IT Roles in Loss Prevention. Presented by: Ann Ostrander, Director of Loss Prevention Kirkland & Ellis LLP
|
|
- Kenneth Morris
- 8 years ago
- Views:
Transcription
1 IT Roles in Loss Prevention Presented by: Ann Ostrander, Director of Loss Prevention Kirkland & Ellis LLP
2 What is Loss Prevention (Risk Management)? Mitigate risk Protect the Firm s assets Departments can include: Records Management Conflicts Docket Audit Letters ARDC Registration IRS Reporting for Corporate Transactions Coordination of Lobbying Activity Reporting
3 What does this have to do with IT? We are protecting the I in IT The I is a primary Firm asset Improperly managing the I can create risk events IT is often the control point for the I
4 Types of Risk Wrongdoing - deliberate negligence Mistakes Bad policies Bad procedures Lack of knowledge Mismanagement Risk against the lawyer s duty to protect clients confidential information
5 Areas of IT Strategy Infrastructure/Networking Help Desk/User Support Desktop Applications Enterprise Applications Litigation Support Development
6 Strategy Risk must be assessed at every level of the overall strategic technology plan How information is captured/created/received? How it is accessed and by whom? How information is used and transmitted? How information is disposed of? How will systems integrate to reduce proliferation? Classification, retention and access
7 Risk vs. Impact (or Firm vs. User) High Risk Firm Low Risk Negative Business Impact User Positive Business Impact
8 Infrastructure/Networking/IT Security Data protection and security Decommissioning servers, laptops, desktops Backup tapes Disaster Recovery Removable Media Password change frequency Encryption Website traffic
9 Help Desk/User Support The belly of the beast Access to information Activity of information Adding Deleting Printing Copying/Transferring Often the warning system for risk events Business risk events Records risk events Using controls to manage the risk
10 Information Management Lifecycle (source: KPMG) Phase 2 Storage Access Control Structured v. Unstructured Integrity/Confidentiality ti Availability Phase 1 Generation Ownership Classification Governance Phase 3 Use Internal v. External Third Party Appropriateness Phase 7 Compliance Compliance & Audit Monitoring Process & Controls Phase 4 Transmission Public v. Private Networks Encryption Requirements Access Control Phase 5 Archival Legal & Compliance Offsite Considerations Media Concerns Phase 6 Destruction Secure Destruction Record Retention
11 Desktop Applications Lifecycle of information Capture/Create/Receive Use/Circulation/Transmission Short Term storage Long Term storage Disposition Locking down the desktop Applying ethical walls and protecting confidentiality
12 Enterprise Applications Determine personal control vs. Firm control Establish matter information owners Establish proper access controls Establish consistent, repeatable procedures for incoming/departing personnel and transferring information to the client Two biggies (automatic addresses, reply all, metadata, spam, retention periods) DMS (classification, retention, access)
13 Litigation Support Are you using internal staff to handle Firm discovery requests? The devil is in the details Consider outsourcing internal discovery Consider conflicts checks on lit support staff
14 Development Don t develop in a vacuum; requires coordinated effort to reduce proliferation of information Consider Lifecycle Access Classification Preservation Retention/Destruction Back-up
15 Key Issues Classification (structured vs. unstructured data) Retention, Preservation, Destruction (develop an exit strategy, how will you preserve, how will you securely destroy) Security, Protection, Access (ethical walls, confidential matters)
16 What if I don t have a Loss Prevention Department? General Counsel Litigation Partner Records Manager Malpractice insurance carrier ABA Model Rules of Professional Conduct Ethics Opinions BNA Lawyers Manual on Professional Conduct
17 Great resources Information Nation: Seven Keys to Information Management (author Randolph Kahn, Esq.) Thank you!
E-mail Management: A Guide For Harvard Administrators
E-mail Management: A Guide For Harvard Administrators E-mail is information transmitted or exchanged between a sender and a recipient by way of a system of connected computers. Although e-mail is considered
More informationR Scott Murchison CRM
R Scott Murchison CRM SVP Information Governance Service Kaizen InfoSource LLC Information Management s Impacts on Litigation and ediscovery Relationship of IM and Litigation Role of Information Manager
More informationDiscovery Technology Group
Discovery Technology Group E-mail Retention: Readiness Survey E-mail now represents the largest source of new documents and records generated within a company, and the most troublesome from a retention
More informationHarbinger Escrow Services Backup and Archiving Policy. Document version: 2.8. Harbinger Group Pty Limited Delivered on: 18 March 2008
Document version: 2.8 Issued to: Harbinger Escrow Services Issued by: Harbinger Group Pty Limited Delivered on: 18 March 2008 Harbinger Group Pty Limited, Commercial in Confidence Table of Contents 1 Introduction...
