Post on 08-May-2015
description
transcript
Preparing Your Company for a Privacy Rebellion
A Complimentary LexisNexis® Webinar September 12, 2013
Jodi Daniels, Director of Privacy at Autotrader.com Usman Ghani, Managing Director of Infinium Strategy Group, Inc.
David F. Katz, Partner, Nelson Mullins Riley & Scarborough Dan Schroeder, Partner, Habif, Arogeti and Wynn, LLC
1 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
About the Speakers
David F. Katz is a Partner in Nelson Mullins Riley & Scarborough's Atlanta office where he leads the Privacy and Information Security Practice Group. He counsels clients on the development, management, and oversight of privacy and compliance programs. He also assists them in developing policies and procedures, education strategies, implementation of auditing and monitoring controls, reviews of disciplinary and enforcement activities, and risk assessments. He speaks and writes on matters relating to technology, privacy and data security. His tweets can be followed on twitter @KatzFDavid.
2 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
About the Speakers
Usman Ghani, MBA, Managing Director of Infinium Strategy Group, Inc., has 15+ years of Enterprise Information Management (EIM) experience in several Fortune 500 companies. Usman has a Bachelor's of M.I.S. and a Master's in Business Administration from Emory University's Goizueta Business School. Usman has architected Customer 360 solutions for Fortune 20 companies and has extensive experience in Infinium's core competencies such as big data, business intelligence, master, meta, and reference data management. Usman's tweets can be followed at @TheDataCompany.
3 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
About the Speakers
Jodi R. Daniels, Director of Privacy at AutoTrader.com. Ms. Daniels focuses on consumer privacy and data protection conducting information privacy risk assessments and monitoring associated compliance efforts. She serves as liaison with product, marketing, information technology and advertising sales organization teams across AutoTrader.com and its subsidiaries. Ms. Daniels also works with legal counsel and management to ensure that the organization has and maintains appropriate privacy and confidentiality policies, notices and other materials reflecting current organization and legal practices and requirements. She earned both a Masters of Business Administration and a Bachelor of Business Administration with a concentration in Accounting from Emory University’s Goizueta Business School. She was a Forté Fellow based on her academic and professional merit while attaining her Executive MBA. She is also a Certified Public Accountant in Georgia. Ms. Daniels resides in Dunwoody, Georgia with her husband and two year old daughter.
4 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
About the Speakers
Dan Schroeder is the partner-in-charge of Habif, Arogeti & Wynne’s Information Assurance Services practice that serves leading technology based companies on a national and international basis. Dan has over twenty-five years experience in IT management and risk management functions in both internal roles at a Fortune 100 company and in client serving roles with leading CPA firms. The services Dan oversees include:
Service Organization Control (SOC) reporting that replaced SAS 70 Security and Privacy compliance risk management, e.g., ISO 27001, PCI, HIPAA/HITECH, EU Safe Harbor, and banking regulations Security assessments including vulnerability scanning and penetration testing Data management and assurance
Dan is the immediate ex-chairperson of the AICPA Information Technology Executive Committee (ITEC) and serves on the AICPA task forces for Privacy and for SOC Reporting, and is lead designer of the new AICPA SOC reporting school.
5 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Road Map
• The Premise. • The Environment: Total Surveillance, Corporate Responsibility and
Transparency. • Overview of Data Gathering: What are Companies Doing with
Your Data? • Overview of Privacy Laws. • Understanding the Laws and Enforcement Authority Governing
Consumer Privacy. One Example for Self Regulation for OBA. • Responsibility of Companies in Collection and Use of PII from a
Security Perspective. • Overview of the Audit of Privacy and Security Controls. • Audits and Accountability of Information Standards and Practices. • Generally Accepted Privacy Principles (GAPP). • Recommended Take Aways.
6 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
The Environment: Total Surveillance. Corporate Responsibility and Transparency?
7 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
The Environment: Total Surveillance. Corporate Responsibility and Transparency?
8 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Single View of Customer
9 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Golden Record
Infinium∞
10 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Customer 360
11 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
“Big Data in a slide” by Infinium
12 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Opportunistic Exploitation
13 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Companies use Customer 360 to answer key questions
14 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Privacy and Security of Personally Identifiable Information
15 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Privacy and Security of Personally Identifiable Information
16 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Agencies Administering U.S. Privacy Laws
17 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
FTC Enforcement
18 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Statutes Granting Enforcement Authority to the FTC
19 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Consumer Marketing Communication Disclosures
20 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Online Advertising
21 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Mobile
22 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Leading Cases
23 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Leading Cases
24 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Leading Cases
25 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Triggers for FTC Complaints
26 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Recent 2013 FTC Comments and Enforcement Actions
27 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
FTC on Mobile Marketing and Mobile Application Development
28 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
FTC's Recent Comments
29 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
DAA Self-Regulatory Principles
30 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
DAA Self-Regulatory Principles
31 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Principles for Online Behavioral Advertising
32 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Principles for Online Behavioral Advertising
33 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Principles for Online Behavioral Advertising
34 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Principles for Online Behavioral Advertising
35 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Principles for Multi-Site Data
36 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Application of Principles to Mobile Environment
37 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Website Operator/Publisher Implementation
38 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Website Operator/Publisher Implementation
39 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Website Operator/Publisher Implementation
40 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Website Operator/Publisher Implementation
41 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Responsibility of Companies in Collection and use of PII from a Security Perspective
42 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Common Security Weaknesses related to PII / PHI
43 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Security Assurance Program for PII / PHI
44 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Essential security best practices
45 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
AICPA Service Organization Control (SOC) Reports
46 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
SOC 2 Report Purpose
47 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Generally Accepted Privacy Principles (GAPP)
48 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Generally Accepted Privacy Principles (GAPP)
49 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Take Aways
50 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Take Aways
51 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Take Aways
52 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Take Aways
53 LexisNexis Webinar: Preparing Your Company for a Privacy Rebellion, September 12, 2013
Question and Answer Session
Thank You!
Jodi Daniels CPO
Jodi.daniels@autotrader.com Autotrader.com
Usman Ghani
Principal usman@infiniuminc.com
Infinium 404.695.3514
David F. Katz
Partner david.katz@nelsonmullins.com
Nelson Mullins Riley & Scarborough LLP 404.322.6122
Dan Schroeder, CPA, CIA, CISA, CIPP/IT, PCI-QSA
Partner-in-Charge - Information Assurance Services DAN.SCHROEDER@hawcpa.com
770.353.8379