the Workplace:
Use of Mobile Apps in the Workplace: PRIVACY & SECURITY ADAM D.H. GRANT AGRANT@ALPERTBARR.COM Cell Phone & Tablet Ownership 91% of American adults own a cell phone 56% have smartphones Of Americans aged
More informationBring Your Own Device. Individual Liable User Policy Considerations
Bring Your Own Device Individual Liable User Contents Introduction 3 Policy Document Objectives & Legal Disclaimer 3 Eligibility Considerations 4 Reimbursement Considerations 4 Security Considerations
More informationMobile Device Usage and Agreement Policy
Page 1 of 10 1.0 Introduction Mobile Device Usage and Agreement Policy The State of Minnesota provides several electronic tools for employees whose job performance requires or would be enhanced by their
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationSmart Policies for Workplace Technologies Email, Blogs, Cell Phones & More
Smart Policies for Workplace Technologies Email, Blogs, Cell Phones & More By Lisa Guerin, J.D. Nolo, 2011, ISBN:1-4133-1326-0 Price $26.95, pp. 225 pages Reviewed by Nina T. Dow Journal of High Technology
More informationBYOD for 501(c)s: Pros and Perils of Bring Your Own Device
BYOD for 501(c)s: Pros and Perils of Bring Your Own Device April 3, 2014, 2:00 p.m. ET Moderator: Jeffrey S. Tenenbaum, Esq., Venable LLP Panelists: Ronald W. Taylor, Esq., Venable LLP Armand J. (A.J.)
More informationBYOD: BRING YOUR OWN DEVICE
BYOD: BRING YOUR OWN DEVICE PART 5 OF THE LAW PRACTICE MANAGEMENT SERIES Sarah Banola Cooper, White & Cooper LLP James Y. Wu Law Office of James Y. Wu Bring Your Own Device (BYOD)Trend Increased use of
More information[BRING YOUR OWN DEVICE POLICY]
2013 Orb Data Simon Barnes [BRING YOUR OWN DEVICE POLICY] This document specifies a sample BYOD policy for use with the Orb Data SaaS MDM service Contents 1 ACCEPTABLE USE... 3 1.1 GENERAL RULES... 3 2
More informationMobile Medical Devices and BYOD: Latest Legal Threat for Providers
Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and
More informationSample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 )
Sample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 ) Overview: The Bring Your Own Device (BYOD) program allows employees to use their own computing
More informationNorth Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP
Mobile Device Management Risky Business in Healthcare North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP Agenda HIPAA/HITECH & Mobile Devices Breaches Federal
More informationOutsmarting Smart Technology: Legal Ramifications in the Assisted Living Setting
Outsmarting Smart Technology: Legal Ramifications in the Assisted Living Setting F L O R I D A A S S I S T E D L I V I N G A S S O C I AT I O N 2 0 1 4 A N N U A L C O N F E R E N C E Presented by: John
More informationMobile Devices in the Workplace: What Every Employer Needs to Know
Mobile Devices in the Workplace: What Every Employer Needs to Know Presented by: Shannon Huygens Paliotta Senior Associate, Littler Mendelson, P.C. spaliotta@littler.com (412) 201-7631 Marcy McGovern Knowledge
More informationSeptember 29, 2015. Facing The Challenges of Bring Your Own Device (BYOD) Policies in the Workplace
September 29, 2015 Facing The Challenges of Bring Your Own Device (BYOD) Policies in the Workplace Presented By: Angela B. Cummings, Shareholder Littler Mendelson, P.C. 704.972.7005 acummings@littler.com
More informationTHE ACC, MID-AMERICA CHAPTER Mutual of Omaha Insurance Co. Omaha, NE
1 1 WEDNESDAY May 18 THE ACC, MID-AMERICA CHAPTER Mutual of Omaha Insurance Co. Omaha, NE 12:00 PM LAURA CLARK FEY, Esq., CIPP/US, CIPP/E, CIPM Fey LLC, Leawood, KS Agenda 2 BYOD Stats Legal Risks Associated
More informationDon t Let A Security Breach Put You Out of Business
Don t Let A Security Breach Put You Out of Business Committed to providing you with the most innovative security and privacy solutions. www.boomtechit.com Bring Your Own Device (BYOD) and Mobile Device
More informationCreating a Bulletproof BYOD (Bring Your Own Device) Policy for Personal Devices At Work
Creating a Bulletproof BYOD (Bring Your Own Device) Policy for Personal Devices At Work FEATURED FACULTY: Amy F. Melican, Associate, Proskauer 212.969.3641 AMelican@proskauer.com Traci Clements, Attorney,
More informationAdams County, Colorado
Colorado Independent Consultants Network, LLC Adams County, Colorado Bring-Your-Own-Device Policy Prepared by: Colorado Independent Consultants Network, LLC Denver, Colorado March 20, 2014 Table of Contents
More informationLegal Issues in Medical Office Use of Social Media. James F. Doherty, Jr. Pecore & Doherty, LLC Columbia, Maryland
Legal Issues in Medical Office Use of Social Media James F. Doherty, Jr. Pecore & Doherty, LLC Columbia, Maryland Legal Issues in Social Media for Physician Practices HIPAA/State Confidentiality laws State
More informationGuadalupe Regional Medical Center
Guadalupe Regional Medical Center Health Insurance Portability & Accountability Act (HIPAA) By Debby Hernandez, Compliance/HIPAA Officer HIPAA Privacy & Security Training Module 1 This module will address
More informationBYOD: Bring Your Own Device Advantage, Liability or Both?
