SlideShare ist ein Scribd-Unternehmen logo

IQPC eDiscovery Goverment - Washington D.C.

J. David Morris
J. David Morris
Technologie
1 von 17
Braving the New World of E-Discovery Costs: Balancing the Shrinking budgets of agencies and Escalating Overhead June 28, 2011 1
Records Management Program 2 Records Management Plan Records Disposition Schedule Storage IT Support Accountability/Ownership *Subject to annual appropriations
Questions? Robert Martin Records Management Officer National Institute of Food and Agriculture US Department of Agriculture 202.401.5924 rmartin@nifa.usda.gov 3 Back to Table of Contents
Braving the New World of E-Discovery Costs: Balancing the Shrinking budgets of Agencies with Escalating Overhead
1.8Zb Lots of It 95% Mostly Unstructured 85% Mostly Unmanaged 85% Created by Organizations ▲ Becoming More Regulated Information Today – The Big Picture Information
Why is Electronic Information so Challenging? Formats & Apps Cross-border Speed Personal Privacy Various Devices Info Volume Electronic Information
Sarbanes-Oxley Act (SOX) ~ PCAOB ~ SAS 94 ~ AICPA/CICA Privacy Framework ~ AICPA Suitable Trust Services Criteria ~ SEC Retention of Records, 17 CFR 210.2-06 ~ SEC Controls and Procedures, 17 CFR 240.15d-15 ~ SEC Reporting Transactions and Holdings, 17 CFR 240.16a-3 ~ Basel II ~ BIS Sound Practices for the Management and Supervision of Operational Risk ~ Gramm-Leach-Bliley Act (GLB) ~ Standards for Safeguarding Customer Information, FTC 16 CFR 314 ~ Privacy of Consumer Financial Information Rule ~ Safety and Soundness Standards, Appendix of 12 CFR 30 ~ FFIEC Information Security ~ FFIEC Development Acquisition ~ FFIEC Business Continuity Planning ~ FFIEC Audit ~ FFIEC Management ~ FFIEC Operations ~ NASD ~ NYSE ~ Recordkeeping rule for securities exchanges, SEC 17 CFR 240.17a-1 ~ Records to be made by exchange members, SEC 17 CFR 240.17a-3 ~ Records to be preserved by exchange members, SEC 17 CFR 240.17a-4 ~ Recordkeeping, SEC 17 CFR 240.17Ad-6 ~ Record retention, SEC 17 CFR 240.17Ad-7 ~ HIPAA (Health Insurance Portability and Accountability Act) ~ HIPAA HCFA Internet Security Policy ~ NIST Introductory Resource Guide for [HIPAA] (800-66) ~ CMS Core Security Requirements (CSR) ~ CMS Information Security Acceptable Risk Safeguards (ARS) ~ CMS Information Security Certification & Accreditation (C&A) ~ FDA Electronic Records; Electronic Signatures 21 CFR Part 11+D1 ~ Federal Energy Regulatory Commission (FERC) ~ North American Electric Reliability Council (NERC) ~ VISA CISP (Cardholder Information Security Program) ~ Mastercard SDP (Site Data Protection) Program ~ American Express DSS (Data Security Standard) ~ PCI DSS (Payment Card Industry Data Security Standard) ~ FTC ESIGN (Electronic Signatures in Global and National Commerce Act) ~ Uniform Electronic Transactions Act (UETA) ~ FISMA (Federal Information Security Management Act) ~ FISCAM (Federal Information System Controls Audit Manual) ~ FIPS Security Requirements for Cryptographic Modules 140-2 ~ FIPS Guideline for the Analysis of LAN Security 191 ~ FIPS Application Profile for GILS 192 ~ Clinger-Cohen Act (Information Technology Management Reform Act) ~ National Strategy to Secure Cyberspace ~ GAO Financial Audit Manual ~ DOD ...Standard for Electronic Records Management Software...5015-2 ~ CISWG Report on the Best Practices Subgroup ~ CISWG Information Security Program Elements ~ NCUA Guidelines for Safeguarding Member Information 12 CFR 748 ~ IRS Revenue Procedure: Retention of books and records 97-22 ~ IRS Revenue Procedure: Record retention: automatic data processing… 98-25 ~ IRS Internal Revenue Code Section 501(c)(3) ~ Federal Rules of Civil Procedure ~ Uniform Rules of Civil Procedure ~ ISO 15489-1 Information and Documentation: Records management: General ~ ISO 15489-2 Information and Documentation: Records management: Guidelines ~ DIRKS: A Strategic Approach to Managing Business Information ~ Sedona Principles Addressing Electronic Document Production ~ NIST ...Principles and Practices for Securing IT Systems 800-14 ~ NIST Developing Security Plans for Federal Information Systems 800-18 ~ NIST Security Self-Assessment Guide... 800-26 ~ NIST Risk Management Guide... 800-30 ~ NIST Contingency Planning Guide... 800-34 ~ NIST ...Patch and Vulnerability Management Program 800-40 ~ NIST Guidelines on Firewalls and Firewall Policy 800-41 ~ NIST Security Controls for Federal Information Systems 800-53 ~ NIST ...Mapping...Information and...Systems to Security Categories 800-60 ~ NIST Computer Security Incident Handling Guide 800-61 ~ NIST Security Considerations in...Information System Development 800-64 ~ ISO 73:2002 Risk management -- Vocabulary ~ ISO 1335 Information technology – Guidelines for management of IT Security ~ ISO 17799:2000 Code of Practice for Information Security Management ~ ISO 27001:2005 ...Information Security Management Systems -- Requirements ~ IT Information Library (ITIL) Planning to Implement Service Management ~ IT Information Library (ITIL) ICT Infrastructure Management ~ IT Information Library (ITIL) Service Delivery ~ IT Information Library (ITIL) Service Support ~ IT Information Library (ITIL) Application Management ~ IT Information Library (ITIL) Security Management ~ COSO Enterprise Risk Management (ERM) Framework ~ CobiT 3rd Edition ~ CobiT 4th Edition ~ ISACA IS Standards, Guidelines, and Procedures for Auditing and Control... ~ NFPA 1600 Disaster/Emergency Management and Business Continuity ~ Information Security Forum (ISF) Standard of Good Practice ~ Information Security Forum (ISF) Security Audit of Networks ~ A Risk Management Standard, jointly issued by AIRMIC, ALARM, and IRM ~ Business Continuity Institute (BCI) Good Practice Guidelines ~ IIA Global Technology Audit Guide - Information Technology Controls ~ ISSA Generally Accepted Information Security Principles (GAISP) ~ CERT Operationally Critical Threat, Asset & Vulnerability Evaluation (OCTAVE) ~ Cable Communications Privacy Act Title 47 § 551 ~ Telemarketing Sales Rule (TSR) amendment 16 CFR 310.4(b)(3)(iv) ~ CAN SPAM Act ~ Children's Online Privacy Protection Act (COPPA) 16 CFR 312 ~ Children's Online Privacy