The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)1 and its implementing regulations (the “Privacy Rule”, the “Breach Notification Rule” and the “Security Rule”)2 establish security and privacy standards to ensure the confidentiality and integrity of Protected Health Information (“PHI”).3 Their application to Business Associates is summarized here.
As more companies go global, in-house counsel must manage litigation where a foreign entity is sued in the United States or litigate a matter in Europe. Not only must in-house counsel educate overseas managers about the reality of litigation in the United States and learn various rules abroad, but they also face the difficult task of determining what is discoverable and how to conduct investigations to comply with the demands of US courts and stringent EU data and privacy regulations. This panel will focus on highlighting the differences between the key stages of litigation in the European Union and the United States, using real-world examples to help in-house counsel better prepare to deal with the practical implications of litigation involving multiple jurisdictions.
This paper continues to focus on Europe, which has long viewed the privacy of personal information and data as a fundamental right.
It’s a bad day, the eve of your company’s merger. You are a high-profile corporate lawyer working for a global brand and you just learned that personal data believed to have been stolen from your cloud computing account has been posted on WhoNeedsTheLaw.com, apparently exposing your name, entire work email inbox, phone number and scandalous images secured by a hacker accessing the camera on your laptop computer. The data includes a private dialogue between you and the outside company about the liabilities of taking on the merger. What would you do? This interactive session will cover emerging executive liability issues and test how effectively you can navigate risk with real-life scenarios and video vignettes.
We live in a world where a wearable fitness tracker can tell you how many steps you’ve walked; your thermostat magically knows how to adjust the temperature in your house when you come home; you can control devices in your home with your phone; medical devices connect to insulin pumps wirelessly and your car logs everything from where you’re going to how many miles you’ve driven on public roads. While the possibilities are endless, they come with myriad legal concerns. This panel will delve into the key legal issues associated with the Internet of Things: privacy, data security and the regulatory perspectives from the Federal Trade Commission, the Food & Drug Administration and the Federal Communications Commission.
There are two kinds of companies: those that have had a security breach and those that will have a security breach. Security incidents present numerous significant risks to companies, including negative brand and reputation attention, loss of sales or customer churn, financial penalties and legal exposure. This session will provide practical guidance from an in-house perspective on the multiple challenges posed by cybersecurity issues, best practices for data protection and steps to take in the event of an information security breach. Topics will also include insurance and vetting third-party vendors.
The Gullible Assistant. The Careless Vendor. The Imperious Boss. The Road Warrior. The Absent-Minded Executive. The Social Butterfly. Every organization has horror stories about people who bypass, ignore, forget or blatantly run roughshod over IT security policies and procedures. While trying to find the right balance between security and employee accessibility, IT sometimes exposes the organization to elevated risk. Before you know it, it’s legal’s problem. This “Family Feud” style session will test the audience’s knowledge of potential cyber risks and possible solutions to manage each scenario. Key takeaways will include strategies and tactics for mitigating threats from “the Human Element,” improving security without constricting access or employee flexibility and running a tighter ship without negatively impacting the workplace culture or environment.
The Purpose of this Agreement is to set forth the rights and obligations of the Parties with respect to the exchange, protection, and disclosure of Proprietary Information, as defined in paragraph 5 of this Agreement, which may be disclosed by one Party to the other in their meetings, discussions, and/or submittals concerning the Business Purpose.
It’s a bad day, the eve of your company’s merger. You are a high-profile corporate lawyer working for a global brand and you just learned that personal data believed to have been stolen from your cloud computing account has been posted on WhoNeedsTheLaw.com, apparently exposing your name, entire work email inbox, phone number and scandalous images secured by a hacker accessing the camera on your laptop computer. The data includes a private dialogue between you and the outside company about the liabilities of taking on the merger. What would you do? This interactive session will cover emerging executive liability issues and test how effectively you can navigate risk with real-life scenarios and video vignettes.
Because social media law is a hybrid of a number of practice areas, this session will feature panelists familiar with social media issues in their most frequent corporate applications: labor and employment, advertising and endorsements and corporate law (including mergers and acquisitions). The panelists will cover issue spotting and reveal suggested guidelines for minimizing legal risks from social media activity by the company and its employees.