SlideShare ist ein Scribd-Unternehmen logo

Law Firm Data Privacy Overview

Als PPTX, PDF herunterladen
David Cunningham
David Cunningham

The document provides an overview of data privacy regulations and obligations for law firms. It discusses requirements around protecting client data, firm confidential information, and sensitive data. The presentation notes that firms must establish policies and controls around data collection, use, storage, and sharing to ensure compliance with various privacy laws and standards, including HIPAA, GDPR, and state privacy statutes. It also emphasizes the importance of training employees, conducting security audits, and establishing responsibilities and guidelines for handling personal information.

TechnologieNews & Politik
1 von 16
Law Firm Data Privacy Overview Presented by David Cunningham Hildebrandt Baker Robbins
Data Privacy Overview Regulatory Obligations Data Privacy Client Confidential Firm Confidential Information Information
Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) Health and Human Services and Governing Body Federal Trade Commission State Privacy Laws Personally Identifiable Information (PII) Protected Health Information Sensitive Data • Internal HR data • Client data EU Data Protection Directive / Safe Harbor Personally Identifiable Information (PII) Compliance Date February 17, 2010 Red Flag $100 - $50,000 per incident; $1.5M Personally Identifiable Information (PII) Penalty max per year. Plus potential criminal penalties ITAR Classified Defense Information
Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) State of Massachusetts Governing Body (example state) State Privacy Laws Personally Identifiable Information (PII) Personal information about a Sensitive Data resident of the Commonwealth of Massachusetts EU Data Protection Directive / Safe Harbor Compliance Date March 1, 2010 Personally Identifiable Information (PII) Red Flag $5,000 per incident plus costs of Personally Identifiable Information (PII) Penalty investigation, litigation and legal fees, plus potential civil penalties ITAR Classified Defense Information
Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) US Dept of Commerce / Governing Body Federal Trade Commission State Privacy Laws Personally Identifiable Information (PII) Personal information transferred to Sensitive Data or from 27 Members States of the European Union EU Data Protection Directive / Voluntary Safe Harbor Compliance Date (replaces Data Transfer Agreements) Red Flag Personally Identifiable Information (PII) Penalty Up to $12,000 per day for violations ITAR Classified Defense Information
Data Privacy Data Privacy Regulations - Federal Trade Commission HITECH / HIPAA Governing Body Protected Health Information (PHI) via Fair Credit Reporting Act State Privacy Laws - Require financial institutions and Personally Identifiable Information (PII) creditors to create a program that provides for the identification, detection, and response to patterns, EU Data Protection Sensitive Data practices, or specific activities – Directive / known as “red flags.” Safe Harbor Personally Identifiable Information (PII) -The purpose of the Red Flags Rules is to help avoid identity theft. Red Flag Personally Identifiable Information (PII) Compliance Date - June 1, 2010 (law firms exempt) ITAR Classified Defense Information - $2,500 - $3,500 per violation, then Penalty up to $16,000 per violation for continued non-compliance
Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) Governing Body US Department of State State Privacy Laws Personally Identifiable Information (PII) “Export of technical data and Sensitive Data classified defense articles”, as defined by the US Munitions List EU Data Protection Directive / 60 days in advance of any intended Safe Harbor Personally Identifiable Information (PII) Compliance Date sale or transfer to a foreign person of ownership or control Red Flag Personally Identifiable Information (PII) Per violation, civil fines up to $500K; Penalty criminal penalties up to $1M and 10 ITAR years imprisonment Classified Defense Information
Data Privacy Data Privacy Regulations Protection of Sensitive Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection Directive / Safe Harbor Personally Identifiable Information (PII) Red Flag Personally Identifiable Information (PII) ITAR Classified Defense Information
Data Privacy Data Privacy Regulations Protection of Sensitive Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection Directive / Safe Harbor Preservation Orders Personally Identifiable Information (PII) Litigation, Subpoena or Client Requests Red Flag Personally Identifiable Information (PII) Confidential Walls - Inclusionary Walls for Privacy and Subpoenas - Exclusionary Walls for Conflicts ITAR Classified Defense Information
Data Privacy Data Privacy Regulations Protection of Sensitive Data Standards Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection ISO 27001 Directive / Competence in Addressing Data Safe Harbor Preservation Orders Confidentiality Personally Identifiable Information (PII) Litigation, Subpoena or Client Requests Red Flag Personally Identifiable Information (PII) Confidential Walls - Inclusionary Walls for Privacy and Subpoenas - Exclusionary Walls for Conflicts ITAR Classified Defense Information
Data Privacy Solutions
Data Privacy - General Adequacy Questions • Does your firm need the personal data that it is collecting about an individual? • Can you firm document what it will use the personal data for? • Do these individuals know that the firm has their personal data and do they understand what it will be used for? • If the firm is asked to pass on personal data, would these individuals expect the firm to do this? • Is the firm satisfied that the information is being held securely, whether it is on paper, on computer, or during transfer? Is the firm willing to face a regulatory audit on this security? • Is it secure and are proper contracts with the third parties in place? • Is access to personal data limited to those with a strict need to know at the firm? • Is the firm sure that all personal data is accurate and up to date? • Does the firm delete or destroy personal information as soon as it has no more need for it? • Has the firm trained all of its attorneys and staff in their duties and responsibilities under all relevant data protection laws and are all of its attorneys and staff satisfying their duties and responsibilities? • Are all notifications to all Data or Information Commissioners current?
Data Privacy – Vendor Agreements Terms Before Negotiation Terms After Negotiation Limitations on liability Security and privacy standards Limited warranties Data ownership and return of data No performance standards Permissible use and disclosure of data Ability to change terms without Service level standards notice Control of security incidents Weak termination rights Audit rights Automatic contract renewal Proper allocation of liability Choice of law/forum
Data Privacy Roadmap • Start with broadest areas of risk – Protect portable devices: PCs, USB drives, and PDAs – Conduct an account audit; enact password policies – Use third party to perform penetration testing • Inventory PII, PHI, confidential, and sensitive information • Establish Firm‟s privacy stance – Establish data privacy roles and responsibilities – Draft privacy policy • Incorporate data privacy in agreements with: – Employees – Clients – Firm‟s vendors
Data Privacy Roadmap (continued) • Educate employees • Address broader aspects of data privacy – Processes (manual or automated) – Physical security – „Data at Rest‟ and „Data in Motion‟ – Security monitoring • Register with data privacy authorities • Maintain security program
David Cunningham Managing Director, Hildebrandt Baker Robbins dcunningham@hbrconsulting.com