BYOD: Bring Your Own Device Advantage, Liability or Both? S S Scott Summers Laura B. Grubbs Dinsmore & Shohl Louisville, KY The BYOD to Work Movement Dual-Use Devices: used for both personal and company
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:
More informationPRIVACY AND INFORMATION SECURITY INCIDENT REPORTING
PRIVACY AND INFORMATION SECURITY INCIDENT REPORTING PURPOSE The purpose of this policy is to describe the procedures by which Workforce members of UCLA Health System and David Geffen School of Medicine
More informationBusiness Or Pleasure: The Challenges Of Bring Your Own Device Policies In The Workplace
Business Or Pleasure: The Challenges Of Bring Your Own Device Policies In The Workplace Earl (Chip) M. Jones Littler, Dallas ejones@littler.com (214) 880-8115 Michelle B. Brookshire Littler, Dallas mbrookshire@littler.com
More informationHIPAA PRIVACY AND SECURITY FOR EMPLOYERS
HIPAA PRIVACY AND SECURITY FOR EMPLOYERS Agenda Background and Enforcement HIPAA Privacy and Security Rules Breach Notification Rules HPID Number Why Does it Matter HIPAA History HIPAA Title II Administrative
More informationMobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the
More informationACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING. By: Jerry Jackson Compliance and Privacy Officer
ACCOUNTABLE HEALTHCARE IPA HIPAA PRIVACY AND SECURITY TRAINING By: Jerry Jackson Compliance and Privacy Officer 1 1 Introduction Welcome to Privacy and Security Training course. This course will help you
More informationSecurity, privacy, and incident response issues are often
ISSA DEVELOPING AND CONNECTING CYBERSECURITY LEADERS GLOBALLY The Legal Implications of BYOD: Preparing Personal Device Use Policies By David Navetta, Esq. ISSA member, Denver, USA Chapter This article
More informationSecuring end-user mobile devices in the enterprise
IBM Global Technology Services Thought Leadership White Paper January 2012 Securing end-user mobile devices in the enterprise Develop an enforceable mobile security policy and practices for safer corporate
More informationClients Legal Needs in HIPAA Security Compliance
Clients Legal Needs in HIPAA Security Compliance Robyn A. Meinhardt, JD, RN FOLEY & LARDNER LLP 2004 Preserving Attorney-Client Privilege and Work Product Protections 1 Relevance to Security Compliance
More informationWashwood Heath Academy Use by staff of private communication devices policy
As a learning community, Washwood Heath Academy wants all staff and students to be able to be safe users of ICT and all data storage. The development of responsible, independent users is a prime aim of
More informationHow To Write A Mobile Device Policy
BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the
More information"choose your own device" : the employer still provides the hardware and the employee can choose e.g. the model.