More informationB. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence.
This is a sample approach to developing a sound document collection process, referenced at Section II(7)(vi) of the Guidelines on Best Practices for Litigating Cases Before the Court of Chancery. It should
More informationInformation Governance
Information Governance The New Records Management Rudy Moliere Director, Information Goverance & Records Management Terrence J. Coan, CRM Senior Director Information Management Practice Agenda Introductions
More informationThe Ethical Obligations of an Attorney When Using Technology
The Ethical Obligations of an Attorney When Using Technology A Cell Phone Does Not Create an Invisible Cone of Silence and Other Adventures on the New Frontier David I. Bloom Partner (202) 263 3204 dbloom@mayerbrown.com
More informationWhat We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs
What We ll Cover Foundations of Records and Information Management Creating a Defensible Retention Schedule Paper v. Electronic Records Organization and Retrieval of Records and Information Records Management
More informationState of Michigan Records Management Services. Guide to E mail Storage Options
State of Michigan Records Management Services Guide to E mail Storage Options E mail is a fast, efficient and cost effective means for communicating and sharing information. However, e mail software is
More informationCORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)
CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline) David J. Chavolla, Esq. and Gary L. Kemp, Esq. Casner & Edwards, LLP 303 Congress Street Boston, MA 02210 A. Document and Record Retention Preservation
More informationName: Position held: Company Name: Is your organisation ISO27001 accredited:
Third Party Information Security Questionnaire This questionnaire is to be completed by the system administrator and by the third party hosting company if a separate company is used. Name: Position held:
More informationThe Future of Records Management. Senior Director, Loss Prevention Project Manager/Developer
The Future of Records Management Ann Ostrander Jimmy Lam Senior Director, Loss Prevention Project Manager/Developer Kirkland & Ellis LLP Loeb & Loeb LLP Agenda What is driving the change? People Technology
More informationElectronic Discovery How can I be prepared? September 2010
Electronic Discovery How can I be prepared? September 2010 Presented by Brian Wilkinson, Director of ediscovery & Computer Forensics brian.wilkinson@us.pwc.com 410-659-3473 Table of Contents Page 1 Electronic
More informationHow To Preserve Email Records In Mississippi
EMAIL MANAGEMENT GUIDELINES FOR COUNTIES AND MUNICIPALITIES 1. Purpose The purpose of these guidelines is to ensure that the electronic mail records of county and municipal government officials and employees
More informationGatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria
Gatekeeper PKI Framework ISBN 1 921182 24 5 Department of Finance and Deregulation Australian Government Information Management Office Commonwealth of Australia 2009 This work is copyright. Apart from
More informationSouthern Law Center Law Center Policy #IT0004. Title: Email Policy
Southern Law Center Law Center Policy #IT0004 Title: Email Policy Authority: Department Original Adoption: 7/20/2007 Effective Date: 7/20/2007 Last Revision: 9/17/2012 1.0 Purpose: To provide members of
More informationThis policy is not designed to use systems backup for the following purposes:
Number: AC IT POL 003 Subject: Backup and Restore Policy 1. PURPOSE The backup and restore policy establishes the need and rules for performing periodic system backup to permit timely restoration of Africa
More informationCongregation Data Security Education
Congregation Data Security Education Data Security Risks Incoming and Outgoing Internet Traffic Remote Access Outbound Email Improperly Discarded Paper Portable Media Devices (i.e. laptops, flash drives,
More informationGlobal Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com
WHITE PAPER The IT Manager's Role in Proactive Information Retention and Disposition Management: Balancing ediscovery and Compliance Obligations with IT Operational and Budget Constraints Sponsored by:
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More informationPart 2: Records and Information Management: Creation and Use
Records and Information Management: Creation and Use Part 2: Records and Information Management: Creation and Use Creating Records and Information Information Capture and Use Legal Compliance Risk Assessment
More informationDublin City University