Empfohlen

Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...David Cunningham
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentationbillanetworks
 
California Privacy Law: Resources & Protections
California Privacy Law: Resources & ProtectionsCalifornia Privacy Law: Resources & Protections
California Privacy Law: Resources & Protectionsipspat
 
Ecommerce Chap 10
Ecommerce Chap 10Ecommerce Chap 10
Ecommerce Chap 10Pimsat University
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryFerrariT1
 
Privacy - USC 2005
Privacy - USC 2005Privacy - USC 2005
Privacy - USC 2005Internet Law Center
 
What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?Bivas Chatterjee
 

Empfohlen

Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...David Cunningham
 
Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)Federal Data Protection Act (FDPA)
Federal Data Protection Act (FDPA)AMIPCI
 
Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentationbillanetworks
 
California Privacy Law: Resources & Protections
California Privacy Law: Resources & ProtectionsCalifornia Privacy Law: Resources & Protections
California Privacy Law: Resources & Protectionsipspat
 
Ecommerce Chap 10
Ecommerce Chap 10Ecommerce Chap 10
Ecommerce Chap 10Pimsat University
 
Cyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryCyber & Privacy Liability for Health Care Industry
Cyber & Privacy Liability for Health Care IndustryFerrariT1
 
Privacy - USC 2005
Privacy - USC 2005Privacy - USC 2005
Privacy - USC 2005Internet Law Center
 
What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?Bivas Chatterjee
 
Texas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New ChangesTexas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New ChangesJim Brashear
 