WHAT IS BYOD? BYOD comes in "different shades of grey". "bring your own device" : employees are allowed to use their privately owned hard- and software. IT-applications and company data of the employer
More informationNavigating the New MA Data Security Regulations
Navigating the New MA Data Security Regulations Robert A. Fisher, Esq. 2009 Foley Hoag LLP. All Rights Reserved. Presentation Title Data Security Law Chapter 93H Enacted after the TJX data breach became
More informationBring Your Own Device (BYOD) and Mobile Device Management. tekniqueit.com
Bring Your Own Device (BYOD) and Mobile Device Management tekniqueit.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks
More informationThe Matrix Reloaded: Cybersecurity and Data Protection for Employers. Jodi D. Taylor
The Matrix Reloaded: Cybersecurity and Data Protection for Employers Jodi D. Taylor Why Talk About This Now? Landscape is changing Enforcement by federal and state governments on the rise Legislation on
More informationBring Your Own Device (BYOD) and Mobile Device Management. www.cognoscape.com
Bring Your Own Device (BYOD) and Mobile Device Management www.cognoscape.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks
More informationDATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL
DATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL State AGs have been very active in the leadership of data privacy protection initiatives across the country, and have dedicated considerable
More informationWorkplace Data Breach Challenges:
Presenting a live 90-minute webinar with interactive Q&A Workplace Data Breach Challenges: Navigating Notification Requirements, Employee Monitoring and BYOD Programs Structuring Policies to Prevent and
More informationDATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT
Advisor Article DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT By James R. Carroll, David S. Clancy and Christopher G. Clark* Skadden, Arps, Slate, Meagher & Flom Customer data security
More informationBring Your Own Device (BYOD) and Mobile Device Management
Bring Your Own Device (BYOD) and Mobile Device Management Intivix.com (415) 543 1033 PROFESSIONAL IT SERVICES FOR BUSINESSES OF ALL SHAPES AND SIZES People are starting to expect the ability to connect
More informationBRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT
BRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT www.intivix.com (415) 543 1033 HELP TEAM MEMBERS TO COLLABORATE MORE EASILY FROM ANYWHERE. People are starting to expect the ability to connect
More informationData Security in a Mobile, Cloud-Based World
Data Security in a Mobile, Cloud-Based World Jacob Buckley-Fortin CEO ehana What we ll cover Trends Risks Recommendations 1 Trends Mobile Has Taken Over Trend #1 2 3 450 million users worldwide Adopted
More informationEXECUTIVE DECISION NOTICE. ICT, Communications and Media. Councillor John Taylor. Deputy Executive Leader
EXECUTIVE DECISION NOTICE SERVICE AREA: SUBJECT MATTER: DECISION: DECISION TAKER(S): DESIGNATION OF DECISION TAKER(S): GOVERNANCE ICT, Communications and Media PERSONAL DEVICE POLICY That the Personal
More informationThird Thursday Crowell & Moring s Labor & Employment Update June 20, 2013
Third Thursday Crowell & Moring s Labor & Employment Update June 20, 2013 The webinar will begin shortly. Please stand by. Today s Presenters Chris Calsyn Robin Campbell David Cross Tom Gies 2 BYOD Employment
More informationThe Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training
The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training Introduction The HIPAA Security Rule specifically requires training of all members of the workforce.
More informationUnderstanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions
Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What
More informationCSR Breach Reporting Service Frequently Asked Questions
CSR Breach Reporting Service Frequently Asked Questions Quick and Complete Reporting is Critical after Data Loss Why do businesses need this service? If organizations don t have this service, what could
More informationBYOD/T? BYOD/T. Social Media and Challenges in the Virtualized Workplace. Jason Boulette
Social Media and Challenges in the Virtualized Workplace Jason Boulette BYOD/T? http://youtu.be/osrqlphz6y8 BYOD/T Here It Comes 60% of companies offer it now 1 90% will offer it by 2014 1 Standard plat:
More informationDUUS Information Technology (IT) Acceptable Use Policy
DUUS Information Technology (IT) Acceptable Use Policy Issue Date: October 1, 2013 Effective Date: October 1, 2013 Revised Date: Number: DHHS-2013-002 1.0 Purpose and Objectives The purpose of this policy
More informationPassword Management Evaluation Guide for Businesses
Password Management Evaluation Guide for Businesses White Paper 2016 Executive Summary Passwords and the need for effective password management are at the heart of the rise in costly data breaches. Various
More informationTechnology Department 1350 Main Street Cambria, CA 93428
Technology Department 1350 Main Street Cambria, CA 93428 Technology Acceptable Use and Security Policy The Technology Acceptable Use and Security Policy ( policy ) applies to all CUSD employees and any
