The Importance of Privacy & Data Security in a Changing World
|
|
- Augustine Rice
- 3 years ago
- Views:
Transcription
1 Cyber, PrivaCy & Data SeCurity 360
2 about our PraCtiCe Data is the lifeblood of our global economy. Collected, stored and transmitted, digital data not only imparts great opportunities, but unprecedented privacy and security challenges for businesses in all industry sectors. Privacy and cyber risks require businesses to contend with a complex web of state, federal and international laws. Best practices and self-regulatory standards further complicate the picture for companies attempting to navigate the cyber, privacy and data security maze. With the government giving companies security and privacy practices greater scrutiny, businesses need to be prepared to meet their evolving obligations in these fields. Constantly changing technology affects the competitive environment and privacy and security requirements. Failure to respect privacy and data security may lead not only to serious economic consequences, but adverse publicity and loss of business. Businesses therefore increasingly consult professionals with expertise to meet the challenges of the cyber, privacy and data security environment. Morris Polich & Purdy LLP s Cyber, Privacy & Data Security team collaborates closely with clients to take a comprehensive approach to managing, responding and mitigating privacy and data security risks. Our team proactively develops, implements and assesses privacy and data security for companies in numerous business sectors. From preparing initial policies and procedures governing privacy and data security and performing baseline privacy and risk assessments, to implementing programs and performing compliance analyses, the team s expertise allows it to respond effectively and efficiently. Our team is equipped to respond to government inquiries, investigate and comply with data breach notification requirements and to handle any litigation or regulatory actions arising from alleged privacy violations or data breaches. MPP s Cyber Privacy & Data Security team is comprised of attorneys specializing in the key areas of cyber and social media law, professional liability, insurance coverage, health and long term care, litigation, employment, commercial transactions, electronic discovery and intellectual property. The team works on a national basis and has knowledge and experience regarding a wide variety of laws affecting privacy and data security. The team is involved in advising and providing litigation support for numerous federal provisions, including the Computer Fraud and Abuse Act (CFAA), the US/EU Safe Harbor, the Fair Credit Reporting Act (FCRA), the Health Information Portability and Accountability Act (HIPAA), the Children s Online Privacy Protection Act (COPPA), the Gramm-Leach-Bliley Act (GLB), the Electronic Communications Privacy Act (ECPA), the
3 about our PraCtiCe (ContinueD) Stored Communication Act (SCA), the Red Flags Rule, and a myriad of other provisions. Team members have also been involved in numerous matters involving state law, including those arising under California s Song-Beverly Act, the California Medical Information Act (CMIA), the California Invasion of Privacy Act (CIPA), the California Online Privacy Protection Act (CalOPPA), and the California Shine the Light law, among others. MPP s lawyers have also been involved in handling matters dealing with legal provisions relating to cyber security and data breaches, including federal and state laws relating to data breach notification, laws mandating security and encryption, and best practices and self-governing security standards, such as the Payment Card Industry Data Security Standards (PCI DSS). Because digital data is today readily transmitted across national boundaries, members of MPP s team are also knowledgeable regarding international privacy and data security laws, including those of the European Union (EU), Canada, Mexico and Asia. The team is headed by a lawyer who is a United States Certified Information Privacy Professional (CIPP/US) and a European Union Certified Information Professional (CIPP/E) and team members regularly monitor legal developments affecting businesses operating domestically and internationally. Privacy and data security matters are constantly evolving as technology continues to develop. MPP s Cyber, Privacy & Data Security team has both the technical and legal knowledge to monitor these changes and advise clients regarding resulting risks. The team has handled matters involving cloud computing, Big Data, biometric identifiers, the Internet of Things (i.e. smart devices), social media, online behavioral advertising (OBA), and other technologies. Team members have also advised and assisted with numerous privacy issues in the workplace, including Bring Your Own Device (BYOD), pre-employment screening, internal investigations, employee use of social media and electronic devices, employee monitoring, and other aspects of the employment relationship. Complimentary to their work in privacy and data security, MPP s Cyber, Privacy & Data Security team also has expertise in other aspects of cyber law in addition to their work in privacy and data security. The team includes attorneys specializing in trademark and copyright law, intellectual property, the Digital Millennium Copyright Act (DMCA), government subpoenas of electronic information, trade secrets, and protection of proprietary information. Team members have also handled a wide variety of other cyber matters, including licensing disputes,
4 about our PraCtiCe (ContinueD) preservation of electronic evidence, protection of intellectual property against piracy, and registration of domain names. The team has also dealt with numerous e-discovery issues, particularly those regarding the interplay between electronic collection of documents and relevant privacy and security requirements. To provide leading information and updates on important changes in the cyber, privacy and data security arena, the team launched their specialist website which includes a library of reference sources, articles, and details of services available.
