Conference Details

Event Categories

Browse C5 Companies

C5 Group
www.C5groupinc.com

Canadian Institute
www.canadianinstitute.com

C5 (UK)
www.C5-online.com
ACI : 2012 : Privacy and Security of Consumer and Employee Information : Master Class

American Conference Institute\'s 11th Annual

Privacy and Security of Consumer and Employee Information

Wednesday, February 01 to Thursday, February 02, 2012
The Westin Washington DC City Center, Washington, DC

A Pre-Conference PrimerPrivacy & Security 101: Understanding the Technology & Key Regulations and Laws

Wednesday, February 1: 8:00 - 10:00am

Nancy Baran
Vice President, Privacy Office
The Prudential Insurance Company of America

Douglas H. Meal
Partner
Ropes & Gray LLP

Patrick J. Hatfield
Partner
Locke Lord Bissell & Liddell LLP

The methods and uses for the collection of data continue to advance, almost at an unimaginable rate. However, with such progress come new challenges. The threat of a data breach looms large, as businesses of all types are open to a range of new and sophisticated threats. When a data security crisis arises, it is imperative that privacy officers and legal counsel are able to understand the key technical aspects, including causes for the problem and possible solutions. To respond effectively, it is vital that counsel and privacy officials understand what the key relationships in the area are, and how to work with IT professionals, forensics experts, and regulators. Working with these parties is essential to maintaining a successful privacy program and responding to all lapses.This primer will lay the groundwork for those new to the world of privacy and information security and provide seasoned professionals with the latest changes and evolutions to the area. Technology continues to advance at a break-neck pace, as do the laws and threats. Topics will include:

Privacy, Data Breaches, and the Key Technological Tools and Experts Behind them

  • Bridging the gap between legal and regulatory requirements regarding the protection of sensitive data, and the technology that protects such information
  • How does IT intersect with privacy?
  • Understanding the IT systems utilized by companies to prevent breaches and data loss, including firewalls and private networks
  • Key privacy & breach terminology
    • PCI-DSS, PKI, “Web 2.0”, “Web 3.0”, cloud computing
    • Phising, pharming, cookies, SQL injection, session hijacking
  • The Basics of a Data Breach
    • Before the breach - Data collection and data use, whether authorized or unauthorized
    • Voluntary vs. involuntary breaches
  • The importance of forensics in determining the scope and cause of a breach
    • The role of forensics and audit teams
    • Best practices for assembling and working with a forensics and audit team

Key Regulators and Legislation to Take into Account When Dealing with a Data Breach

  • A look at the current regulations and legislation which impact privacy & security, including:
    • The Gramm-Leach-Bliley Act
    • The Fair Credit Report Act
    • The HITECH Act and HIPAA
    • The Foreign Corrupt Practices Acto Sarbanes-Oxley
    • An introduction major state regulations and legislation
  • The role of regulators in the realm of privacy & security:
    • The Federal Trade Commission
    • The U.S. Securities and Exchange Commission
    • State Attorneys General
    • State and Federal Consumer Protection Agencies