The document discusses the complexities of privacy legislation, highlighting the importance of compliance with various regulations like HIPAA and data encryption laws. It outlines the obligations placed on organizations regarding the handling of personal information, emphasizing the significant risks and vulnerabilities that exist, particularly through email communication. The consequences of non-compliance include fines, reputational damage, and mandatory breach disclosures.

1. There
is
no
“oops”
clause
to
Privacy
LegislaFon
Feb
27,
2013
Presented
by
Robby
Gulri,
VP
Products
gulri@echoworx.com
For
product
inquiries,
Ryan
Vaudry,
Account
Director
vaudry@echoworx.com
1

2. Compliance
Simplified
–
Achieve
,
Illustrate,
Maintain
Industry
leading
Educa2on
Todays
Webinar
• Please
ask
ques2ons
• Todays
slides
are
available
hGp://compliancy-­‐group.com/slides023/
Cer2fied
Partner
Program
• Past
webinars
and
recordings
hGp://compliancy-­‐group.com/webinar/
855.85HIPAA
www.compliancygroup.com

3. Privacy
legisla2on
is
everywhere
3

4. Safe
harbor
bridges
the
“privacy
gap”
4

5. Safe
harbor
• Policy
agreement
between
the
United
States
Department
of
Commerce
and
the
European
Union
(E.U.)
• Regulates
the
way
that
U.S.
companies
export
and
handle
the
personal
data
of
European
ciFzens
• Before
safe
harbor
it
was
almost
illegal
to
transfer
personal
data
outside
of
Europe
• Safe
harbor
sFpulates
that
companies
collecFng
personal
data
must:
– inform
the
people
that
the
data
is
being
gathered
– tell
them
what
will
be
done
with
it
– obtain
permission
to
pass
on
the
informaFon
to
a
third
party
– allow
people
access
to
the
data
gathered
– assure
data
integrity
and
security
– guarantee
a
means
of
enforcing
compliance
must
be
guaranteed
5

6. Safe
harbor
framework
• 7
Privacy
Principles
– NoFce,
Choice,
Onward
Transfer,
Access,
Data
Integrity,
Security,
Enforcement
– 15
FAQ’s
• Standards
for
Email
Encryp2on
• Series
of
leIers
between
the
European
Commission,
Department
of
Commerce,
Federal
Trade
Commission,
and
Department
of
TransportaFon
6

7. IT’S
THE
LAW!
7

8. Examples
of
highly
enforced
regula2ons
• HIPAA
mandates
that
all
protected
health
informaFon
should
be
encrypted
on
public
networks
• MassachuseIs
encryp2on
law
states
that
all
personal
informaFon
stored
on
laptops
and
other
portable
devices
must
be
encrypted
• The
Italian
personal
data
protec2on
code
states
that
personal
data
shared
between
healthcare
bodies
and
professionals
must
be
performed
using
encrypFon
technology
• California
bill
AB
1950
mandates
all
organizaFons
that
use
personal
electronic
records
must
establish
precauFonary
measures
to
protect
data
• Michigan
encryp2on
law
states
that
personal
idenFfying
informaFon
must
be
stored
in
an
encrypted
format
• The
Spanish
royal
decree
states
that
sensiFve
data
may
only
be
transmiGed
electronically
if
the
data
is
encrypted
first
• Nevada
encryp2on
law
states
that
businesses
must
encrypt
all
informaFon
transferred
electronically
• Canadian
department
of
jus2ce
states
that
private
informaFon
should
be
locked
in
cabinets,
protected
with
passwords
and
protected
with
encrypFon
8

9. Regula2ons
are
complex
• Sectoral
regulaFons
are
different
for
healthcare,
financial
services,
banking,
insurance,
and
more
• Federal
regulaFons
include
HIPAA,
PCI,
SOX,
Children
On-­‐Line
InformaFon
• State
Laws
require
data
breach
noFficaFons
• Agency
regulaFons
include
FTC,
Office
of
Treasury,
SEC,
etc
• Global
laws
include
safe
harboring
and
export
laws
9