5 a CroSS SeCtion of our experience Services provided by our Cyber, Privacy & Data Security team include: responding to Data breaches and Security incidents: Designing and implementing Corporate risk analyses and Strategies: Baseline privacy and data security surveys and analyses, including privacy and security of personal and proprietary information collected, maintained and distributed by businesses Privacy and security risk audits and assessments Privacy and data security practices and procedures Response protocols and contingency plans for privacy and security breaches Establishing appropriate corporate privacy and data protection infrastructure Training to promote and comply with best practices in privacy and data security, including privacy by design Compliance with ongoing requirements and best practices in light of changing technological and legal requirements Establishing data breach notification procedures Complying with breach notification requirements of relevant federal and state jurisdictions Working with investigators, consultants, and law enforcement authorities to analyze and contain breach and security incidents Mitigating damages and remediating harm from breach incidents Providing notices to affected individuals Revising practices and procedures to help prevent future breach incidents implementing business Solutions: Negotiating and drafting contracts, including HIPAA business associate agreements, vendor agreements, and agreements involving cloud computing providers Selecting and managing vendors and other third parties handling personal or proprietary information
6 a CroSS SeCtion of our experience (ContinueD) Protecting personal information of employees, customers, and consumers Protecting privacy and security of personal health information (PHI) under HIPAA and HITECH, including HIPAA Omnibus Rule Use of social media and electronic devices in the workplace Use of personal information for marketing and advertising purposes, including online behavioral advertising and COPPA compliant websites Online privacy notices and user agreements Management of privacy security of electronic information, including proper document retention procedures and compliance with electronic discovery obligations Evaluating insurance coverage issues E-Discovery evaluation and compliance
7
8 attorneys at Law M a i n C o n t a C t: timothy J. toohey ttoohey@mpplaw.com o f f i C e L o C a t i o n S: Los angeles 1055 West Seventh Street, Suite 2400, Los Angeles, California T: F: San Diego One America Plaza, 600 West Broadway, Suite 500, San Diego, California T: F: San francisco One Embarcadero Center, Suite 400, San Francisco, California T: F: Las vegas 500 South Rancho Drive, Suite 17, Las Vegas, Nevada T: F:
Year in Review: Top Privacy and Data Security Developments of 2013
Contact: Timothy J. Toohey Partner 213.417.5324 ttoohey@mpplaw.com Year in Review: Top Privacy and Data Security Developments of 2013 2013 is the year when privacy and data security became matters of general
More informationIntroduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery
Today s Topics Introduction to Data Privacy & ediscovery General Overview Data Privacy in the United States Data Privacy in Foreign Countries Intersection of Data Privacy & ediscovery Preservation of Data
More informationE-Discovery and Data Management. Managing Litigation in the Digital Age. Attorney Advertising
E-Discovery and Data Management Managing Litigation in the Digital Age Attorney Advertising Every day, 12 billion corporate e-mails are created. That number doubles annually. Litigation success starts
More informationPrivacy Law Basics and Best Practices
Privacy Law Basics and Best Practices Information Privacy in a Digital World Stephanie Skaff sskaff@fbm.com What Is Information Privacy? Your name? Your phone number or home address? Your email address?
More informationCyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014
Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A. Puplava
More informationHow To Help Your Business With Data Security And Privacy
DATA SECURITY AND PRIVACY WORKING TOGETHER, OUR TEAM PROVIDES INSIGHTFUL COUNSEL AND A DEPTH OF SPECIALIZED EXPERIENCE. Overview: S ince well before companies entered the age of Big Data, Benesch attorneys
More informationEmploymEnt law. www.mpplaw.com
EmploymEnt law 360 www.mpplaw.com about our practice morris polich & purdy s Employment Law attorneys provide full service employment representation to public and private employers of all sizes, from
More informationData Privacy and Cybersecurity Task Force
Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,
More informationInsights into Cloud Computing
This article was originally published in the November 2010 issue of the Intellectual Property & Technology Law Journal. ARTICLE Insights into Cloud Computing The basic point of cloud computing is to avoid
More informationBUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM RECITALS
BUSINESS ASSOCIATE PRIVACY AND SECURITY ADDENDUM This Business Associate Addendum ( Addendum ), effective, 20 ( Effective Date ), is entered into by and between University of Southern California, ( University
More informationCyber Risks in the Boardroom
Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing
More information2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.
The OCR Auditors are coming - Are you next? What to Expect and How to Prepare On June 10, 2011, the U.S. Department of Health and Human Services Office for Civil Rights ( OCR ) awarded KPMG a $9.2 million
More informationAdding Cloud Solutions to Customer Contracts Robert J. Scott
Adding Cloud Solutions to Customer Contracts Robert J. Scott MSP vs. Cloud Who owns the hardware? Where does the data reside? Dedicated vs. Multi tenant? Who contracts with 3 rd parties? How are services
More informationLong Term Care. www.mpplaw.com
Long Term Care & HeaLTH Care 360 www.mpplaw.com about our PraCTiCe morris Polich & Purdy LLP is one of the nation's leading law firms specializing in the representation of both long term care facilities
More informationWelcome to ChiroCare s Fourth Annual Fall Business Summit. October 3, 2013
Welcome to ChiroCare s Fourth Annual Fall Business Summit October 3, 2013 HIPAA Compliance Regulatory Overview & Implementation Tips for Providers Agenda Green packet Overview of general HIPAA terms and
More informationBloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs
Bloomberg BNA Professional Learning Legal Course Catalog OnDemand Programs *This is a sample course catalog. BBNA is in the process of moving all of our recorded content on to our new platform. Not all
More informationCloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns. Privacy and Information Management Practice / Washington, DC
Cloud Computing: A Primer on Legal Issues, Including Privacy and Data Security Concerns Privacy and Information Management Practice / Washington, DC Disclaimer THIS PRESENTATION IS TO ASSIST IN A GENERAL
More informationPage 1 of 15. VISC Third Party Guideline
Page 1 of 15 VISC Third Party Guideline REVISION CONTROL Document Title: Author: File Reference: VISC Third Party Guidelines Andru Luvisi CSU Information Security Managing Third Parties policy Revision
More informationThe Legal Pitfalls of Failing to Develop Secure Cloud Services
SESSION ID: CSV-R03 The Legal Pitfalls of Failing to Develop Secure Cloud Services Cristin Goodwin Senior Attorney, Trustworthy Computing & Regulatory Affairs Microsoft Corporation Edward McNicholas Global
More informationCyber, Security and Privacy Questionnaire
Cyber, Security and Privacy Questionnaire www.fbinsure.com Please note: This is an electronic application. When completed please save and email to: Ed McGuire emcguire@fbinsure.com Cyber, Security & Privacy
More informationData Privacy and Security: A Primer for Law Firms
Data Privacy and Security: A Primer for Law Firms All We Do Is Work. Workplace Law. In four time zones and 46 major locations coast to coast. www.jacksonlewis.com JACKSON LEWIS SERVING THE DIVERSE NEEDS
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationCYBER & PRIVACY LIABILITY INSURANCE GUIDE
CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,
More informationPlease Read. Apgar & Associates, LLC apgarandassoc.com P. O. Box 80278 Portland, OR 97280 503-384-2538 877-376-1981 503-384-2539 Fax
Please Read This business associate audit questionnaire is part of Apgar & Associates, LLC s healthcare compliance resources, Copyright 2014. This questionnaire should be viewed as a tool to aid in evaluating
More informationProtecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)
Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) May 15, 2009 LLP US Information Security Framework Historically industry-specific HIPAA Fair Credit Reporting
More informationCloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity. Amy Mushahwar, Esq.
Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity Amy Mushahwar, Esq. What s New? Not That Much. Some have their heads in the cloud we prefer to stay down in the weeds and know
More informationBrief. The BakerHostetler Data Security Incident Response Report 2015
Brief The BakerHostetler Data Security Incident Response Report 2015 The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 the year of the
More informationInformation Security Law: Control of Digital Assets.
Brochure More information from http://www.researchandmarkets.com/reports/2128523/ Information Security Law: Control of Digital Assets. Description: For most organizations, an effective information security
More informationHow To Deal With Cloud Computing
A LEGAL GUIDE TO CLOUD COMPUTING INTRODUCTION Many companies are considering implementation of cloud computing services to decrease IT costs while providing the flexibility to scale usage on demand. The
More informationPrivacy & Data Security
Privacy & Data Security May 9, 2014 Presented at: SWBA 39 TH ANNUAL CONFERENCE by: James E. Prendergast, Esq. Overview Data Privacy Concerns: Unauthorized access, use, acquisition or disclosure of information
More informationPrivacy and Data Breach Protection Modular application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationCourse Content Summary ITN 267 Legal Topics in Network Security (3 Credits)
Page 1 of 5 Course Content Summary ITN 267 Legal Topics in Network Security (3 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Conveys an in-depth
More informationTODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures
TODAY S AGENDA Trends/Victimology Incident Response Remediation Disclosures Trends/Victimology ADVERSARY CLASSIFICATIONS SOCIAL ENGINEERING DATA SOURCES COVERT INDICATORS - METADATA METADATA data providing
More informationImpact of Legal and Regulatory Compliance on Higher Education Information Security Management. Dan Han Virginia Commonwealth University
Impact of Legal and Regulatory Compliance on Higher Education Information Security Management Dan Han Virginia Commonwealth University A little about me Worked in IT for close to 15 years, with 12 years
More informationData Security Best Practices for In-House Counsel
Donna L. Wilson, Linda D. Kornfeld and Rebecca Perry Association of Corporate Counsel San Diego August 6, 2015 1 DONNA L. WILSON Tel: (310) 312-4144 Email: DLWilson@manatt.com Donna L. Wilson is co-chair
More informationClients Legal Needs in HIPAA Security Compliance
Clients Legal Needs in HIPAA Security Compliance Robyn A. Meinhardt, JD, RN FOLEY & LARDNER LLP 2004 Preserving Attorney-Client Privilege and Work Product Protections 1 Relevance to Security Compliance
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationUnderstanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions
Understanding HIPAA Privacy and Security Helping Your Practice Select a HIPAA- Compliant IT Provider A White Paper by CMIT Solutions Table of Contents Understanding HIPAA Privacy and Security... 1 What
More informationHCCA Compliance Institute 2013 Privacy & Security
HCCA Compliance Institute 2013 Privacy & Security 704 Conducting a Privacy Risk Assessment A Practical Guide to the Performance, Evaluation and Response April 23, 2013 Presented By Eric Dieterich Session
More informationThis form may not be modified without prior approval from the Department of Justice.
This form may not be modified without prior approval from the Department of Justice. Delete this header in execution (signature) version of agreement. HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationwhat your business needs to do about the new HIPAA rules
what your business needs to do about the new HIPAA rules Whether you are an employer that provides health insurance for your employees, a business in the growing health care industry, or a hospital or
More informationCyber Security: Compliance and Protection 2012 A Complimentary LexisNexis Webinar December 11, 2012
Cyber Security: Compliance and Protection 2012 A Complimentary LexisNexis Webinar December 11, 2012 David Chatfield, Vice President, Cyber Security Services, NetDiligence Linda Clark, Esq., U.S. Senior
More informationHIPAA in the Cloud How to Effectively Collaborate with Cloud Providers
How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA
More informationData Privacy Considerations When Conducting E-Discovery
Data Privacy Considerations When Conducting E-Discovery Therese Craparo Anthony J. Diana Rebecca Kahan Paul Chandler May 17, 2011 MayerBrown is a globallegalservices organisationcomprisinglegalpracticesthatareseparate
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation MELISSA J. KRASNOW, DORSEY & WHITNEY LLP
More informationCSR Breach Reporting Service Frequently Asked Questions
CSR Breach Reporting Service Frequently Asked Questions Quick and Complete Reporting is Critical after Data Loss Why do businesses need this service? If organizations don t have this service, what could
More informationHow To Prepare For The Challenges Of 2014
Contact: Timothy J. Toohey Partner 213.417.5324 ttoohey@mpplaw.com The Year Ahead in Privacy and Data Security 2014 promises to be another eventful year in the privacy and data security fields. Although
More informationHITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What?
