ABC's of Privacy and Security

781 views

Published on

Borrow GAMA's privacy team as your CPO for the evening with a review of compliance with domestic and international privacy and security law. Get your company ready for changes in California in 2014 as well as what may be on the horizon in the privacy and security space.

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
781
On SlideShare
0
From Embeds
0
Number of Embeds
17
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ABC's of Privacy and Security

  1. 1. THE ABC’s of PRIVACY & SECURITY
  2. 2. Disclaimer Lawyers
  3. 3. what is privacy?
  4. 4. Personally Identifiable Information (PII)
  5. 5. “Personally identifiable information” is information that identifies a particular person. “Pii” includes: ! • • • • • • • • • • • • • Full name; National identification number; IP address; Vehicle registration plate number; Driver’s license number; Face; Fingerprints; Handwriting; Credit card numbers; Digital identity; Date of birth; Birthplace; and Genetic information.
  6. 6. Sensitive PII ! • • • • • • • • Information on Medical or Health Condition; Financial Information; Racial or Ethnic Origin; Political Opinion; Religious or Philosophical Beliefs; Trade Union Membership; Sexual Preference; and Information Related to Criminal Offenses or Convictions.
  7. 7. Digital Data Privacy law is complicated.
  8. 8. Nationwide legislation is industry specific.
  9. 9. General Accepted Privacy Principles (GAPPs)
  10. 10. General Accepted Privacy Principles (GAPPs) ! 1. Notice 2. Consent 3. Use, Retention and Disposal 4. Monitoring and Enforcement
  11. 11. California ! Do Not Track ! Data Breach Notification ! No Surprises Approach to Mobile from the AG’s Office ! Digital “Eraser” Law for Minors ! ! ! ! !
  12. 12. privacy law abroad. international compliance.
  13. 13. Main Principles of the EU-US Safe Harbor ! 1. Notice 2. Choice 3. Onward Transfer 4. Access 5. Security 6. Data Integrity 7. Enforcement
  14. 14. kidz online. yes, different rules apply.
  15. 15. Children’s Online Privacy Protection Act ! Requires websites to get parental consent before collecting or sharing info for children under 13. ! Enforced by the Federal Trade Commission. ! Applies to commercial websites and other online services. ! ! !
  16. 16. getting prepped Privacy Management in Seven Steps
  17. 17. Seven Steps for Privacy Management ! 1. 2. 3. 4. 5. 6. 7. Assess Plan Draft Implement Disclose Grow Rinse & Repeat ! ! ! !
  18. 18. Seven Steps for Privacy Management ! Assess ! ! ! !
  19. 19. Conducting an assessment on privacy and data security.
  20. 20. type Audit: amount use intake
  21. 21. Seven Steps for Privacy Management ! Plan ! ! ! !
  22. 22. Seven Steps for Privacy Management ! Draft ! ! ! !
  23. 23. What Your Privacy Policy Should Say ! ! ! !
  24. 24. What Your Privacy Policy Should Say ! How Data is Collected and Stored ! !
  25. 25. What Your Privacy Policy Should Say ! Choice & Consent ! !
  26. 26. What Your Privacy Policy Should Say ! Data Retention ! !
  27. 27. What Your Privacy Policy Should Say ! Redress of Grievances ! !
  28. 28. What Your Privacy Policy Should Say ! Mobile Application Disclosure & Disclaimer ! !
  29. 29. Seven Steps for Privacy Management ! Implement ! ! ! !
  30. 30. What Your Team Should Know ! Where the Privacy Policy is located ! !
  31. 31. What They Should Know ! What kind of data you should collect ! !
  32. 32. What They Should Know ! How to handle basic customer privacy concerns ! !
  33. 33. Seven Steps for Privacy Management ! Disclose ! ! ! !
  34. 34. Seven Steps for Privacy Management ! Grow ! ! ! !
  35. 35. Seven Steps for Privacy Management ! Rinse & Repeat ! ! ! !
  36. 36. Avoiding the “Oh, crap.” General Privacy Tips
  37. 37. Where Trouble Arises ! Failing to respond to a complaint from the public !
  38. 38. Where Trouble Arises ! Don’t over-promise !
  39. 39. Where Trouble Arises ! When in doubt, talk to your risk management or legal teams
  40. 40. Where Trouble Arises ! Appropriate account access minimizes liability
  41. 41. Where Trouble Arises ! Use common sense
  42. 42. We just scratched the surface.
  43. 43. ?
  44. 44. Lawyer Christina Gagnier @gagnier gagnier@gamallp.com gamallp.com
  45. 45. THE ABC’s of PRIVACY & SECURITY

×