Protection Act (COPPA) 16 CFR 312 ~ Driver's Privacy Protection Act (DPPA) 18 USC 2721 ~ Family Education Rights Privacy Act (FERPA) 20 USC 1232 ~ Privacy Act of 1974 5 USC 552a ~ Telemarketing Sales Rule (TSR) 16 CFR 310 ~ Video Privacy Protection Act (VPPA) 18 USC 2710 ~ Specter-Leahy Personal Data Privacy and Security Act ~ AR Personal Information Protection Act SB 1167 ~ AZ Amendment to Arizona Revised Statutes 13-2001 HB 2116 ~ CA Information Practice Act SB 1386 ~ CA General Security Standard for Businesses AB 1950 ~ CA Public Records Military Veteran Discharge Documents AB 1798 ~ CA OPP Recommended Practices on Notification of Security Breach ~ CO Prohibition against Using Identity Information for Unlawful Purpose HB 1134 ~ CO Consumer Credit Solicitation Protection HB 1274 ~ CO Prohibiting Inclusion of Social Security Number HB 1311 ~ CT Requiring Consumer Credit Bureaus to Offer Security Freezes SB 650 ~ CT Concerning Nondisclosure of Private Tenant Information HB 5184 ~ DE Computer Security Breaches HB 116 ~ FL Personal Identification Information/Unlawful Use HB 481 ~ GA Consumer Reporting Agencies SB 230 ~ GA Public employees; Fraud, Waste, and Abuse HB 656 ~ HI Exempting disclosure of Social Security numbers HB 2674 ~ IL Personal Information Protection Act HB 1633 ~ IN Release of Social Security Number, Notice of Security Breach SB 503 ~ LA Database Security Breach Notification Law SB 205 Act 499 ~ ME To Protect Maine Citizens from Identity Theft LD 1671 ~ MN Data Warehouses; Notice Required for Certain Disclosures HF 2121 ~ MO HB 957 ~ MT To Implement Individual Privacy and to Prevent Identity Theft HB 732 ~ NJ Identity Theft Prevention Act A4001/S1914 ~ NY A4254, A3492 [no title] ~ NV SB 347 [no title] ~ NC Security Breach Notification Law (Identity Theft Protection Act) SB 1048 ~ ND Personal information protection act SB 2251 ~ OH Personal information -- contact if unauthorized access HB 104 ~ RI Security Breach Notification Law H 6191 ~ TN Security Breach Notification SB 2220 ~ TX Identity Theft Enforcement and Protection Act SB 122 ~ VT Relating to Identity Theft HB 327 ~ VA Identity theft; penalty; restitution; victim assistance HB 872 ~ WA Notice of a breach of the security SB 6043 ~ EU Directive on Privacy and Electronic Communications 2002/58/EC ~ EU Directive on Data Protection 95/46/EC ~ US Department of Commerce EU Safe Harbor Privacy Principles ~ Consumer Interests in the Telecommunications Market Act No. 661 ~ Directive On Privacy And Electronic Communications 2002.58.EC ~ OECD Technology Risk Checklist ~ OECD Guidelines on...Privacy and Transborder Flows of Personal Data ~ UN Guidelines for the Regulation of Computerized Personal Data Files (1990) ~ ISACA Cross-border Privacy Impact Assessment ~ The Combined Code on Corporate Governance ~ Turnbull Guidance on Internal Control, UK FRC ~ Smith Guidance on Audit Committees Combined Code, UK FRC ~ UK Data Protection Act of 1998 ~ BS 15000-1 IT Service Management Standard ~ BS 15000-2 IT Service Management Standard - Code of Practice ~ Canada Keeping the Promise for a Strong Economy Act Bill 198 ~ Canada Personal Information Protection and Electronic Documents Act ~ Canada Privacy Policy and Principles ~ Argentina Personal Data Protection Act ~ Mexico Federal Personal Data Protection Law ~ Austria Data Protection Act ~ Austria Telecommunications Act ~ Bosnia Law on Protection of Personal Data ~ Czech Republic Personal Data Protection Act ~ Denmark Act on Competitive Conditions and Consumer Interests ~ Finland Personal Data Protection Act ~ Finland Amendment of the Personal Data Act ~ France Data Protection Act ~ German Federal Data Protection Act ~ Greece Law on Personal Data Protection ~ Hungary Protection of Personal Data and Disclosure of Data of Public Interest ~ Iceland Protection of Privacy as regards the Processing of Personal Data ~ Ireland Data Protection Act ~ Ireland Data Protection Amendment 2003 ~ Italy Personal Data Protection Code ~ Italy Protection of Individuals with Regard to...Processing of Personal Data ~ Lithuania Law on Legal Protection of Personal Data ~ Luxembourg Data Protection Law ~ Netherlands Personal Data Protection Act ~ Poland Protection of Personal Data Act ~ Slovak Republic Protection of Personal Data in Information Systems ~ Slovenia Personal Data Protection Act ~ South Africa Promotion of Access to Information Act ~ Spain Organic law on the Protection of Personal Data ~ Sweden Personal Data Act ~ Swiss Federal Act on Data Protection ~ Australian Business Continuity Management Guide ~ Australia Spam Act of 2003 ~ Australia Privacy Amendment Act ~ Australia Telecommunications Act ~ Australia Spam Act 2003: A Practical Guide for Business ~ Hong Kong Personal Data (Privacy) Ordinance ~ Hong Kong Personal Data (Privacy) Ordinance ~ India Information Privacy Act ~ Japan Guidelines for Personal Data Protection in Electronic Commerce, ECOM ~ Japan Handbook Concerning Protection of International Data, MITI ~ Japan Personal Information Protection Act ~ Korea Act on the Promotion of Information...Protection ~ Korea Act on the Protection of Personal Information by Public Agencies ~ Korea Use and Protection of Credit Information Act ~ New Zealand Privacy Act ~ REGULATIONS & STANDARDS INCREASE 7 © Copyright 2011 EMC Corporation. All rights reserved.
The Costs of eDiscovery $1.5M average cost per incident 89% of companies face litigation 10x increased costs to outsource $34M average annual legal costs $18M+ cost to review 1 TB of info
eDiscovery Transformation from Reactive eDiscovery to Proactive Information Management Reactive Proactive ‘Platform’ approach ,[object Object]
Tangible ROI
Process-based‘Tools’ approach ,[object Object]
High costs each time
Project-based,[object Object]
Electronic Discovery Reference Model Larger ESI Volumes Identification Challenges Increased False Positives Longer Processing Time
Electronic Discovery Reference Model Increased Collection Volume Increased Collection Time Increased ESI Preservation
Electronic Discovery Reference Model Longer Processing Time Difficult Analysis
Electronic Discovery Reference Model Increased volume delivered for Review - $$$$