Developing a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeDeveloping a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeMarcelo Gomes Freire
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018ProColombia
 
Privacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal DataPrivacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal DataH. T. Besik
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
Privacy in India: Legal issues
Privacy in India: Legal issuesPrivacy in India: Legal issues
Privacy in India: Legal issuesSagar Rahurkar
 
Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009brentcarey
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ? HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ? Magda CHELLY, Ph.D, S-CISO, CISSP®
 
Privacy introduction
Privacy introduction Privacy introduction
Privacy introduction brentcarey
 
eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!J. David Morris
 
Advisory April Showers 02.19.2009
Advisory April Showers 02.19.2009Advisory April Showers 02.19.2009
Advisory April Showers 02.19.2009Davis Wright Tremaine LLP
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record managementGreenLeafInst
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31mbarreto13
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperMatthew Kurnava
 
Popi and Sharepoint 2010
Popi and Sharepoint 2010Popi and Sharepoint 2010
Popi and Sharepoint 2010Willem Burger
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsBrian Honan
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fd4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fdGlobalForum
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...David Cunningham
 

Weitere ähnliche Inhalte

Was ist angesagt?

Texas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New ChangesTexas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New ChangesJim Brashear
 
Developing a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeDeveloping a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeMarcelo Gomes Freire
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018ProColombia
 
Privacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal DataPrivacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal DataH. T. Besik
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislationUlf Mattsson
 
Privacy in India: Legal issues
Privacy in India: Legal issuesPrivacy in India: Legal issues
Privacy in India: Legal issuesSagar Rahurkar
 
Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009brentcarey
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About PrivacyNow Dentons
 
Privacy introduction
Privacy introduction Privacy introduction
Privacy introduction brentcarey
 
eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!J. David Morris
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record managementGreenLeafInst
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31mbarreto13
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperMatthew Kurnava
 
Popi and Sharepoint 2010
Popi and Sharepoint 2010Popi and Sharepoint 2010
Popi and Sharepoint 2010Willem Burger
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsBrian Honan
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fd4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fdGlobalForum
 

Was ist angesagt? (20)

Texas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New ChangesTexas Privacy Laws - Tough New Changes
Texas Privacy Laws - Tough New Changes
 
Developing a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeDeveloping a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat Cybercrime
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018
 
Privacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal DataPrivacy Impact Assessment Methodologies for Protection of Personal Data
Privacy Impact Assessment Methodologies for Protection of Personal Data
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
Privacy in India: Legal issues
Privacy in India: Legal issuesPrivacy in India: Legal issues
Privacy in India: Legal issues
 
Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009Privacy presentation for regional directors july 2009
Privacy presentation for regional directors july 2009
 
10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy10 Things You Need To Know About Privacy
10 Things You Need To Know About Privacy
 
HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ? HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ?
 
Privacy introduction
Privacy introduction Privacy introduction
Privacy introduction
 
eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!eDiscovery and Records Oh...My!
eDiscovery and Records Oh...My!
 
Advisory April Showers 02.19.2009
Advisory April Showers 02.19.2009Advisory April Showers 02.19.2009
Advisory April Showers 02.19.2009
 
Electronic data & record management
Electronic data & record managementElectronic data & record management
Electronic data & record management
 
Week Of 2009 08 31
Week Of 2009 08 31Week Of 2009 08 31
Week Of 2009 08 31
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
 
Popi and Sharepoint 2010
Popi and Sharepoint 2010Popi and Sharepoint 2010
Popi and Sharepoint 2010
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure Laws
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics
 
4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fd4. florence dupre new usagesprivacy legal framework fd
4. florence dupre new usagesprivacy legal framework fd
 

Ähnlich wie Law Firm Data Privacy Overview

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...David Cunningham
 
Protecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA complianceProtecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA complianceTodd Merrill
 
Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...Jan Carroza
 
India’s Digital Personal Data Protection Bill-New.pdf
India’s Digital Personal Data Protection Bill-New.pdfIndia’s Digital Personal Data Protection Bill-New.pdf
India’s Digital Personal Data Protection Bill-New.pdfInfosec train
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityEmerson Bryan
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breachPatrick Florer
 
Gagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationGagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationChristina Gagnier
 
Privacy And Security Laws For Sm And Lbs (110120)
Privacy And Security Laws For Sm And Lbs (110120)Privacy And Security Laws For Sm And Lbs (110120)
Privacy And Security Laws For Sm And Lbs (110120)JNicholson
 
John Nicholson Presentation
John Nicholson PresentationJohn Nicholson Presentation
John Nicholson PresentationMediabistro
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000n|u - The Open Security Community
 
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...FLUZO
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness WorkshopPaul Jacobson
 
How Will Privacy Regulation Impact Your Business in 2012
How Will Privacy Regulation Impact Your Business in 2012How Will Privacy Regulation Impact Your Business in 2012
How Will Privacy Regulation Impact Your Business in 2012Vivastream
 
Privacy in a Human Rights and Social Justice Context
Privacy in a Human Rights and Social Justice ContextPrivacy in a Human Rights and Social Justice Context
Privacy in a Human Rights and Social Justice ContextInfo_Studies_Aberystwyth
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory ComplianceLifeline Data Centers
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
Lily lim data privacy ownership and ethics
Lily lim data privacy ownership and ethicsLily lim data privacy ownership and ethics
Lily lim data privacy ownership and ethicsMassTLC
 
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...DDMA
 

Ähnlich wie Law Firm Data Privacy Overview (20)

All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
Hildebrandt baker robbins presentation for coo roundtable 2010 by dave cunn...
 
Protecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA complianceProtecting PHI with encryption for HIPAA compliance
Protecting PHI with encryption for HIPAA compliance
 
Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...Personally Identifiable Information – FTC: Identity theft is the most common ...
Personally Identifiable Information – FTC: Identity theft is the most common ...
 
India’s Digital Personal Data Protection Bill-New.pdf
India’s Digital Personal Data Protection Bill-New.pdfIndia’s Digital Personal Data Protection Bill-New.pdf
India’s Digital Personal Data Protection Bill-New.pdf
 
Jamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business communityJamaica's Data Protection Act: Compliance required from the business community
Jamaica's Data Protection Act: Compliance required from the business community
 
Deconstructing the cost of a data breach
Deconstructing the cost of a data breachDeconstructing the cost of a data breach
Deconstructing the cost of a data breach
 
Gagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago PresentationGagnier's Portion of TechWeek Chicago Presentation
Gagnier's Portion of TechWeek Chicago Presentation
 
Privacy And Security Laws For Sm And Lbs (110120)
Privacy And Security Laws For Sm And Lbs (110120)Privacy And Security Laws For Sm And Lbs (110120)
Privacy And Security Laws For Sm And Lbs (110120)
 
John Nicholson Presentation
John Nicholson PresentationJohn Nicholson Presentation
John Nicholson Presentation
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
 
Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000Regulatory Compliance under the Information Technology Act, 2000
Regulatory Compliance under the Information Technology Act, 2000
 
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
IBM Smarter Commerce Florida 2014 The Furture of Privacy by Aurélie Pols & Bl...
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop
 
How Will Privacy Regulation Impact Your Business in 2012
How Will Privacy Regulation Impact Your Business in 2012How Will Privacy Regulation Impact Your Business in 2012
How Will Privacy Regulation Impact Your Business in 2012
 
Privacy in a Human Rights and Social Justice Context
Privacy in a Human Rights and Social Justice ContextPrivacy in a Human Rights and Social Justice Context
Privacy in a Human Rights and Social Justice Context
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...
 
Lily lim data privacy ownership and ethics
Lily lim data privacy ownership and ethicsLily lim data privacy ownership and ethics
Lily lim data privacy ownership and ethics
 
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
Presentatie dma boston 2011: Welke impact heeft us privacyregulering op uw bu...
 

