National Forum on

Privacy Information & Security in the Insurance Industry

Monday, June 27, 2005

About

ChoicePoint and related scandals have sent shockwaves through all handlers of sensitive personal information. Seventeen states are now actively considering information security breach laws like California's stringent SB-1. Complicating matters, in February, a national version of California's breach law was reintroduced in the U.S. Senate, even as key Senate committees plan to hold hearings on identify theft and the need for restrictions on the flow of consumer information. New federal legislation imposing additional consumer privacy protections is all but inevitable.

For insurers, the hazards are undeniable: the sheer volume of your customer data and the clear business need to share it, whether among affiliates or key third parties, exposes you in particular to the increasingly stringent regulatory spotlight aimed at privacy and information security concerns.

As privacy officers and compliance counsel, you know just how much the landscape has changed at both the state and federal level. What you need to know is how that new landscape affects the way your company handles its customer, shareholder, vendor and employee information now, and in the future. What security risks haven't you considered? Are your company's privacy and information security policies ahead of the curve? What are the benchmarks you should be using to assess and improve your program now to prevent problems later? In a high-risk regulatory environment, how can you help protect your company from liability while still achieving your business goals?

To help you meet these challenges with industry-specific insights and best practices that you can put to immediate use, American Conference Institute has developed the Privacy and Information Security in the Insurance Industry publication. The publication will provide you with valuable information on:

  • Privacy and security regulation and enforcement: state and federal priorities, evolving concerns
  • Protecting your company's customer data from the risks of identity theft
  • What you should be concerned about regarding FACT compliance
  • Clarifying and implementing the HIPAA security and privacy rules
  • Compliance strategies that will help you navigate international privacy law, including the EU
  • Insights you can use: best practices for Chief Privacy and Chief Compliance Officers
  • Tuning up your privacy training program: what you need to train for and how to measure results
  • Contents & Contributors

    About

    ChoicePoint and related scandals have sent shockwaves through all handlers of sensitive personal information. Seventeen states are now actively considering information security breach laws like California's stringent SB-1. Complicating matters, in February, a national version of California's breach law was reintroduced in the U.S. Senate, even as key Senate committees plan to hold hearings on identify theft and the need for restrictions on the flow of consumer information. New federal legislation imposing additional consumer privacy protections is all but inevitable.

    For insurers, the hazards are undeniable: the sheer volume of your customer data and the clear business need to share it, whether among affiliates or key third parties, exposes you in particular to the increasingly stringent regulatory spotlight aimed at privacy and information security concerns.

    As privacy officers and compliance counsel, you know just how much the landscape has changed at both the state and federal level. What you need to know is how that new landscape affects the way your company handles its customer, shareholder, vendor and employee information now, and in the future. What security risks haven't you considered? Are your company's privacy and information security policies ahead of the curve? What are the benchmarks you should be using to assess and improve your program now to prevent problems later? In a high-risk regulatory environment, how can you help protect your company from liability while still achieving your business goals?

    To help you meet these challenges with industry-specific insights and best practices that you can put to immediate use, American Conference Institute has developed the Privacy and Information Security in the Insurance Industry publication. The publication will provide you with valuable information on:

  • Privacy and security regulation and enforcement: state and federal priorities, evolving concerns
  • Protecting your company's customer data from the risks of identity theft
  • What you should be concerned about regarding FACT compliance
  • Clarifying and implementing the HIPAA security and privacy rules
  • Compliance strategies that will help you navigate international privacy law, including the EU
  • Insights you can use: best practices for Chief Privacy and Chief Compliance Officers
  • Tuning up your privacy training program: what you need to train for and how to measure results
  • Contents & Contributors


    PRIVACY OF CONSUMER FINANCIAL AND HEALTH INFORMATION
    Susan S. Donnellan, New York State Department of Insurance

    WHITHER GOEST PERSONAL DATA REGULATION?
    R. Lucia Riddle, Principal Financial Group

    INSURANCE INFORMATION SECURITY A REVIEW OF STATE ACTIVITY
    J. Stephen Zielezienski, American Insurance Association

    FACT ACT & FCRA COMPLIANCE: CRITICAL CONSIDERATIONS FOR INSURERS
    Michael F. McEneney, Sidley Austin Brown & Wood LLP

    INFORMATION SHARING PRACTICAL COMMUNICATION STRATEGIES AMONG AFFILIATES, PROVIDERS AND PARTNERS
    Carolyn Mitchell, TIAA-CREF

    USING AND DISCLOSING INFORMATION: PRACTICAL LESSONS FROM THE HEALTH INSURANCE INDUSTRY
    Jacquelyn K. Boyden, Blue Cross and Blue Shield of North Carolina

    HIPAA AND GLB COMPLIANCE: LESSONS LEARNED AND EMERGING CHALLENGES
    Kimberly S. Gray, Esq., Highmark, Inc.
    Kirk J. Nahra, Wiley Rein & Fielding LLP

    MITIGATING RISKS RELATING TO DATA PRIVACY & SECURITY IN OUTSOURCING AND OFFSHORING TRANSACTIONS
    Akiba Stern, Morgan Lewis & Bockius LLP

    RECOMMENDED PRACTICES FOR PROTECTING THE CONFIDENTIALITY OF SOCIAL SECURITY NUMBERS
    Nancy Baran, Prudential Insurance Company of America

    NETWORK SECURITY INSURANCE AND INFORMATION SECURITY CONTRACTING
    David Navetta, AIG eBusiness Risk Solutions, Federal Trade Commission

    BUSINESS AND TECHNOLOGY SOLUTIONS THAT PROMOTE PRIVACY AND DATA SECURITY
    Jonathan A. Damon, LeBoeuf, Lamb, Greene & MacRae LLP

    CAN-SPAM AND DO-NOT-CALL: NAVIGATING THE POLICIES AND BUILDING EFFECTIVE COMPLIANCE STRATEGIES
    Mary Ellen Callahan, Hogan & Hartson

    BEST PRACTICES FOR CHIEF PRIVACY AND COMPLIANCE OFFICERS
    Kimberly S. Gray, Esq., Highmark, Inc.

    BEST PRACTICES FOR CHIEF PRIVACY AND COMPLIANCE OFFICERS
    Sharon Robbins, Genworth Financial

    PRIVACY TRAINING PROGRAMS
    Sharon Robbins, Genworth Financial



    DOCUMENT TYPES: PRESENTATIONS AVAILABLE: 0