Asset Management Policy Asset Management Policy Contents Purpose... 1 Scope... 1 Physical Assets... 1 Software Assets... 1 Information Assets... 1 Policies and management... 2 Asset Life Cycle... 2 Asset
More informationPROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT SYSTEM
Issued by the EPA Chief Information Officer, Pursuant to Delegation 1-19, dated 07/07/2005 PROCEDURES FOR ELECTRONIC MANAGEMENT OF RULEMAKING AND OTHER DOCKETED RECORDS IN THE FEDERAL DOCKET MANAGEMENT
More informationEmail Management Trends, Troubles, and Solutions
Email Management Trends, Troubles, and Solutions Kevin O Connor General Manager, Content Management & Archiving 1 Information Challenges Lead to Archiving Data Growth Digital Proliferation Cost Escalating
More informationHow To Write A Health Care Security Rule For A University
INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a
More informationLocal Area Networking
Local Area Networking prashant.mali@cyberlawconsulting.com By Prashant Mali LAN Issues Local Area Networks evolved from stand-alone PCs Control and safety features found commonly in multi-user systems
More informationEmail Retention and Archiving
Personnel Connections Email Retention and Archiving 10 a.m. August 21, 2009 John L. Baines OIT Security and Compliance Agenda NC State Government & University Email References Background Governor s Email
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationGain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services
ONE SOLUTION Maximize the Business Value of Your Information Gain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services In today s world, information whether in paper or digital
More informationRECORDKEEPING MATURITY MODEL
Introduction Maturity Rating Definitions 1 Level 1 Inadequate/Sub-standard Practice is not formalised or documented. Processes and practices are fragmented or non-existent. Where processes and practices
More informationTable of Contents. Chapter No. 1. Introduction 1. 2. Objective 1. 3. E-mail Use Compliance 1. 4. Definitions 2. 5. Roles and Responsibilities 2
Table of Contents Chapter Subject Page No. 1. Introduction 1 2. Objective 1 3. E-mail Use Compliance 1 4. Definitions 2 5. Roles and Responsibilities 2 6. Creation and Use of E-mails 3 7. Managing E-mails
More informationRetention & Disposition in the Cloud Do you really have control?
InterPARES Trust Retention & Disposition in the Cloud Do you really have control? Franks Patricia, San Jose State University, San Jose, USA and Alan Doyle, University of British Columbia, Canada October
More informationSpecial Report: ROI of Records Management for Legal Discovery
Special Report: ROI of Records Management for Legal Discovery Page 1 Table of Contents Table of Contents 2 Introduction 3 2010 Litigation Cost Survey 3 Legal Discovery Process 4 ROI Scenarios 7 Other Savings
More informationHIPAA Security COMPLIANCE Checklist For Employers
Compliance HIPAA Security COMPLIANCE Checklist For Employers All of the following steps must be completed by April 20, 2006 (April 14, 2005 for Large Health Plans) Broadly speaking, there are three major
More information3. Ensure the management of information is compliant with legislative requirements to maximise the benefits and minimise risks;
Enterprise Content Management (ECM) Policy Version Information A. Introduction Purpose 1. Outline and articulate the strategy for enterprise content management across Redland City Council (RCC). This document
More informationRECORDS MANAGEMENT POLICY
RECORDS MANAGEMENT POLICY PURPOSE The purpose of this policy is to: Assist departments in effective utilization of space and efficient information retrieval; Establish guidelines for disposal of records;
More informationData Security Policy
Policy Number: Revision Number: 0 QP1.44 Date of issue: March 2009 Status: Approved Date of approval: April 2009 Responsibility for policy: Responsibility for implementation: Responsibility for review:
More informationInformation Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis
Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University
More informationBuilding an ROI Business Case for Email Archiving. Redgrave Daley Ragan & Wagner LLP
Redgrave Daley Ragan & Wagner LLP 1 Introduction Over the past several years, the reliance that organizations place on e-mail as their primary form of business communication has grown exponentially. The
More informationHow To Audit Health And Care Professions Council Security Arrangements
Audit Committee 28 Internal audit report ICT Security Executive summary and recommendations Introduction Mazars has undertaken a review of ICT Security controls, in accordance with the internal audit plan