Empfohlen

Technology Trends: Value Office
Technology Trends: Value OfficeTechnology Trends: Value Office
Technology Trends: Value OfficeSSFIndia1
 
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...CloudIDSummit
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Sagar Rahurkar
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000n|u - The Open Security Community
 
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...IIED
 
agua
aguaagua
aguaAna Cristina Baumgratz
 
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...J. David Morris
 
Biodiversity Trust Fund, PES sustainable mechanism
Biodiversity Trust Fund, PES sustainable mechanismBiodiversity Trust Fund, PES sustainable mechanism
Biodiversity Trust Fund, PES sustainable mechanismIIED
 

Empfohlen

Technology Trends: Value Office
Technology Trends: Value OfficeTechnology Trends: Value Office
Technology Trends: Value OfficeSSFIndia1
 
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...
CIS13: Intelligence-Driven IAM: The Next Generation of Identity and Access Go...CloudIDSummit
 
Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Compliance audit under the Information Technology Act, 2000
Compliance audit under the Information Technology Act, 2000Sagar Rahurkar
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000n|u - The Open Security Community
 
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...
Fair and green? (Nearly) 20 years of payments for ecosystem services (PES) in...IIED
 
agua
aguaagua
aguaAna Cristina Baumgratz
 
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...
IQPC NY Financial Conference on eDiscovery: Legal Speaks Greek and IT Speaks ...J. David Morris
 
Biodiversity Trust Fund, PES sustainable mechanism
Biodiversity Trust Fund, PES sustainable mechanismBiodiversity Trust Fund, PES sustainable mechanism
Biodiversity Trust Fund, PES sustainable mechanismIIED
 
CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat RajajiCIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat RajajiCloudIDSummit
 
Assessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessAssessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessCourion Corporation
 
EMC SourceOne for SharePoint
EMC SourceOne for SharePointEMC SourceOne for SharePoint
EMC SourceOne for SharePointJ. David Morris
 
Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)Lance Michalson
 
Infosec Law (Feb 2006)
Infosec Law (Feb 2006)Infosec Law (Feb 2006)
Infosec Law (Feb 2006)Lance Michalson
 
Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)Lance Michalson
 
Privacy And Surveillance
Privacy And SurveillancePrivacy And Surveillance
Privacy And SurveillanceSarah Cortes
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
General Data Protection Regulation - Compliance
General Data Protection Regulation - ComplianceGeneral Data Protection Regulation - Compliance
General Data Protection Regulation - ComplianceAdityaChhajed
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkUlf Mattsson
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age padler01
 
Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...David Bustin
 
Privacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and RequirementsPrivacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and RequirementsAnitafin
 
DieboldFinal_adlerp0408
DieboldFinal_adlerp0408DieboldFinal_adlerp0408
DieboldFinal_adlerp0408Aspiration Software LLC
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Presentación ONU
Presentación ONUPresentación ONU
Presentación ONUAlfredo Reyes Krafft
 
NIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government ContractorsNIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government ContractorsUnanet
 
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...J. David Morris
 
Dr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer ExperienceDr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer ExperienceJ. David Morris
 

Weitere ähnliche Inhalte

Ähnlich wie IQPC eDiscovery Goverment - Washington D.C.

CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat RajajiCIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat RajajiCloudIDSummit
 
Assessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessAssessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessCourion Corporation
 
EMC SourceOne for SharePoint
EMC SourceOne for SharePointEMC SourceOne for SharePoint
EMC SourceOne for SharePointJ. David Morris
 
Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)Lance Michalson
 
Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)Lance Michalson
 
Privacy And Surveillance
Privacy And SurveillancePrivacy And Surveillance
Privacy And SurveillanceSarah Cortes
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Ulf Mattsson
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaUlf Mattsson
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
General Data Protection Regulation - Compliance
General Data Protection Regulation - ComplianceGeneral Data Protection Regulation - Compliance
General Data Protection Regulation - ComplianceAdityaChhajed
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkUlf Mattsson
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age padler01
 
Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...David Bustin
 
Privacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and RequirementsPrivacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and RequirementsAnitafin
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
NIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government ContractorsNIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government ContractorsUnanet
 

Ähnlich wie IQPC eDiscovery Goverment - Washington D.C. (20)

CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat RajajiCIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
CIS 2015- Assessing the Risk of Identity and Access- Venkat Rajaji
 
Assessing the Risk of Identity and Access
Assessing the Risk of Identity and AccessAssessing the Risk of Identity and Access
Assessing the Risk of Identity and Access
 
EMC SourceOne for SharePoint
EMC SourceOne for SharePointEMC SourceOne for SharePoint
EMC SourceOne for SharePoint
 
Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)Ict Compliance (Sept 2004)
Ict Compliance (Sept 2004)
 
Infosec Law (Feb 2006)
Infosec Law (Feb 2006)Infosec Law (Feb 2006)
Infosec Law (Feb 2006)
 
Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)Ict Compliance @ Gartner (August 2005)
Ict Compliance @ Gartner (August 2005)
 
Privacy And Surveillance
Privacy And SurveillancePrivacy And Surveillance
Privacy And Surveillance
 
Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...Jul 16 isaca london data protection, security and privacy risks - on premis...
Jul 16 isaca london data protection, security and privacy risks - on premis...
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpaA practical data privacy and security approach to ffiec, gdpr and ccpa
A practical data privacy and security approach to ffiec, gdpr and ccpa
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
General Data Protection Regulation - Compliance
General Data Protection Regulation - ComplianceGeneral Data Protection Regulation - Compliance
General Data Protection Regulation - Compliance
 
BigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at BrighttalkBigData and Privacy webinar at Brighttalk
BigData and Privacy webinar at Brighttalk
 
Data Risks In A Digital Age
Data Risks In A Digital Age Data Risks In A Digital Age
Data Risks In A Digital Age
 
Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...Security Analysis Findings and Recommendations for the Department of Veterans...
Security Analysis Findings and Recommendations for the Department of Veterans...
 
Privacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and RequirementsPrivacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
Privacy Practice Fundamentals: Understanding Compliance Regimes and Requirements
 
DieboldFinal_adlerp0408
DieboldFinal_adlerp0408DieboldFinal_adlerp0408
DieboldFinal_adlerp0408
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Presentación ONU
Presentación ONUPresentación ONU
Presentación ONU
 
NIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government ContractorsNIST Cybersecurity Requirements for Government Contractors
NIST Cybersecurity Requirements for Government Contractors
 

Mehr von J. David Morris

Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...J. David Morris
 
Dr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer ExperienceDr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer ExperienceJ. David Morris
 
Wayne Eckerson: Secrets of Analytical Leaders webinar
Wayne Eckerson: Secrets of Analytical Leaders webinarWayne Eckerson: Secrets of Analytical Leaders webinar
Wayne Eckerson: Secrets of Analytical Leaders webinarJ. David Morris
 
Laura Madsen Healthcare Webinar - Big Answers
Laura Madsen Healthcare Webinar - Big AnswersLaura Madsen Healthcare Webinar - Big Answers
Laura Madsen Healthcare Webinar - Big AnswersJ. David Morris
 