10. What
exactly
are
we
protec2ng
An
individuals
personal
informaFon
or
PI
• Name
Data
includes:
• IniFals
• Personal
details
like
salary,
bank
• Address
balance,
etc.
• SSN
• Consumer
and
employee
e-­‐mail
• Internal
reports
• Phone
number
• Expressions
of
interest
on
parFcular
• Email
address
topics
• IT
logs
of
originaFng
IP
addresses
• Photographs
• Internet
transmission
data
like
parFcular
web
pages
viewed,
etc.
• Fingerprints
• and
more
…
10

11. Regulated
versus
non-­‐regulated
data
REGULATED
DATA
NON-­‐REGULATED
DATA
• Personal
informaFon:
• Intellectual
property:
– Health
data:
disease
history,
– R&D
biometric
idenFfies
such
as
– Technical
Specs
reFnal
scans,
DNA
–
DocumentaFon
– Financial
data:
pin
codes,
account
numbers,
billing
details,
– Source
Code
credit
card
informaFon
– Diagrams,
formulas,
and
– Personal
data:
social
security
calculaFons
numbers,
fingerprints,
race,
– Manufacturing
and
ethnicity,
sex/orientaFon,
development
processes
religious
belief,
poliFcal
opinion,
trade
union
membership,
physical/mental
health
or
condiFons,
criminal
record
11

12. Key
vulnerabili2es
and
risks
• Third-party vendors who handle data transfers
• Lost devices such as laptops, portable media and back-up tapes
• Dumpster diving
• Peer-to-peer networks such as iPods, file sharing, etc.
• Email scams such as phishing
• Internet routers that are not protected
• Using SSNs for authentication and insecure storing of SSNs
• Improper access to facilities and physical equipment
• Mobile and home-based workforce without VPN controls, device
management, and remote security processes
• Social Engineering risks and internal call centers not prepared to
handle these risks
12

13. Email
poses
the
biggest
risk
• Email
is
s2ll
the
#
1
business
communica2ons
tool
– Workers
spend
an
average
of
152
minutes
per
day
on
email
– Worldwide
email
accounts
by
2014
are
projected
at
3.8
billion
• Widespread
misuse
of
email
– 1
in
5
outgoing
emails
contain
content
that
poses
a
legal,
financial,
or
regulatory
risk
• High
risk
– 89%
of
unsolicited
email
contain
malware
– Email
is
the
most
common
“aGack”
method
for
hackers
– 75%
of
all
corporate
email
contain
some
Intellectual
Property
13

14. Email
poses
the
biggest
risk
• Embedded
links
and
file
aGachments
all
pose
a
high
risk
• Highest
profile
of
data
breaches
generally
involve
email
and
the
intercepFon
of
email
• Ongoing
educaFon
is
required
for
employees,
partners,
and
customers
• An
email
encrypFon
soluFon
that
“just
works”
is
required
to
protect
privacy
and
sensiFve
informaFon
– Email
encrypFon
technology
must
be
easy
to
use
and
deploy
– ComplexiFes
of
encrypFng
email
should
be
hidden
from
the
end-­‐user
– Email
encrypFon
soluFon
must
be
standards
based
– Email
encrypFon
soluFon
must
be
powerful
and
military
grade
14

15. Understanding
data
intercep2on
• Spear
Phishing
–
aGacks
directed
at
high
profile
targets
• Spoofing
/
Spam
–
Disguised
email
that
introduces
viruses
and
malware
into
systems
to
extract
informaFon
• Phishing
–
Disguised
email
designed
to
acquire
passwords
and
other
confidenFal
informaFon
relaFng
to
privacy
• Cache
Poisoning
–
DNS
compromises
for
URL
redirecFon
• Denial
of
Service
–
Bring
down
a
mail
server
with
high
volume
of
emails
to
then
extract
informaFon
• Man
in
the
Middle
–
Intercept
outgoing
email
at
various
points
of
delivery
to
gain
access
to
private
informaFon
15

16.
Three
steps
to
compliance
Develop
privacy
policies
• Needs/risk
assessment
• Define
policies
• Create
clear
rules
for
the
distribuFon
of
confidenFal
info
• Provide
and
support
an
easy
to
use
technical
soluFon
to
enforce
policies
and
procedures
Eliminate
human
error
• People
make
mistakes
• Most
data
is
compromised
inadvertently
• Up
to
80%
of
breaches
are
caused
internally
Protect
confiden2al
informa2on
• Apply
encrypFon
to
all
confidenFal
info,
across
all
plaoorms
and
devices
• Enforce
encrypFon
automaFcally
using
a
policy
engine
• Alternately
encrypt
emails
directly
from
the
desktop
16