Mehr von David Cunningham

The business of data analytics and business intelligence 15 nov 2016
The business of data analytics and business intelligence 15 nov 2016The business of data analytics and business intelligence 15 nov 2016
The business of data analytics and business intelligence 15 nov 2016David Cunningham
 
CLOC Legal Project Management and Simple RFPs
CLOC Legal Project Management and Simple RFPsCLOC Legal Project Management and Simple RFPs
CLOC Legal Project Management and Simple RFPsDavid Cunningham
 
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015David Cunningham
 
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005David Cunningham
 
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...David Cunningham
 
Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...David Cunningham
 
Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007David Cunningham
 
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...David Cunningham
 
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...David Cunningham
 
Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...David Cunningham
 
Out with the old it in with the new by david cunningham - sep 2009
Out with the old it in with the new by david cunningham - sep 2009Out with the old it in with the new by david cunningham - sep 2009
Out with the old it in with the new by david cunningham - sep 2009David Cunningham
 
Managing partner retreat using technology to streamline the practice of law...
Managing partner retreat using technology to streamline the practice of law...Managing partner retreat using technology to streamline the practice of law...
Managing partner retreat using technology to streamline the practice of law...David Cunningham
 
Law journal news it is dead article; long live it controlling costs while g...
Law journal news it is dead article; long live it controlling costs while g...Law journal news it is dead article; long live it controlling costs while g...
Law journal news it is dead article; long live it controlling costs while g...David Cunningham
 
Risk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunninghamRisk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunninghamDavid Cunningham
 
Risk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg blockRisk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg blockDavid Cunningham
 
Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...David Cunningham
 
Ltn 2010 02 risk glossary by dave cunningham on page 23
Ltn 2010 02 risk glossary by dave cunningham on page 23Ltn 2010 02 risk glossary by dave cunningham on page 23
Ltn 2010 02 risk glossary by dave cunningham on page 23David Cunningham
 
Ala 2005 rfp best practices by dave cunningham apr 2005
Ala 2005 rfp best practices by dave cunningham apr 2005Ala 2005 rfp best practices by dave cunningham apr 2005
Ala 2005 rfp best practices by dave cunningham apr 2005David Cunningham
 
It sourcing threat or opportunity by dave cunningham- feb 2004
It sourcing threat or opportunity by dave cunningham- feb 2004It sourcing threat or opportunity by dave cunningham- feb 2004
It sourcing threat or opportunity by dave cunningham- feb 2004David Cunningham
 

Mehr von David Cunningham (20)

The business of data analytics and business intelligence 15 nov 2016
The business of data analytics and business intelligence 15 nov 2016The business of data analytics and business intelligence 15 nov 2016
The business of data analytics and business intelligence 15 nov 2016
 
50 Shades of Metrics
50 Shades of Metrics50 Shades of Metrics
50 Shades of Metrics
 
CLOC Legal Project Management and Simple RFPs
CLOC Legal Project Management and Simple RFPsCLOC Legal Project Management and Simple RFPs
CLOC Legal Project Management and Simple RFPs
 
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015
Iltacon cio corporate legal operations consortium (cloc) metrics aug 2015
 
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005
ALA 2005 Outsourcing - Making a Decision that Fits by Dave Cunningham Apr 2005
 
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...
Ilta 2005 - Evaluating Managed Services - Benchmarks and Case Studies by Dave...
 
Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...Ilta06 developing and selling an enterprise risk management approach by dave ...
Ilta06 developing and selling an enterprise risk management approach by dave ...
 
Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007Establishing a framework for it governance by dave cunningham 2007
Establishing a framework for it governance by dave cunningham 2007
 
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...
Ilta 2008 challenges in demonstrating it payoff presentation by dave cunningh...
 
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
 
Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...
 
Out with the old it in with the new by david cunningham - sep 2009
Out with the old it in with the new by david cunningham - sep 2009Out with the old it in with the new by david cunningham - sep 2009
Out with the old it in with the new by david cunningham - sep 2009
 
Managing partner retreat using technology to streamline the practice of law...
Managing partner retreat using technology to streamline the practice of law...Managing partner retreat using technology to streamline the practice of law...
Managing partner retreat using technology to streamline the practice of law...
 