Cetas Analytics as a Service for Predictive Analytics
Cetas Analytics as a Service for Predictive AnalyticsCetas Analytics as a Service for Predictive Analytics
Cetas Analytics as a Service for Predictive AnalyticsJ. David Morris
 
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...J. David Morris
 
The Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryThe Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryJ. David Morris
 
Overcoming In-house Politics to Implement eDiscovery
Overcoming In-house Politics to Implement eDiscoveryOvercoming In-house Politics to Implement eDiscovery
Overcoming In-house Politics to Implement eDiscoveryJ. David Morris
 
Esoteric ESI eDiscovery webinar
Esoteric ESI eDiscovery webinarEsoteric ESI eDiscovery webinar
Esoteric ESI eDiscovery webinarJ. David Morris
 
It takes a village - LegalTech NY 2011
It takes a village - LegalTech NY 2011It takes a village - LegalTech NY 2011
It takes a village - LegalTech NY 2011J. David Morris
 
eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!J. David Morris
 
LegalTech Cross Border Disputes
LegalTech Cross Border DisputesLegalTech Cross Border Disputes
LegalTech Cross Border DisputesJ. David Morris
 
eDiscovery Turf Wars at LegalTech 2011
eDiscovery Turf Wars at LegalTech 2011eDiscovery Turf Wars at LegalTech 2011
eDiscovery Turf Wars at LegalTech 2011J. David Morris
 
Mc Carterand English 06152010 F
Mc Carterand English 06152010 FMc Carterand English 06152010 F
Mc Carterand English 06152010 FJ. David Morris
 
US eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureUS eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureJ. David Morris
 

Mehr von J. David Morris (20)

Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
Gamification: Leveraging Game Strategies & Big Data to Drive Business with Dr...
 
Dr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer ExperienceDr. Bob Hayes Big Data and the Total Customer Experience
Dr. Bob Hayes Big Data and the Total Customer Experience
 
Wayne Eckerson: Secrets of Analytical Leaders webinar
Wayne Eckerson: Secrets of Analytical Leaders webinarWayne Eckerson: Secrets of Analytical Leaders webinar
Wayne Eckerson: Secrets of Analytical Leaders webinar
 
Laura Madsen Healthcare Webinar - Big Answers
Laura Madsen Healthcare Webinar - Big AnswersLaura Madsen Healthcare Webinar - Big Answers
Laura Madsen Healthcare Webinar - Big Answers
 
Cetas Analytics as a Service for Predictive Analytics
Cetas Analytics as a Service for Predictive AnalyticsCetas Analytics as a Service for Predictive Analytics
Cetas Analytics as a Service for Predictive Analytics
 
KMWorld Presentation
KMWorld PresentationKMWorld Presentation
KMWorld Presentation
 
eDiscovery Infographic
eDiscovery InfographiceDiscovery Infographic
eDiscovery Infographic
 
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...
Jason Baron, Esq. and James Shook, Esq. - An Inevitable Reality: Machine-base...
 
The Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscoveryThe Catch 22 of Cross Border eDiscovery
The Catch 22 of Cross Border eDiscovery
 
Overcoming In-house Politics to Implement eDiscovery
Overcoming In-house Politics to Implement eDiscoveryOvercoming In-house Politics to Implement eDiscovery
Overcoming In-house Politics to Implement eDiscovery
 
Esoteric ESI eDiscovery webinar
Esoteric ESI eDiscovery webinarEsoteric ESI eDiscovery webinar
Esoteric ESI eDiscovery webinar
 
It takes a village - LegalTech NY 2011
It takes a village - LegalTech NY 2011It takes a village - LegalTech NY 2011
It takes a village - LegalTech NY 2011
 
eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!
 
LegalTech Cross Border Disputes
LegalTech Cross Border DisputesLegalTech Cross Border Disputes
LegalTech Cross Border Disputes
 
Pardon the eDiscovery
Pardon the eDiscoveryPardon the eDiscovery
Pardon the eDiscovery
 
eDiscovery Turf Wars at LegalTech 2011
eDiscovery Turf Wars at LegalTech 2011eDiscovery Turf Wars at LegalTech 2011
eDiscovery Turf Wars at LegalTech 2011
 
Apps Preso
Apps PresoApps Preso
Apps Preso
 
Mc Carterand English 06152010 F
Mc Carterand English 06152010 FMc Carterand English 06152010 F
Mc Carterand English 06152010 F
 
US eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosureUS eDiscovery v UK eDisclosure
US eDiscovery v UK eDisclosure
 
Webinar Win In Court V3
Webinar Win In Court V3Webinar Win In Court V3
Webinar Win In Court V3
 

Kürzlich hochgeladen

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 

Kürzlich hochgeladen (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 

IQPC eDiscovery Goverment - Washington D.C.