17. Protec2ng
confiden2al
informa2on
using
encryp2on
puts
you
on
the
right
track
to
compliance
17

18. You
can
pay
for
encryp2on
now
…
or
pay
more
later
Country
Cost
per
Record
Cost
of
Breach
Australia
$114
$1.83M
France
$119
$2.53M
Germany
$177
$3.44M
UK
$98
$2.57M
USA
$204
$6.75M
Average
$142
$3.43M
Source:
Ponemon
2011
18

19. Consequences
of
non-­‐compliance
• Significant
fines
• Loss
of
reputaFon
• Loss
of
customers
• IntercepFon
/
disclosure
of
outgoing
email
• Likelihood
of
inbound
email
aGacks
• Loss/thes
of
private
informaFon
19

20. Disclosing
data
breaches
• Before
there
was
no
law
to
disclose
a
data
breach
• Today
all
data
breaches
have
to
be
disclosed
to
the
effected
parFes:
• OrganizaFons
must:
– Disclose
any
breach
of
security
– Provide
noFficaFon
of
the
breach
in
the
most
expedient
Fme
possible
– Provide
noFficaFon
without
unreasonable
delay
– Provide
noFficaFon
to
a
major
media
outlet
– Data
breaches
on
a
data
breach
noFficaFon
website
– Individuals
have
to
be
compensated
for
their
loss
– IdenFty
thes
consFtute
big
dollar
payout
20

21. California
SB
1386
• If
a
breach
occurs,
the
affected
enFFes
must:
– Disclose
any
breach
of
security
of
the
system
– Following
discovery
with
noFficaFon
of
the
breach
in
the
most
expedient
Fme
possible
and
without
unreasonable
delay
in
wriFng
to
any
resident
in
California
whose
unencrypted
personal
informaFon
was
or
is
reasonably
believed
to
have
been
acquired
by
an
unauthorized
party
• A
Model
for
most
of
the
US
State
Data
Breach
noFficaFon
laws
• A
Model
for
many
global
data
breach
laws
and
privacy
laws
21

22. Physical
security
• Don’t
forget
physical
security
• This
is
osen
overlooked
and
neglected
• Restrict
and
monitor
access
to
servers
• Secure
faciliFes
and
infrastructure
• Alert
on
all
systems
disrupFons
and
outages
22

23. Compliance
MisconcepFons
Best
PracFce
• Compliance
with
certain
laws
• OrganizaFons
must
acFvely
does
not
equal
Compliance
with
manage
ALL
compliance
all
laws
regulaFons
• Federal
PCI
Compliance
does
• No
shortcut
for
regulatory
not
equal
compliance
with
State
analysis
oriented
PCI
Laws.
Each
state
• Need
an
approach
that
scales
has
a
different
perspecFve
on
PCI
– Many
naFonal,
state,
and
global
regulaFons
and
more
coming
• Email
and
Data
Encryp2on
is
part
of
all
these
regula2ons
23

24. HIPAA
• 6,499
acFve
HIPAA
privacy
rule
invesFgaFons
underway
• 23%
of
total
HIPAA
privacy
complaints
resulted
in
fines
• PenalFes
are
based
on
intent
behind
the
violaFon
• Fines
of
up
to
$1.5
million
• Mandatory
audits
by
U.S.A.
HHS
24

25. HIPAA
A
licensed
pracFcal
nurse
who
pled
Nearly
three
dozen
hospital
workers
guilty
to
wrongfully
disclosing
a
at
Allina
Hospitals
were
fired
paFent’s
health
informaFon
for
Thursday
aser
violaFng
privacy
rules
personal
gain
faces
a
maximum
involving
a
high-­‐profile
overdose
case
penalty
of
10
years
imprisonment,
a
(2011)
$250,000
fine
or
both
(2011)
The
reason
for
the
firings
is
the
same
Andrea
Smith,
LPN,
25,
of
Trumann,
for
all
of
them:
Looking
up
medical
Arkansas,
and
her
husband,
JusHn
informaHon
about
Trevor
Robinson
Smith,
were
indicted
on
federal
and
the
other
people
involved
without
charges
of
conspiracy
to
violate
and
permission.
All
these
are
classified
as
substanHve
violaHons
of
the
Health
HIPAA
violaHons
Insurance
Portability
and
Accountability
Act
(HIPAA)
in
December
25