Law journal news it is dead article; long live it controlling costs while g...
Law journal news it is dead article; long live it controlling costs while g...Law journal news it is dead article; long live it controlling costs while g...
Law journal news it is dead article; long live it controlling costs while g...
 
Risk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunninghamRisk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunningham
 
Risk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg blockRisk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg block
 
Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...
 
Ltn 2010 02 risk glossary by dave cunningham on page 23
Ltn 2010 02 risk glossary by dave cunningham on page 23Ltn 2010 02 risk glossary by dave cunningham on page 23
Ltn 2010 02 risk glossary by dave cunningham on page 23
 
Ala 2005 rfp best practices by dave cunningham apr 2005
Ala 2005 rfp best practices by dave cunningham apr 2005Ala 2005 rfp best practices by dave cunningham apr 2005
Ala 2005 rfp best practices by dave cunningham apr 2005
 
It sourcing threat or opportunity by dave cunningham- feb 2004
It sourcing threat or opportunity by dave cunningham- feb 2004It sourcing threat or opportunity by dave cunningham- feb 2004
It sourcing threat or opportunity by dave cunningham- feb 2004
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Law Firm Data Privacy Overview

  • 1. Law Firm Data Privacy Overview Presented by David Cunningham Hildebrandt Baker Robbins
  • 2. Data Privacy Overview Regulatory Obligations Data Privacy Client Confidential Firm Confidential Information Information
  • 3. Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) Health and Human Services and Governing Body Federal Trade Commission State Privacy Laws Personally Identifiable Information (PII) Protected Health Information Sensitive Data • Internal HR data • Client data EU Data Protection Directive / Safe Harbor Personally Identifiable Information (PII) Compliance Date February 17, 2010 Red Flag $100 - $50,000 per incident; $1.5M Personally Identifiable Information (PII) Penalty max per year. Plus potential criminal penalties ITAR Classified Defense Information
  • 4. Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) State of Massachusetts Governing Body (example state) State Privacy Laws Personally Identifiable Information (PII) Personal information about a Sensitive Data resident of the Commonwealth of Massachusetts EU Data Protection Directive / Safe Harbor Compliance Date March 1, 2010 Personally Identifiable Information (PII) Red Flag $5,000 per incident plus costs of Personally Identifiable Information (PII) Penalty investigation, litigation and legal fees, plus potential civil penalties ITAR Classified Defense Information
  • 5. Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) US Dept of Commerce / Governing Body Federal Trade Commission State Privacy Laws Personally Identifiable Information (PII) Personal information transferred to Sensitive Data or from 27 Members States of the European Union EU Data Protection Directive / Voluntary Safe Harbor Compliance Date (replaces Data Transfer Agreements) Red Flag Personally Identifiable Information (PII) Penalty Up to $12,000 per day for violations ITAR Classified Defense Information
  • 6. Data Privacy Data Privacy Regulations - Federal Trade Commission HITECH / HIPAA Governing Body Protected Health Information (PHI) via Fair Credit Reporting Act State Privacy Laws - Require financial institutions and Personally Identifiable Information (PII) creditors to create a program that provides for the identification, detection, and response to patterns, EU Data Protection Sensitive Data practices, or specific activities – Directive / known as “red flags.” Safe Harbor Personally Identifiable Information (PII) -The purpose of the Red Flags Rules is to help avoid identity theft. Red Flag Personally Identifiable Information (PII) Compliance Date - June 1, 2010 (law firms exempt) ITAR Classified Defense Information - $2,500 - $3,500 per violation, then Penalty up to $16,000 per violation for continued non-compliance
  • 7. Data Privacy Data Privacy Regulations HITECH / HIPAA Protected Health Information (PHI) Governing Body US Department of State State Privacy Laws Personally Identifiable Information (PII) “Export of technical data and Sensitive Data classified defense articles”, as defined by the US Munitions List EU Data Protection Directive / 60 days in advance of any intended Safe Harbor Personally Identifiable Information (PII) Compliance Date sale or transfer to a foreign person of ownership or control Red Flag Personally Identifiable Information (PII) Per violation, civil fines up to $500K; Penalty criminal penalties up to $1M and 10 ITAR years imprisonment Classified Defense Information