More informationINTERNATIONAL SOS. Data Retention, Archiving and Destruction Policy. Version 1.07
INTERNATIONAL SOS Data Retention, Archiving and Destruction Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: January 2009 Revised: 2015 All copyright in these materials
More informationCOUNTY OF RIVERSIDE, CALIFORNIA BOARD OF SUPERVISORS POLICY. ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9
ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9 Purpose: The purpose of this policy is to establish guidelines for proper use of all forms of electronic media. As used in this policy, electronic media includes,
More informationThe Many Different Types of Electronic Discovery Searches
May 2004 Volume 2, Number 2 Result Categories of Electronic Discovery Searches Table of Contents The Ethical Implications of Your Computer Result Categories of Electronic Discovery Searches Lawyers often
More informationOFFICE OF CHIEF COUNSEL OPERATION R.E.D. GUIDANCE
OFFICE OF CHIEF COUNSEL OPERATION R.E.D. GUIDANCE Operation R.E.D. is a two-month Chief Counsel event the goal of which is to refresh employees awareness of existing policies and procedures regarding safeguarding
More informationInformation Governance & Records Management for Today's World
May 19-22, 2014, Toronto ON Canada Information Governance & Records Management for Today's World Presented by Colin Cahill LI22 5/20/2014 1:15 PM - 2:45 PM The handouts and presentations attached are copyright
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationRecords and Information Management and Retention
Records and Information Management and Retention Association of Corporate Counsel Nonprofit Organizations Committee Legal Quick Hit March 13, 2012 3 pm ET W. Warren Hamel Venable LLP 750 E. Pratt St. Baltimore,
More informationCITY OF ELK GROVE CITY COUNCIL STAFF REPORT
CITY OF ELK GROVE CITY COUNCIL STAFF REPORT AGENDA ITEM NO. 8.4 AGENDA TITLE: Adopt resolution establishing policy for the retention of electronic mail records and call recordings maintained by IT Services
More informationHIPAA SECURITY RISK ASSESSMENT SMALL PHYSICIAN PRACTICE
HIPAA SECURITY RISK ASSESSMENT SMALL PHYSICIAN PRACTICE How to Use this Assessment The following risk assessment provides you with a series of questions to help you prioritize the development and implementation
More informationHow To Manage Records In A Cloud
Retention & Disposition of Records Residing in a Public Cloud: A Risk Management Approach Patricia C. Franks, PhD, IGP, CA, CRM International Symposium October 17, 2014 to mitigate risk Not all information
More informationSolution Overview: Data Protection Archiving, Backup, and Recovery Unified Information Management for Complex Windows Environments
Unified Information Management for Complex Windows Environments The Explosion of Unstructured Information It is estimated that email, documents, presentations, and other types of unstructured information
More informationUNIVERSITY OF MANITOBA PROCEDURE
UNIVERSITY OF MANITOBA PROCEDURE Procedure: Parent Policy: Effective Date: June 23, 2015 Revised Date: Review Date: June 23, 2025 Approving Body: Authority: Responsible Executive Officer: Delegate: Contact:
More informationThe Next Frontier. for Records Managers. Retention and Disposition of Structured Data:
Retention and Disposition of Structured Data: The Next Frontier for Records Managers Establishing a relationship with IT managers and learning about the basics of system technology will help the records
More informationFrom Archiving to Legal Holds: Comprehensive Information Management
April 21 st, 2010 From Archiving to Legal Holds: Comprehensive Information Management John Jablonski, Esq., Partner, Goldberg Segalla, LLP Wayne Wong, Managing Consultant, Kroll Ontrack 2010 Kroll Ontrack
More informationBackup Policy. Document Title: No. Pages 5. Document Type: Policy. Scope: OCIO, Operations Branch
Document Title: Backup Policy Document Type: Policy No. Pages 5 Scope: OCIO, Operations Branch Trim Number: DOC02866/2007 Revision: 3 Treasury Board Approval: TBM 2007-300 Date Implemented: 2011/03/08
More information9. GOVERNANCE. Policy 9.8 RECORDS MANAGEMENT POLICY. Version 4
9. GOVERNANCE Policy 9.8 RECORDS MANAGEMENT POLICY Version 4 9. GOVERNANCE 9.8 RECORDS MANAGEMENT POLICY OBJECTIVES: To establish the framework for, and accountabilities of, Lithgow City Council s Records
More informationProactive Data Management for ediscovery