More informationDon t Let BYOD Mean Bring Your Office Disaster. Southeastern Business Law Institute October 24-25, 2013 Cumberland School of Law Samford University
Don t Let BYOD Mean Bring Your Office Disaster Southeastern Business Law Institute October 24-25, 2013 Cumberland School of Law Samford University Richard C. Balough BALOUGH LAW OFFICES, LLC 1 N. LaSalle
More informationFEDERAL LAWS RELATING TO FRAUD, WASTE AND ABUSE
FEDERAL LAWS RELATING TO FRAUD, WASTE AND ABUSE FEDERAL CIVIL FALSE CLAIMS ACT The federal civil False Claims Act, 31 U.S.C. 3729, et seq., ( FCA ) was originally enacted in 1863 to combat fraud perpetrated
More informationJoe A. Ramirez Catherine Crane
RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract
More informationBring Your Own Device: Calling for a Strategy. CHIME College Live 23 April 2014
Bring Your Own Device: Calling for a Strategy CHIME College Live 23 April 2014 Bring Your Own Device (BYOD) Topics» Introductions» Learning Objectives» Business Drivers» Key Strategies» Policy Issues»
More informationDell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations
Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Inside ü Tips for deploying or expanding BYOD programs while remaining
More informationMobile Security: Controlling Growing Threats with Mobile Device Management
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationBYOD. opos WHAT IS YOUR POLICY? SUMMARY
BYOD WHAT IS YOUR POLICY? opos SUMMARY The organization s employees and contractors frequently perform employment-related tasks which require connecting to the organization s networks, systems, and/or
More informationTop Ten Technology Risks Facing Colleges and Universities
Top Ten Technology Risks Facing Colleges and Universities Chris Watson, MBA, CISA, CRISC Manager, Internal Audit and Risk Advisory Services cwatson@schneiderdowns.com April 23, 2012 Overview Technology
More informationAvoiding BYOD Legal Issues. Route1 Inc. September 2013
Avoiding BYOD Legal Issues Route1 Inc. September 2013 Avoiding BYOD Legal Issues Today s business landscape is facing emerging legal issues stemming from bring your own device (BYOD) initiatives. The shift
More informationOrganizational Policy
Approved by: City Manager/General Managers Report No.: n/a Effective: January 1, 2004 Reviewed: July 25, 2012 Amended: July 25, 2012 Next Review: July 25, 2013 Note: Purpose: on The purpose of this policy
More informationA 5-STEP PLAN TO PREPARE FOR HEALTHCARE. A Complimentary White Paper from
A 5-STEP PLAN TO PREPARE FOR BYOD IN HEALTHCARE A Complimentary White Paper from A 5-step plan to prepare for BYOD in health care A Complimentary White Paper from Healthcare Business & Technology Nearly
More informationElectronic Communication In Your Practice. How To Use Email & Mobile Devices While Maintaining Compliance & Security
Electronic Communication In Your Practice How To Use Email & Mobile Devices While Maintaining Compliance & Security Agenda 1 HIPAA and Electronic Communication 2 3 4 Using Email In Your Practice Mobile
More informationAsheboro City Schools 1:1 Laptop Handbook for Elementary and Middle Schools
Asheboro City Schools 1:1 Laptop Handbook for Elementary and Middle Schools Students should use technology and the Internet in an appropriate manner. Technology is an integral part of a student s educational
More informationMy CEO wants an ipad now what? Mobile Security for the Enterprise
My CEO wants an ipad now what? Mobile Security for the Enterprise Agenda Introductions Emerging Mobile Trends Mobile Risk Landscape Response Framework Closing Thoughts 2 Introductions Amandeep Lamba Manager
More informationOUTLINE AND OBJECTIVES
BYOD in the Federal Workplace: Privacy Considerations and Case Studies Moderator: Alex Tang, Attorney, Office of General Counsel, Federal Trade Commission (FTC) Panelists: Kimberly Hancher, Chief Information
More informationPlease review and make copies of the following documents for each designated staff in need of Valley Express access.
Welcome to Valley Express (VE) Valley Express is Valley Health Plan s (VHP) Authorization and Referral data system. By signing this document, the individual signifies that the County s User Responsibility
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationBYOD Policies: A Litigation Perspective
General Counsel Panel Reveals the Real Deal BYOD Policies: A Litigation Perspective By Andrew Hinkes Reprinted with Permission BYOD Policies: A Litigation Perspective By Andrew Hinkes Bring-your-own-device
More informationMASSACHUSETTS IDENTITY THEFT RANKING BY STATE: Rank 23, 66.5 Complaints Per 100,000 Population, 4292 Complaints (2006) Updated January 17, 2009
MASSACHUSETTS IDENTITY THEFT RANKING BY STATE: Rank 23, 66.5 Complaints Per 100,000 Population, 4292 Complaints (2006) Updated January 17, 2009 Current Laws: Identity Crime: A person is guilty of identity
More informationHow To Handle A Bring Your Own Device (Byod) In A Business
page 2 Consumers soon found that the devices they used in their personal lives could also be used in their professional lives. They could access not only the internet, but their business network as well.