  • 8. Data Privacy Data Privacy Regulations Protection of Sensitive Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection Directive / Safe Harbor Personally Identifiable Information (PII) Red Flag Personally Identifiable Information (PII) ITAR Classified Defense Information
  • 9. Data Privacy Data Privacy Regulations Protection of Sensitive Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection Directive / Safe Harbor Preservation Orders Personally Identifiable Information (PII) Litigation, Subpoena or Client Requests Red Flag Personally Identifiable Information (PII) Confidential Walls - Inclusionary Walls for Privacy and Subpoenas - Exclusionary Walls for Conflicts ITAR Classified Defense Information
  • 10. Data Privacy Data Privacy Regulations Protection of Sensitive Data Standards Data HITECH / HIPAA Protected Health Information (PHI) Client Data Leaks Client and Case / Transaction Data State Privacy Laws Personally Identifiable Information (PII) Firm Data Leaks Firm and Partner Confidential Data EU Data Protection ISO 27001 Directive / Competence in Addressing Data Safe Harbor Preservation Orders Confidentiality Personally Identifiable Information (PII) Litigation, Subpoena or Client Requests Red Flag Personally Identifiable Information (PII) Confidential Walls - Inclusionary Walls for Privacy and Subpoenas - Exclusionary Walls for Conflicts ITAR Classified Defense Information
  • 12. Data Privacy - General Adequacy Questions • Does your firm need the personal data that it is collecting about an individual? • Can you firm document what it will use the personal data for? • Do these individuals know that the firm has their personal data and do they understand what it will be used for? • If the firm is asked to pass on personal data, would these individuals expect the firm to do this? • Is the firm satisfied that the information is being held securely, whether it is on paper, on computer, or during transfer? Is the firm willing to face a regulatory audit on this security? • Is it secure and are proper contracts with the third parties in place? • Is access to personal data limited to those with a strict need to know at the firm? • Is the firm sure that all personal data is accurate and up to date? • Does the firm delete or destroy personal information as soon as it has no more need for it? • Has the firm trained all of its attorneys and staff in their duties and responsibilities under all relevant data protection laws and are all of its attorneys and staff satisfying their duties and responsibilities? • Are all notifications to all Data or Information Commissioners current?
  • 13. Data Privacy – Vendor Agreements Terms Before Negotiation Terms After Negotiation Limitations on liability Security and privacy standards Limited warranties Data ownership and return of data No performance standards Permissible use and disclosure of data Ability to change terms without Service level standards notice Control of security incidents Weak termination rights Audit rights Automatic contract renewal Proper allocation of liability Choice of law/forum
  • 14. Data Privacy Roadmap • Start with broadest areas of risk – Protect portable devices: PCs, USB drives, and PDAs – Conduct an account audit; enact password policies – Use third party to perform penetration testing • Inventory PII, PHI, confidential, and sensitive information • Establish Firm‟s privacy stance – Establish data privacy roles and responsibilities – Draft privacy policy • Incorporate data privacy in agreements with: – Employees – Clients – Firm‟s vendors
  • 15. Data Privacy Roadmap (continued) • Educate employees • Address broader aspects of data privacy – Processes (manual or automated) – Physical security – „Data at Rest‟ and „Data in Motion‟ – Security monitoring • Register with data privacy authorities • Maintain security program
  • 16. David Cunningham Managing Director, Hildebrandt Baker Robbins dcunningham@hbrconsulting.com

Hinweis der Redaktion

  1. Data privacy is simple in concept – ensuring sensitive data is seen by only the correct people. It can also be called Data Security or Data Loss Prevention. For our discussion today, we’re not going to focus on related topics of perimeter security (firewalls, etc.) or protection from viruses. Specifically, we’ll focus on data privacy regulations and the protection of firm and client confidential data. First, I will outline the issues and obligations for law firms in these areas, then provide a perspective of what we see as an emerging solution to tackle most of the needs for law firms.