BEST PRACTICES ON VENDOR MANAGEMENT: DEALING WITH VENDORS WITH ACCESS TO YOUR NETWORK AND NEGOTIATING TERMS OF SERVICE CONTRACTS AND SERVICE LEVEL AGREEMENTS

January 30, 2017 1:25pm

Cody Wamsley
IT Risk & Information Security Manager
American Express

Nestor J. Rivera
Executive Privacy & IT Counsel HIPAA Privacy Officer
GE Healthcare

Bert Kaminski
Assistant General Counsel
Oracle

  • Data encryption and third party vendors
  • What constitutes due diligence when dealing with third party vendors
  • OCC guidance
  • FedRAMP
  • International privacy in the age of the cloud
  • Cloud service agreements
  • Initiatives and privacy compliance programs around the cloud and big data
  • Third party vendor concerns
  • Contract negotiation
  • Analyzing cloud transactions and virtual private clouds
  • Forced data localization requirements