This program will focus on effective information security and data privacy assessment programs for third-party vendors—including practical tips for effectively assessing information security practices and procedures of third-party vendors, such as law firms and other professional consultants — from the pros and cons of using industry-standard questionnaires to determining when onsite reviews are appropriate and how to handle subcontractors. We will also highlight key, and common, sticking points in negotiating data privacy and information security terms in vendor agreements and provide options and sample language for successfully resolving them, distinguishing as applicable between US negotiations and negotiations where either the customer or the vendor has substantial operations in Europe or Asia.
This paper is a presentation by the ACC Houston Chapter on software audit.
If your organization uses third-party software, it is likely that your use of the software will be audited. This session will discuss strategies and best practices for tracking your organization’s licensing, use, and distribution of third-party software, including open source. The panel will provide practical advice and guidance for establishing and maintaining a robust entitlement and deployment program for tracking your organization’s licensing, use, and distribution of third-party software. The panel will include best practices for responding to and managing a third-party audit request and provide strategies and guidelines for developing and implementing a process for responding to and managing a software license audit. The panel will review and discuss resources and tools available to assist with identifying and tracking use and deployment of third-party software, including review of commercial software asset management tools and practices.
As pressure continues to mount to reign in escalating healthcare costs, traditional adversaries are contemplating new alliances and consolidation strategies as potential solutions to control the almighty healthcare dollar. This session will examine a variety of issues and trends regarding payor/provider relations, including increased efforts to consolidate. This session will discuss the pros and cons of consolidation, including whether the US Federal Trade Commission may block proposed consolidations and whether consolidation is good or bad for industry, consumers, or employers. Faculty will also explore the various tensions among the multiple players and ethical considerations presented when payors purchase providers, such as whether ethical lines can be held without compromising other payor contracts and confidentiality.
Business leaders in the C-suite are awakening to the fact that aligning business strategy with intellectual property assets is critical to success. IP asset alignment is central to any strategic plan or initiative. In this session, faculty will role-play typical scenarios in which four strategic initiatives are issued from the C-suite (i.e.., competing in a technologically hot area, recovery from genericide with a withering brand, entry into a heavily patented market, treading through copyright issues for a content critical business model). Faculty will discuss how IP assets are part of the issue at hand, what legal options are available in order to implement the initiatives, and how the IP assets need to be positioned to ensure success.
This an outline for the AM16 session entitled "Getting the Board on Board: Explaining Privacy and Security Risks to the Board (When the “If” Becomes “When”)"
This resource discusses cyber-risk, the threat that data breaches can hold and what Directors should do to protect their companies in the United States. This is resource is part of the National Association of Corporate Directors (NACD) Handbook Series.
Law departments handle a diverse scope of legal issues. With limited resources, how can a legal department access the information it needs when it needs it without reinventing the wheel every time? The speakers will discuss how they organize information to make it readily available to their teams, using such tools and processes as wikis, company sharefiles, keywords, automatic electronic reminders, cloud services, instruction manuals, and checklists. They will also explore best practices on strategies for implementation and continuous improvement in the use of processes and technologies.
This is a checklist of the ten things you should know about debunking EU data protection reform.
The right to be forgotten, Weltimmo, Safe Harbor, the General Data Protection Regulation. These are just some of the landmark privacy developments that came out of the EU in the past year. These rulings fundamentally affect the way businesses collect and use individuals' personal data, not just in the EU but worldwide. In this session, leading privacy experts will discuss how European privacy regulation has evolved and the key actions businesses need to take now to ensure they stay on the right side of the law and avoid attracting the huge fines that Europe will soon introduce. A must-see session for anyone grappling with EU data protection rules!