Proactive Data Management for ediscovery Simon Taylor Snr. Director Information Management CommVault Systems Inc. Why ediscovery sucks for IT The US Federal Rules of Civil Procedure Rule 34(a), (b) Definition
More informationEFFECTIVE DATE: JULY 1, 2010
Town of Florence POLICY TITLE: EMAIL RETENTION POLICY RESPONSIBLE DEPARTMENT: Town Clerk Office APPROVAL: EFFECTIVE DATE: JULY 1, 2010 AP / RESOLUTION NO.: 2010-02 REFERENCES: TOWN MANAGER SIGNATURE: TOWN
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationCMA Shipping 2015. Ethics and E-Discovery in Shipping Disputes
CMA Shipping 2015 Ethics and E-Discovery in Shipping Disputes March 25, 2015 Vincent J. Foley, Holland & Knight LLP (212) 513-3357 vincent.foley@hklaw.com CMA Shipping 2015 Ethics and E-Discovery for Shipping
More informationDOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS
Overview. DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS A comprehensive and consistently applied document retention policy is necessary to reduce the risk of being charged with spoliation
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationState of Michigan Records Management Services. Frequently Asked Questions About E mail Retention
State of Michigan Records Management Services Frequently Asked Questions About E mail Retention It is essential that government agencies manage their electronic mail (e mail) appropriately. Like all other
More informationIT General Controls Domain COBIT Domain Control Objective Control Activity Test Plan Test of Controls Results
Acquire or develop application systems software Controls provide reasonable assurance that application and system software is acquired or developed that effectively supports financial reporting requirements.
More informationBest Practices Series Document Retention and Best Practices
Best Practices Series Document Retention and Best Practices 1. Sarbanes Oxley Act provides guidance to businesses Sections 802 and 1102 of SOX make it a crime to alter, cover up, falsify, or destroy any
More informationArizona State Library, Archives and Public Records
Arizona State Library, Archives and Public Records RECORDS MANAGEMENT DIVISION 1919 West Jefferson Phoenix, Arizona 85009 (602) 542-3741 Managing Public Records Sent and Received Via Electronic Mail These
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationPreparing for. Helen Streck Records Management Consultant
Preparing for ediscovery By Helen Streck Records Management Consultant Session Agenda Learning Objectives Discovery s s Demands on RIM Programs Areas of Risk Designing a Strategic Approach Processes and
More informationHow To Manage Records And Information Management In Alberta
8. RECORDS AND INFORMATION MANAGEMENT Overview This chapter is intended to help public bodies understand how good records and information management practices assist in the effective administration of
More informationTERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL
TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL INTRODUCTION WHAT IS A RECORD? AS ISO 15489-2002 Records Management defines a record as information created,
More informationBEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050
BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security
More information4.10 Information Management Policy
Policy Statement Information is a strategic business resource that the must manage as a public trust on behalf of Nova Scotians. Effective information management makes program and service delivery more
More informationUMHLABUYALINGANA MUNICIPALITY
UMHLABUYALINGANA MUNICIPALITY BACKUP AND RESTORE POLICY Backup and Restore Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator Recommended by Director of
More informationHow To Manage Cloud Data Safely
Information Governance In The Cloud Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions Topics Cloud Characteristics And Risks Information Management In
More informationData Compliance. And. Your Obligations
Information Booklet Data Compliance And Your Obligations What is Data Protection? It is the safeguarding of the privacy rights of individuals in relation to the processing of personal data. The Data Protection
More informationDirector, Value Engineering
Director, Value Engineering April 25 th, 2012 Copyright OpenText Corporation. All rights reserved. This publication represents proprietary, confidential information pertaining to OpenText product, software
More informationPolicy Outsourcing and Cloud Based File Sharing
Policy Outsourcing and Cloud Based File Sharing Version 3.1 TABLE OF CONTENTS Outsourcing Policy... 2 Outsourcing Management Standard... 2 Overview... 2 Standard... 2 Outsourcing Policy... 3 Policy Statement...
More informationUNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY
PURPOSE The University of Rochester recognizes the vital role information technology plays in the University s missions and related administrative activities as well as the importance in an academic environment
More informationBEST PRACTICES FOR MANAGEMENT OF LOTUS NOTES EMAIL RECORDS September 4, 2003
BEST PRACTICES FOR MANAGEMENT OF LOTUS NOTES EMAIL RECORDS September 4, 2003 All information in a Lotus Notes email system workspace is a record. Following are best practices for managing those records:
More informationLessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd
Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual
More information'Namgis Information Technology Policies
'Namgis Information Technology Policies Summary August 8th 2011 Government Security Policies CONFIDENTIAL Page 2 of 17 Contents... 5 Architecture Policy... 5 Backup Policy... 6 Data Policy... 7 Data Classification
More informationThe Future of Information
Place image here The Future of Information Management Bill Tolson Iron Mountain In the face of an ongoing electronic information explosion, information management becomes an imperative. Organizations need
More informationData Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review
Accelerate e-discovery and simplify review Overview provides IT/Legal liaisons, investigators, lawyers, paralegals and HR professionals the ability to search, preserve and review information across the
More informationDOCSVAULT WhitePaper. Concise Guide to E-discovery. Contents
WhitePaper Concise Guide to E-discovery Contents i. Overview ii. Importance of e-discovery iii. How to prepare for e-discovery? iv. Key processes & issues v. The next step vi. Conclusion Overview E-discovery
More informationAdministrative Procedure
Administrative Procedure Number: 707 Effective: 5/13/2011 Supersedes: INTERIM Page: 1 of 11 Subject: RECORDS RETENTION, MANAGEMENT, AND DISPOSITION PROGRAM 1.0. PURPOSE: 1.1. To establish and administer
More informationUnion County. Electronic Records and Document Imaging Policy
Union County Electronic Records and Document Imaging Policy Adopted by the Union County Board of Commissioners December 2, 2013 1 Table of Contents 1. Purpose... 3 2. Responsible Parties... 3 3. Availability
More informationWhat Data? I m A Trucking Company!
What Data? I m A Trucking Company! Presented by: Marc C. Tucker 434 Fayetteville Street, Suite 2800 Raleigh, NC, 27601 919.755.8713 marc.tucker@smithmoorelaw.com Presented by: Rob D. Moseley, Jr. 2 West
More informationWood River Land Trust LTA Standard 2: Compliance with Laws 2B: Incorporation/Bylaws 2C: Tax Exemption 2D: Records Policy 2E: Public Policy
Wood River Land Trust LTA Standard 2: Compliance with Laws 2A: Compliance 2B: Incorporation/Bylaws 2C: Tax Exemption 2D: Records Policy 2E: Public Policy Policy: The Land Trust will fulfill its legal requirements
More informationIT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs)
IT NETWORK AND INFRASTRUCTURE FILE SERVER POLICY (for Cheshire CCGs) Version 3.2 Ratified By Date Ratified November 2014 Author(s) Responsible Committee / Officers Issue Date November 2014 Review Date
More informationINITIAL APPROVAL DATE INITIAL EFFECTIVE DATE
TITLE AND INFORMATION TECHNOLOGY RESOURCES DOCUMENT # 1107 APPROVAL LEVEL Alberta Health Services Executive Committee SPONSOR Legal & Privacy / Information Technology CATEGORY Information and Technology
More informationVirginia Commonwealth University School of Medicine Information Security Standard
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval
More informationInformation Security Policies. Version 6.1
Information Security Policies Version 6.1 Information Security Policies Contents: 1. Information Security page 3 2. Business Continuity page 5 3. Compliance page 6 4. Outsourcing and Third Party Access
More informationE-Discovery Basics For the RIM Professional. Learning Objectives 5/18/2015. What is Electronic Discovery?
E-Discovery Basics For the RIM Professional By: Andy Sokol, CEDS, CSDS Adding A New Service Offering For Your Legal & Corporate Clients Learning Objectives What is Electronic Discovery? How Does E-Discovery
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationCongregation Identity Theft Education Program
Congregation Identity Theft Education Program Definition - PII Personal Identity Information (PII) is defined as any data that can be used by a third party to steal an individual s or entity s identity
More informationValidating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
More information