  • 1. Braving the New World of E-Discovery Costs: Balancing the Shrinking budgets of agencies and Escalating Overhead June 28, 2011 1
  • 2. Records Management Program 2 Records Management Plan Records Disposition Schedule Storage IT Support Accountability/Ownership *Subject to annual appropriations
  • 3. Questions? Robert Martin Records Management Officer National Institute of Food and Agriculture US Department of Agriculture 202.401.5924 rmartin@nifa.usda.gov 3 Back to Table of Contents
  • 4. Braving the New World of E-Discovery Costs: Balancing the Shrinking budgets of Agencies with Escalating Overhead
  • 5. 1.8Zb Lots of It 95% Mostly Unstructured 85% Mostly Unmanaged 85% Created by Organizations ▲ Becoming More Regulated Information Today – The Big Picture Information
  • 6. Why is Electronic Information so Challenging? Formats & Apps Cross-border Speed Personal Privacy Various Devices Info Volume Electronic Information
  • 7. Sarbanes-Oxley Act (SOX) ~ PCAOB ~ SAS 94 ~ AICPA/CICA Privacy Framework ~ AICPA Suitable Trust Services Criteria ~ SEC Retention of Records, 17 CFR 210.2-06 ~ SEC Controls and Procedures, 17 CFR 240.15d-15 ~ SEC Reporting Transactions and Holdings, 17 CFR 240.16a-3 ~ Basel II ~ BIS Sound Practices for the Management and Supervision of Operational Risk ~ Gramm-Leach-Bliley Act (GLB) ~ Standards for Safeguarding Customer Information, FTC 16 CFR 314 ~ Privacy of Consumer Financial Information Rule ~ Safety and Soundness Standards, Appendix of 12 CFR 30 ~ FFIEC Information Security ~ FFIEC Development Acquisition ~ FFIEC Business Continuity Planning ~ FFIEC Audit ~ FFIEC Management ~ FFIEC Operations ~ NASD ~ NYSE ~ Recordkeeping rule for securities exchanges, SEC 17 CFR 240.17a-1 ~ Records to be made by exchange members, SEC 17 CFR 240.17a-3 ~ Records to be preserved by exchange members, SEC 17 CFR 240.17a-4 ~ Recordkeeping, SEC 17 CFR 240.17Ad-6 ~ Record retention, SEC 17 CFR 240.17Ad-7 ~ HIPAA (Health Insurance Portability and Accountability Act) ~ HIPAA HCFA Internet Security Policy ~ NIST Introductory Resource Guide for [HIPAA] (800-66) ~ CMS Core Security Requirements (CSR) ~ CMS Information Security Acceptable Risk Safeguards (ARS) ~ CMS Information Security Certification & Accreditation (C&A) ~ FDA Electronic Records; Electronic Signatures 21 CFR Part 11+D1 ~ Federal Energy Regulatory Commission (FERC) ~ North American Electric Reliability Council (NERC) ~ VISA CISP (Cardholder Information Security Program) ~ Mastercard SDP (Site Data Protection) Program ~ American Express DSS (Data Security Standard) ~ PCI DSS (Payment Card Industry Data Security Standard) ~ FTC ESIGN (Electronic Signatures in Global and National Commerce Act) ~ Uniform Electronic Transactions Act (UETA) ~ FISMA (Federal Information Security Management Act) ~ FISCAM (Federal Information System Controls Audit Manual) ~ FIPS Security Requirements for Cryptographic Modules 140-2 ~ FIPS Guideline for the Analysis of LAN Security 191 ~ FIPS Application Profile for GILS 192 ~ Clinger-Cohen Act (Information Technology Management Reform Act) ~ National Strategy to Secure Cyberspace ~ GAO Financial Audit Manual ~ DOD ...Standard for Electronic Records Management Software...5015-2 ~ CISWG Report on the Best Practices Subgroup ~ CISWG Information Security Program Elements ~ NCUA Guidelines for Safeguarding Member Information 12 CFR 748 ~ IRS Revenue Procedure: Retention of books and records 97-22 ~ IRS Revenue Procedure: Record retention: automatic data processing… 98-25 ~ IRS Internal Revenue Code Section 501(c)(3) ~ Federal Rules of Civil Procedure ~ Uniform Rules of Civil Procedure ~ ISO 15489-1 Information and Documentation: Records management: General ~ ISO 15489-2 Information and Documentation: Records management: Guidelines ~ DIRKS: A Strategic Approach to Managing Business Information ~ Sedona Principles Addressing Electronic Document Production ~ NIST ...Principles and Practices for Securing IT Systems 800-14 ~ NIST Developing Security Plans for Federal Information Systems 800-18 ~ NIST Security Self-Assessment Guide... 800-26 ~ NIST Risk Management Guide... 800-30 ~ NIST Contingency Planning Guide... 800-34 ~ NIST ...Patch and Vulnerability Management Program 800-40 ~ NIST Guidelines on Firewalls and Firewall Policy 800-41 ~ NIST Security Controls for Federal Information Systems 800-53 ~ NIST ...Mapping...Information and...Systems to Security Categories 800-60 ~ NIST Computer Security Incident Handling Guide 800-61 ~ NIST Security Considerations in...Information System Development 800-64 ~ ISO 73:2002 Risk management -- Vocabulary ~ ISO 1335 Information technology – Guidelines for management of IT Security ~ ISO 17799:2000 Code of Practice for Information Security Management ~ ISO 27001:2005 ...Information Security Management Systems -- Requirements ~ IT Information Library (ITIL) Planning to Implement Service Management ~ IT Information Library (ITIL) ICT Infrastructure Management ~ IT Information Library (ITIL) Service Delivery ~ IT Information Library (ITIL) Service Support ~ IT Information Library (ITIL) Application Management ~ IT Information Library (ITIL) Security Management ~ COSO Enterprise Risk Management (ERM) Framework ~ CobiT 3rd Edition ~ CobiT 4th Edition ~ ISACA IS Standards, Guidelines, and Procedures for Auditing and Control... ~ NFPA 1600 Disaster/Emergency Management and Business Continuity ~ Information Security Forum (ISF) Standard of Good Practice ~ Information Security Forum (ISF) Security Audit of Networks ~ A Risk Management Standard, jointly issued by AIRMIC, ALARM, and IRM ~ Business Continuity Institute (BCI) Good Practice Guidelines ~ IIA Global Technology Audit Guide - Information Technology Controls ~ ISSA Generally Accepted Information Security Principles (GAISP) ~ CERT Operationally Critical Threat, Asset & Vulnerability Evaluation (OCTAVE) ~ Cable Communications Privacy Act Title 47 § 551 ~ Telemarketing Sales Rule (TSR) amendment 16 CFR 310.4(b)(3)(iv) ~ CAN SPAM Act ~ Children's Online Privacy Protection Act (COPPA) 16 CFR 312 ~ Children's Online Privacy Protection Act (COPPA) 16 CFR 312 ~ Driver's Privacy Protection Act (DPPA) 18 USC 2721 ~ Family Education Rights Privacy Act (FERPA) 20 USC 1232 ~ Privacy Act of 1974 5 USC 552a ~ Telemarketing Sales Rule (TSR) 16 CFR 310 ~ Video Privacy Protection Act (VPPA) 18 USC 2710 ~ Specter-Leahy Personal Data Privacy and Security Act ~ AR Personal Information Protection Act SB 1167 ~ AZ Amendment to Arizona Revised