A review of Brazilian data protection law in the context of the insurance industry.
Mexico ardently protects the privacy of its individual citizens' personal data and sensitive personal information. This protection is enforced though the Federal Personal Information Protection Law and its regulations. The Federal Institute for Access to Public Information and Protection of Information (IFAI) is the agency in charge of enforcement. This article reviews the eight main principles of this law.
With the long-anticipated coming-into-force date for CASL now known and only six months away, it is imperative that organizations that send commercial electronic messages consider their compliance options now.
This Wisdom of the Crowd, compiled from responses posted on the Small Law Department and IT, Privacy & eCommerce eGroups, addresses the reasonableness of shared assessment questionnaires.
Breaches of patient privacy/security are considered the number one risk for liability in the healthcare industry today. Control over patient information in today’s society is becoming ever increasingly difficult with the expanding use of electronic health records, personal health records and social media, plus the advent of Health Information Exchanges. Outsourcing of healthcare operations provides additional risk, especially the enforceability of patient privacy/security law when patient information is sent outside the US. Unfavorable media, government enforcement, class action litigation and identity theft all pose a constant concern to in-house counsel, and vendors themselves are now at greater risk of liability with penalties now imposed on business associates. This panel will provide an overview of the principal federal laws & regulations concerning privacy/security (HIPAA/HITECH/Red Flags), their interaction with select state laws, international laws (EU Data Protection), and practical ways to minimize risk and keep patient information private and secure.
EU data privacy laws make the collection of Electronically stored information (ESI) and its transfer out of Europe challenging. The session will begin with a brief update of U.S. case law focusing on cross-border discovery generally, and then turn to a discussion of Privacy by Design ("PbD"), which has become the gold standard for privacy protection in the 21st Century. This discussion will cover examples of how PbD has been operationalized and used to address the challenges presented by EU data privacy laws. The session will then cover Europe's acknowledgement of Canada's stringent privacy laws which make it a unique base for e-discovery collection, analysis and review. By collecting ESI from European employees into Canada, and then culling down/reviewing ESI in Canada to identify responsive email and documents, organization can minimize the amount of ESI for which they must obtain consent from employees for transfer to the U.S.
Questions that will be considered during this program: What are the risks associated with apps? What does the technology permit? What data can you collect? What rules govern terms of use and privacy policy? What are the current trends? What do the Google and Apple developer agreements say, and how do they affect what you do? Are these agreements negotiable? Does Children's Online Privacy Protection Act (COPPA) apply? What if you allow in-app purchasing? Will you be doing any location tracking?
Mobile devices are now key features of both personal and on-the-job life. Given their proliferation, it’s natural for employees to want to use the same ones both privately and professionally. In the first part of this session, technology experts will provide an overview of the key technology and security risks associated with mobile computing that will enable you to have an informed discussion with your CIO about current issues with Bring your own device (BYOD) for use at work and Corporate-owned, personally enabled (COPE) devices that the employee can take home programs. In the second part of the session, our panel will discuss some of the best practices around policies, procedures and training when implementing a BYOD or COPE program. The panel will also touch on the legal implications of such programs with respect to your employees and your regulatory obligations and litigation concerns.
Canada’s Anti-Spam Law (CASL) received Royal Assent in December 2010, and it is just a matter of time before it comes into force. CASL is designed to be one of the most stringent anti-spam regimes in the world and is intended to address the problem of spam, unauthorized interception of electronic messages and installation of software on a user’s computer without consent. Accordingly, all businesses that regularly communicate with Canadian customers and suppliers electronically will be significantly impacted. This extends from electronic messages, text messages, instant messages and social media through to software installation, automatic updates, software support and maintenance services. Businesses that do not comply with CASL’s requirements may be subject to both administrative monetary penalties and private law suits. This session is intended to help business prepare in advance by providing highlights of CASL, particularly areas that directly impact businesses, and address issues that corporate counsel should be aware of to ensure compliance.
Take the next step into the future of "work anywhere" technology. Learn practical ways to use your iPad in your daily practice. Explore the opportunities, risks, and huge rewards you can reap. Presenters will explain how to use the iPad in all kinds of practices, offer their "top picks" for legal apps, and discuss the challenges and limitations you may face including ethical, data security, and privacy issues. Learn about other online resources that can aid you in your electronic journey. Panelists will also discuss the current obstacles to using your iPad as a “laptop replacer,” and how the marketplace is rapidly removing those obstacles via new platforms that promise to “merge” the laptop and tablet into an entirely new tool.