More informationJim Donaldson, M.S., MPA, CHC, CIPP/US, CISSP. Director of Compliance, Chief Privacy and Information Security Officer. Pensacola, Florida
2015 SCCE Compliance & Ethics Institute Wednesday, October 7, 2015 (10:00 11:45) Session W14 Bring Your Own Device(BYOD) They are here and they are not going away. Understanding the benefits, risks, and
More informationHIPAA and Health Information Privacy and Security
HIPAA and Health Information Privacy and Security Revised 7/2014 What Is HIPAA? H Health I Insurance P Portability & A Accountability A - Act HIPAA Privacy and Security Rules were passed to protect patient
More informationReaching for the Clouds: Issues for Employers in Cloud Computing
[INSERT SPONSOR S LOGO HERE] Reaching for the Clouds: Issues for Employers in Cloud Computing January 25, 2012 Anaheim, California ed by Ogletree Deakins Panelists: Tammy Brandt Betsy Johnson Alec Hillbo
More informationQuincy Public Schools Information Technology. Acceptable Use Policy for Staff, Students, and Guests
Quincy Public Schools Information Technology Acceptable Use Policy for Staff, Students, and Guests Revised May 6, 2013 Introduction This Acceptable Use Policy is enacted as of May 2013 by the Quincy School
More informationPolicy for Staff and Post 16 Student BYOD (Bring Your Own Device)
Policy for Staff and Post 16 Student BYOD (Bring Your Own Device) Date approved: 7 th May 2015 Review Schedule: Annual Reviewed: Next review: 1 Context Aims of this Policy Definitions CONTENTS 1. OVERVIEW...
More information3/13/2015 HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA?
HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA? 1 DEFINITIONS HIPAA Health Insurance Portability and Accountability Act of 1996 Primarily designed
More informationBEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050
BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security
More informationtroinet.com When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse
When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse When It Comes to HIPAA Compliance, Ignorance of the Law Is No Excuse The Health Insurance Portability and Accountability Act of 1996
More informationMOBILE BANKING AGREEMENT AND DISCLOSURE ONLINE BANKING ADDENDUM
I. Introduction MOBILE BANKING AGREEMENT AND DISCLOSURE ONLINE BANKING ADDENDUM Bank of the Sierra endeavors to provide you with the highest quality Mobile Banking (the "Service") available. By enrolling
More informationBRING YOUR OWN DEVICE
BRING YOUR OWN DEVICE Legal Analysis & Practical TIPs for an effective BYOD corporate Policy CONTENTS 1. What is BYOD? 2. Benefits and risks of BYOD in Europe 3. BYOD and existing Policies 4. Legal issues
More informationSAMPLE TEMPLATE. Massachusetts Written Information Security Plan
SAMPLE TEMPLATE Massachusetts Written Information Security Plan Developed by: Jamy B. Madeja, Esq. Erik Rexford 617-227-8410 jmadeja@buchananassociates.com Each business is required by Massachusetts law
More informationBYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012
BYOD and Mobile Device Security Shirley Erp, CISSP CISA November 28, 2012 Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/swcacademy.html.
More informationAre You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.
Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style March 27, 2013 www.mcguirewoods.com Introductions Holly Carnell McGuireWoods LLP
More informationTERMS OF SERVICE TELEPORT REQUEST RECEIVERS
TERMS OF SERVICE These terms of service and the documents referred to in them ( Terms ) govern your access to and use of our services, including our website teleportapp.co ( our site ), applications, buttons,
More informationCellular/Smart Phone Use Procedure
Number 1. Purpose This procedure is performed as a means of ensuring the safe and efficient use of cell/smart phones throughout West Coast District Health Board (WCDHB) facilities. 2. Application This
More informationPlease use your cell phone to access this website: pollev.com/ucsfprivacy
Please use your cell phone to access this website: pollev.com/ucsfprivacy 1 Privacy and Confidentiality Residents and Fellows Orientation 2015 Deborah Yano-Fong, RN, MS, CHPC Chief Privacy Officer June
More informationSTATE SUPPLEMENTAL HEALTH PRIVACY LAWS
AL None N/A AK None N/A AZ None N/A AR None N/A CA Health and Safety Code 1280.15 Civil Code 56.101 Civil Code 56.13 Civil Code 56.17 Civil Code 56.20 Requires clinics and health facilities to report any
More informationCOMPUTER USE POLICY. 1.0 Purpose and Summary
COMPUTER USE POLICY 1.0 Purpose and Summary 1. This document provides guidelines for appropriate use of the wide variety of computing and network resources at Methodist University. It is not an all-inclusive
More informationMobile Devices Policy
Mobile Devices Policy Item Policy description Division Director Contact Description Guidelines to ensure that mobile devices are deployed and used in a secure and appropriate manner. IT Services and Records
More information