Statutes 13-2001 HB 2116 ~ CA Information Practice Act SB 1386 ~ CA General Security Standard for Businesses AB 1950 ~ CA Public Records Military Veteran Discharge Documents AB 1798 ~ CA OPP Recommended Practices on Notification of Security Breach ~ CO Prohibition against Using Identity Information for Unlawful Purpose HB 1134 ~ CO Consumer Credit Solicitation Protection HB 1274 ~ CO Prohibiting Inclusion of Social Security Number HB 1311 ~ CT Requiring Consumer Credit Bureaus to Offer Security Freezes SB 650 ~ CT Concerning Nondisclosure of Private Tenant Information HB 5184 ~ DE Computer Security Breaches HB 116 ~ FL Personal Identification Information/Unlawful Use HB 481 ~ GA Consumer Reporting Agencies SB 230 ~ GA Public employees; Fraud, Waste, and Abuse HB 656 ~ HI Exempting disclosure of Social Security numbers HB 2674 ~ IL Personal Information Protection Act HB 1633 ~ IN Release of Social Security Number, Notice of Security Breach SB 503 ~ LA Database Security Breach Notification Law SB 205 Act 499 ~ ME To Protect Maine Citizens from Identity Theft LD 1671 ~ MN Data Warehouses; Notice Required for Certain Disclosures HF 2121 ~ MO HB 957 ~ MT To Implement Individual Privacy and to Prevent Identity Theft HB 732 ~ NJ Identity Theft Prevention Act A4001/S1914 ~ NY A4254, A3492 [no title] ~ NV SB 347 [no title] ~ NC Security Breach Notification Law (Identity Theft Protection Act) SB 1048 ~ ND Personal information protection act SB 2251 ~ OH Personal information -- contact if unauthorized access HB 104 ~ RI Security Breach Notification Law H 6191 ~ TN Security Breach Notification SB 2220 ~ TX Identity Theft Enforcement and Protection Act SB 122 ~ VT Relating to Identity Theft HB 327 ~ VA Identity theft; penalty; restitution; victim assistance HB 872 ~ WA Notice of a breach of the security SB 6043 ~ EU Directive on Privacy and Electronic Communications 2002/58/EC ~ EU Directive on Data Protection 95/46/EC ~ US Department of Commerce EU Safe Harbor Privacy Principles ~ Consumer Interests in the Telecommunications Market Act No. 661 ~ Directive On Privacy And Electronic Communications 2002.58.EC ~ OECD Technology Risk Checklist ~ OECD Guidelines on...Privacy and Transborder Flows of Personal Data ~ UN Guidelines for the Regulation of Computerized Personal Data Files (1990) ~ ISACA Cross-border Privacy Impact Assessment ~ The Combined Code on Corporate Governance ~ Turnbull Guidance on Internal Control, UK FRC ~ Smith Guidance on Audit Committees Combined Code, UK FRC ~ UK Data Protection Act of 1998 ~ BS 15000-1 IT Service Management Standard ~ BS 15000-2 IT Service Management Standard - Code of Practice ~ Canada Keeping the Promise for a Strong Economy Act Bill 198 ~ Canada Personal Information Protection and Electronic Documents Act ~ Canada Privacy Policy and Principles ~ Argentina Personal Data Protection Act ~ Mexico Federal Personal Data Protection Law ~ Austria Data Protection Act ~ Austria Telecommunications Act ~ Bosnia Law on Protection of Personal Data ~ Czech Republic Personal Data Protection Act ~ Denmark Act on Competitive Conditions and Consumer Interests ~ Finland Personal Data Protection Act ~ Finland Amendment of the Personal Data Act ~ France Data Protection Act ~ German Federal Data Protection Act ~ Greece Law on Personal Data Protection ~ Hungary Protection of Personal Data and Disclosure of Data of Public Interest ~ Iceland Protection of Privacy as regards the Processing of Personal Data ~ Ireland Data Protection Act ~ Ireland Data Protection Amendment 2003 ~ Italy Personal Data Protection Code ~ Italy Protection of Individuals with Regard to...Processing of Personal Data ~ Lithuania Law on Legal Protection of Personal Data ~ Luxembourg Data Protection Law ~ Netherlands Personal Data Protection Act ~ Poland Protection of Personal Data Act ~ Slovak Republic Protection of Personal Data in Information Systems ~ Slovenia Personal Data Protection Act ~ South Africa Promotion of Access to Information Act ~ Spain Organic law on the Protection of Personal Data ~ Sweden Personal Data Act ~ Swiss Federal Act on Data Protection ~ Australian Business Continuity Management Guide ~ Australia Spam Act of 2003 ~ Australia Privacy Amendment Act ~ Australia Telecommunications Act ~ Australia Spam Act 2003: A Practical Guide for Business ~ Hong Kong Personal Data (Privacy) Ordinance ~ Hong Kong Personal Data (Privacy) Ordinance ~ India Information Privacy Act ~ Japan Guidelines for Personal Data Protection in Electronic Commerce, ECOM ~ Japan Handbook Concerning Protection of International Data, MITI ~ Japan Personal Information Protection Act ~ Korea Act on the Promotion of Information...Protection ~ Korea Act on the Protection of Personal Information by Public Agencies ~ Korea Use and Protection of Credit Information Act ~ New Zealand Privacy Act ~ REGULATIONS & STANDARDS INCREASE 7 © Copyright 2011 EMC Corporation. All rights reserved.
  • 8. The Costs of eDiscovery $1.5M average cost per incident 89% of companies face litigation 10x increased costs to outsource $34M average annual legal costs $18M+ cost to review 1 TB of info
  • 9.
  • 11.
  • 13.
  • 14. Electronic Discovery Reference Model Larger ESI Volumes Identification Challenges Increased False Positives Longer Processing Time
  • 15. Electronic Discovery Reference Model Increased Collection Volume Increased Collection Time Increased ESI Preservation
  • 16. Electronic Discovery Reference Model Longer Processing Time Difficult Analysis
  • 17. Electronic Discovery Reference Model Increased volume delivered for Review - $$$$
  • 18. Balancing eDiscovery Budget and Expense Determine Litigation, Investigation, and Risk Profile Build cross-functional team – Legal, IT, Records, etc. Understand Systems, Repositories, Applications which contain ESI Understand where your ESI is located and who has access to it – laptops/desktops, datacenters, cloud…… Discover current ESI volume and ESI growth predictions Review eDiscovery options – In-house, Hybrid, Outsourced models Right size the eDiscovery solution to fit your needs Stay current on eDiscovery best practices and emerging case law
  • 19. Question and Answers David Morris - David.Morris@emc.com
  • 20. Next Steps Best practices white papers, analyst papers and more… eDiscovery kazeon.com emc.com/ediscovery Information Governance emc.com/informationgovernance emc.com/SourceOneCity Upcoming events Best Practices eDiscovery webcasts (EMC+MastersConf) kazeon.com/newsroom2/webinars.php