HITRUST CSF Assurance Program You Need a HITRUST CSF Assessment Now What? Introduction This material is designed to answer some of the commonly asked questions by business associates and other organizations
More informationOverview of Topics Covered
How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA
More informationInformation Governance Roadmap
Information Governance Roadmap Mitigating Privacy Risks, Reducing Costs And Meeting Obligations Speakers Heather Buchta Quarles & Brady Partner Rebecca Perry Jordan Lawrence CIPP/US/G Director of Professional
More informationWhite Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES
White Paper THE HIPAA FINAL OMNIBUS RULE: NEW CHANGES IMPACTING BUSINESS ASSOCIATES CONTENTS Introduction 3 Brief Overview of HIPPA Final Omnibus Rule 3 Changes to the Definition of Business Associate
More informationSpecial Report The HITECH Act
Special Report The HITECH Act Privacy and Data Breach Notification Provision An Overview of the HITECH Act On February 17, 2009, President Obama signed into law the $787 billion stimulus package known
More informationEduca&onal Event Spring 2015. Cyber Security - Implications for Records Managers Art Ehuan
Educa&onal Event Spring 2015 Cyber Security - Implications for Records Managers Art Ehuan Risk to Corporate Information The protection of mission dependent intellectual property, or proprietary data critical
More informationHealth Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know
Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know Note: Information provided to NCRA by Melodi Gates, Associate with Patton Boggs, LLC Privacy and data protection
More informationHIPAA compliance audit: Lessons learned apply to dental practices
HIPAA compliance audit: Lessons learned apply to dental practices Executive summary In 2013, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 Omnibus Rule put healthcare providers
More informationTaking a Data-Centric Approach to Security in the Cloud
Taking a Data-Centric Approach to Security in the Cloud Bob West Chief Trust Officer CipherCloud 2014 CipherCloud All rights reserved 1 Taking a Data-Centric Approach to Cloud Data Protection Bob West
More informationInsulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact. February 10, 2015
Insulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact February 10, 2015 Overview 1 The Legal Risks And Issues/The Role Of Legal Counsel: The Breach Coach The Slippery
More informationCYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED?
CYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED? Anthony Diana, Reed Smith LLP Scott Lashway, MassMutual Stephen Ramey, Navigant Consulting ARE YOU PREPARED?» Your security operations center is
More information[Company Name] HIPAA Security Awareness and Workforce Training Program Manual
[Company Name] HIPAA Security Awareness and Workforce Training Program Manual The Importance of Security Awareness Training 4 Data Security Breaches 5 What is Information Security? 6 Roles and Responsibilities
More informationEvery Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World
Every Cloud Has A Silver Lining Protecting Privilege Data In A Hosted World May 7, 2014 Introduction Lindsay Stevens Director of Software Development Liquid Litigation Management, Inc. lstevens@llminc.com
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,
More informationHIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers
How to Effectively Collaborate with Cloud Providers Speaker Bio Chad Kissinger Chad Kissinger Founder OnRamp Chad Kissinger is the Founder of OnRamp, an industry leading high security and hybrid hosting
More informationWhy HIPAA Compliance Should Scare You and What You Should Ask Your Business Phone Service Provider NOW
Why HIPAA Compliance Should Scare You and What You Should Ask Your Business Phone Service Provider NOW By Mike McAlpen, 8x8 Executive Director of Privacy, Security and Compliance The Champion For Business
More informationTechnological Evolution
Technological Evolution The Impact of Social Media, Big Data and Privacy on Business Consumer Privacy & Big Data Advice, Regulatory and Resulting Litigation Denise Banks Chief Privacy Officer BMO Financial
More informationCLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS. Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE. October 2, 2013
CLOUD COMPUTING ISSUES FOR SCHOOL DISTRICTS Presented to the 2013 BRADLEY F. KIDDER LAW CONFERENCE October 2, 2013 By: Diane M. Gorrow Soule, Leslie, Kidder, Sayward & Loughman, P.L.L.C. 220 Main Street
More informationNew Privacy Laws Impacting the Health Care Work Place
New Privacy Laws Impacting the Health Care Work Place Presented by Thomas E. Jeffry, Jr., Esq. Arent Fox LLP Washington, DC New York, NY Los Angeles, CA November 12 & 19, 2009 Overview 1. Overview of California
More informationHEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES
HEALTHCARE SECURITY AND PRIVACY CATALOG OF SERVICES OCTOBER 2014 3300 North Fairfax Drive, Suite 308 Arlington, Virginia 22201 USA +1.571.481.9300 www.lunarline.com OUR CLIENTS INCLUDE Contents Healthcare
More information2/9/2012. 2012 HIPAA Privacy and Security Audit Readiness. Table of contents
2012 HIPAA Privacy and Security Audit Readiness Mark M. Johnson National HIPAA Services Director Table of contents Page Background 2 Regulatory Background and HITECH Impacts 3 Office of Civil Rights (OCR)
More informationData Breach Cost. Risks, costs and mitigation strategies for data breaches
Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,
More informationData Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked
Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Linda Vincent, R.N., P.I., CITRMS Vincent & Associates Founder The Identity Advocate San Pedro, California The opinions expressed
More informationMastering Data Privacy, Social Media, & Cyber Law
Mastering Data Privacy, Social Media, & Cyber Law October 22, 2014 Data Breach Notification and Cybersecurity Developments in 2014 Melissa J. Krasnow, Dorsey & Whitney LLP, and Certified Information Privacy
More informationBusiness Associates, HITECH & the Omnibus HIPAA Final Rule
Business Associates, HITECH & the Omnibus HIPAA Final Rule HIPAA Omnibus Final Rule Changes Business Associates Marissa Gordon-Nguyen, JD, MPH Health Information Privacy Specialist Office for Civil Rights/HHS
More informationThe CIO s Guide to HIPAA Compliant Text Messaging
The CIO s Guide to HIPAA Compliant Text Messaging Executive Summary The risks associated with sending Electronic Protected Health Information (ephi) via unencrypted text messaging are significant, especially
More informationLaw & Ethics, Policies & Guidelines, and Security Awareness
Law & Ethics, Policies & Guidelines, and Security Awareness Modifications by Prof. Dong Xuan and Adam C. Champion Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of
More informationThe Keys to the Cloud: The Essentials of Cloud Contracting
The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb
More informationHIPAA Compliance in Litigation and Discovery 10 Key Concepts Click to edit Master title style
HIPAA Compliance in Litigation and Discovery 10 Key Concepts Click to edit Master title style Presented by: Nathan A. Kottkamp, McGuireWoods LLP David J. Pivnick, McGuireWoods LLP Mary C. DeBartolo, McGuireWoods
More informationTHE BEST PRACTICES FOR DATA SECURITY AND PRIVACY IN VENDOR/ CLIENT RELATIONSHIPS
THE BEST PRACTICES FOR DATA SECURITY AND PRIVACY IN VENDOR/ CLIENT RELATIONSHIPS Data Law Group, P.C. Kari Kelly Deborah Shinbein YOU CAN T OUTSOURCE COMPLIANCE! Various statutes and regulations govern
More informationDATA SECURITY AGREEMENT. Addendum # to Contract #
DATA SECURITY AGREEMENT Addendum # to Contract # This Data Security Agreement (Agreement) is incorporated in and attached to that certain Agreement titled/numbered and dated (Contract) by and between the
More informationPrivacy Legislation and Industry Security Standards
Privacy Legislation and Issue No. 3 01010101 01010101 01010101 Information is generated about and collected from individuals at an unprecedented rate in the ordinary course of business. In most cases,
More informationAre You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.
Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style March 27, 2013 www.mcguirewoods.com Introductions Holly Carnell McGuireWoods LLP
More informationHIPAA Omnibus Rule Reference Chart
HIPAA Omnibus Rule Reference Chart By Dianne J. Bourque, Kimberly J. Gold, Ellen L. Janos, Julie K. Lappas, James Sasso, Kate F. Stewart, and Stephanie D. Willis Mintz Levin is pleased to provide this
More informationAuditing your institution's cybersecurity incident/breach response plan. Baker Tilly Virchow Krause, LLP
Auditing your institution's cybersecurity incident/breach response plan Objectives > Provide an overview of incident/breach response plans and their intended benefits > Describe regulatory/legal requirements
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (Hereinafter "Agreement") dated as of, 2013, is made by and between (Hereinafter Covered Entity ) and (Hereinafter Business Associate ). ARTICLE
More informationCloud Computing: Contracting and Compliance Issues for In-House Counsel
International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,
More informationIAPP Privacy Certification
IAPP Privacy Certification Program Introduction to the Certification Foundation copyright 2011, IAPP Overview Each candidate who seeks an IAPP privacy certification for the very first time must complete
More informationACE Advantage PRIVACY & NETWORK SECURITY
ACE Advantage PRIVACY & NETWORK SECURITY SUPPLEMENTAL APPLICATION COMPLETE THIS APPLICATION ONLY IF REQUESTING COVERAGE FOR PRIVACY LIABILITY AND/OR NETWORK SECURITY LIABILITY COVERAGE. Please submit with
More informationHeather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com
Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually
More informationTexas Medical Records Privacy Act
A COALFIRE PERSPECTIVE Texas Medical Records Privacy Act Texas House Bill 300 (HB 300) Rick Dakin, CEO & Co-Founder Rick Link, Director Andrew Hicks, Director Overview The State of Texas has pushed ahead
More informationwww.shipmangoodwin.com Shipman & Goodwin LLP 2015. All rights reserved. @SGHealthLaw HARTFORD STAMFORD GREENWICH WASHINGTON, DC
HIPAA Compliance and Non-Business Associate Vendors: Strategies and Best Practices July 14, 2015 William J. Roberts, Esq. Shipman & Goodwin LLP 2015. All rights reserved. HARTFORD STAMFORD GREENWICH WASHINGTON,
More information12/19/2014. HIPAA More Important Than You Realize. Administrative Simplification Privacy Rule Security Rule
HIPAA More Important Than You Realize J. Ira Bedenbaugh Consulting Shareholder February 20, 2015 This material was used by Elliott Davis Decosimo during an oral presentation; it is not a complete record
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP
More informationMastering Data Privacy, Protection, & Forensics Law
Mastering Data Privacy, Protection, & Forensics Law April 15, 2015 Data Breach Notification and Cybersecurity Developments in 2015 Melissa J. Krasnow, Dorsey & Whitney LLP, and Certified Information Privacy
More informationHIPAA and HITRUST - FAQ
A COALFIRE WHITE PAPER HIPAA and HITRUST - FAQ by Andrew Hicks, MBA, CISA, CCM, CRISC, HITRUST CSF Practitioner Director, Healthcare Practice Lead Coalfire February 2013 Introduction Organizations are
More informationInternet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler
Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in
More informationPanel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices
Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers
More informationCybersecurity and Insurance Companies
Cybersecurity and Insurance Companies ACLI Forum 500 CEO Leadership Retreat Timothy J. Nagle Vice President & Chief Privacy Counsel Prudential Financial 1 May 13, 2015 What is cybersecurity? Protecting
More informationBUSINESS ASSOCIATE AGREEMENT. Recitals
BUSINESS ASSOCIATE AGREEMENT This Agreement is executed this 8 th day of February, 2013, by BETA Healthcare Group. Recitals BETA Healthcare Group consists of BETA Risk Management Authority (BETARMA) and
More informationBest Practices for DLP Implementation in Healthcare Organizations
Best Practices for DLP Implementation in Healthcare Organizations Healthcare organizations should follow 4 key stages when deploying data loss prevention solutions: 1) Understand Regulations and Technology
More information