This questionnaire and guide to law firm cybersecurity has been prepared to assist corporate counsel in thinking about the key issues and addressing them with outside counsel.
To create a privacy program that meets compliance demands and customers’ expectations, there are four main areas you will need to address: getting your C-suite’s attention without the “help” of law enforcement or regulators, determining what resources are already in place to prevent the worst, prioritizing what is most important for your company to avoid disaster and putting together a long-term, defensible strategy. In this session, learn ways to build trust, design a defensible program and create a lasting privacy culture.
When a significant data breach happens, first responders face significant challenges under extreme pressure. This panel will provide an overview of the current environment in which data breaches are addressed in litigation and regulatory investigations. The panelists will walk you through what happens behind the scenes when a potential breach is identified, investigated and notified and the ensuing regulatory investigations and class action litigation proceedings. Having provided a real-world perspective, the panel will then discuss effective ways to prepare now, so that your company is ready to handle a breach situation well. Panelists will provide concrete examples of measures taken in advance of a breach that make a difference when it happens, including evaluating exposures, reserving and insurance to protect the bottom line; managing vendors and coordinating with others when sensitive data is shared and effective ways to keep your board informed about cybersecurity.
This article shows 10 things you should know about EU data protection reform.
In-house counsel will optimize their role as leaders in information governance by attending this session as they learn the lifecycle of data (collection, use, storage, archiving and destruction) and acquire tools to educate their companies on the risks and benefits associated with data as it travels through that lifecycle. Learn to resolve your company’s information management and governance issues and to add business value by finding information management systems that lower costs and improve efficiencies. Become “litigation-ready” in the face of complex discovery requests.
Taking a cue from the popular TV show 24, the Health Law Committee plans to solve a US Health Insurance Portability and Accountability Act (HIPAA) breach in 90 minutes. In this interactive session, panelists will take on various roles, like CEO, CIO, security officer, privacy officer, compliance officer and general counsel, as they take the audience through simulated breach scenarios involving protected health information. Garner substantive information and practical tips for managing HIPAA incidents and data breaches as the speakers are challenged in real time to address the details provided by attendees.
Trade secrets, customer data, financial records and other confidential information increasingly is under attack. But while most companies focus their security efforts on external threats (i.e. hackers), their greatest security risks may lie within their own company. Employees have access to confidential information, and may understand how to avoid internal security measures. This session will reveal the best practices to protect your company from internal thieves.
This statement is intended to alert financial institutions to specific risk mitigation related to the threats associated with destructive malware.
This is a sample business associate flow chart.
This is an Ohio State University Wexner Medical Center HIPAA breach analysis form.