Hinweis der Redaktion

  1. Although the number of regulations have been increasing, the reality is many of the regulations have been around for quite some time. The issue is that some of the regulations were originally created based on our physical or paper records and now we are dealing with regulations that deal specifically with the management or governance of electronic information. The slide with the data protection laws came from our e-discovery/legal teams.  I believe I got it from Jim Shook.  We either use this one (with the world map) or our eye chart one to ultimately bring up the fact that regulations are growing at a vast amount (i.e. at one point the UK Liberal government was literally creating a new regulation a day – they had over 3000 regulations created in their tenure) and it is not just a US or North American thing it is truly global.  Fundamentally when I discuss this I use the analogy of it’s not just certifications or regulations, but standards and acts, and it’s all about managing your information from a to z – who has access, how are they accessing  it, what are they doing with it and how are we ensuring that we only keep it for the required amount of time.
  2. We realize this sounds counterintuitive but….Governance was something you worked around/against. In this new Cloudy World, success, that is agility and productivity are impossible without governance.Our goal – To help our customers make governance an integral part of their information fabric and to make it unobtrusive so it doesn’t become a block.You want to use governance to….Provide better visibility into your overall risk (where is that data anyhow?)Enable you to manage/reduce that risk (I can put retention/disposition on it, I can discover it)Remove obstacles to customer agility and productivity (e.g. can I export data? Am I violating privacy laws) Make governance a partner rather than a hindrance of the business transformationUltimately drive governance as an inherent part of the information fabric – governance should be like dialtone – pervasive you shouldn’t have to think about it – it should just be part of what you do.