26. HIPAA
A
former
UCLA
Health
System
Cignet
Health
of
Prince
George’s
employee
became
the
first
person
in
County
in
Washington
has
been
fined
the
naFon
to
be
sentenced
to
federal
a
total
of
$4.3
million
for
violaFons
of
prison
for
violaFng
HIPAA
HIPAA
Huping
Zhou,
47,
of
Los
Angeles,
was
The
Department
of
Health
and
sentenced
to
four
months
in
prison
on
Human
Services
Office
of
Civil
Rights
April
27,
2010
aUer
pleading
guilty
in
alleges
Cignet
violated
41
paHents’
January
to
four
misdemeanor
counts
rights
in
2008
and
2009
by
not
of
accessing
and
reading
the
providing
them
access
to
their
medical
confidenHal
medical
records
of
his
records
in
a
reasonable
amount
of
supervisors
and
high-­‐profile
Hme
celebriHes,
according
to
the
U.S.
AXorney’s
Office
for
the
Central
District
of
California.
Zhou
was
also
fined
$2,000
26

27. HIPAA
HIPAA
violaFons
can
be
applied
to
California
recently
(Jan
2012)
fined
14
both
larger
and
smaller
medical
hospitals
a
total
of
$850,000
for
a
offices
variety
of
errors
that
put
paFents
and
paFent
data
at
risk
Phoenix
Cardiac
Surgery
a
small
surgery
center
with
5
physicians
was
The
highest
penalty
of
$100,000
was
recently
fined
(April
2012)
$100,000
assessed
on
two
hospitals:
Mission
by
OCR
for
failing
to
protect
paHent
Hospital
Regional
Medical
Center,
informaHon
Mission
Viejo,
and
Scripps
Memorial
Hospital
La
Jolla
for
various
HIPAA
violaHons.
The
rest
of
the
penalHes
were
for
$50,000
or
$25,000.
Most
were
for
failure
to
follow
best
pracHces
for
PHI
protecHon
27

28. HIPAA
• Controls
physical
security,
data
protecFon,
policies
and
procedures
• Must
encrypt
paFent
health
informaFon
(PHI)
transmiGed
over
public
networks
• May
use
and
disclose
PHI
only
as
permiGed
• May
disclose
PHI
to
business
associates
only
if
it
obtains
“saFsfactory
assurance”
that
the
business
associate
will
properly
safeguard
the
informaFon
• Not
compliant
if
business
associate
agreement
is
not
adequate,
not
in
place,
or
not
enforced
• More
info:
hGp://www.hhs.gov/ocr/privacy/
28

29. Gramm-­‐Leach-­‐Bliley
act
(GLBA)
• Financial
InsFtuFons
can
be
fined
up
to
$100,000
for
each
violaFon
• ExecuFves
could
be
fined
up
to
$10,000
for
each
violaFon
• Criminal
penalFes
may
include
up
to
five
years
in
prison
• financial
InsFtuFon
must
noFfy
individuals
if
their
personal
financial
informaFon
is
used
or
shared
inappropriately
REQUIREMENTS
EXAMPLE
• Data
encrypFon
with
the
ability
FTC
cracked
down
on
a
mortgage
to
log
and
audit
should
be
a
key
company
for
violaFng
the
privacy
part
of
any
GLBA
compliance
rules
of
the
GLBA
plan
• Regulators
want
to
see
clear
The
result:
10
years
of
proof
that
informaFon
security
company
audits
policies
are
in
place
and
are
being
enforced
29

30. Payment
card
industry
(PCI)
• PCI
safeguards
payment
cardholder
data
• 67%
of
PCI-­‐regulated
companies
are
sFll
not
in
full
compliance
with
the
standard
(InformaFon
Week,
April
2012)
• PCI
data
breaches
increased
from
79%
in
2009
to
85%
in
2012
(Ponemon
2012)
• Two
of
the
largest
Credit
Card
thess
in
history
• Heartland
CorporaFon:
intruders
broke
into
its
systems
and
stole
data
of
more
than
130
million
credit
and
debit
cards
(2012)
• TJ
Maxx
had
94
million
cards
compromised
(2007)
30

31. Payment
card
industry
requirements
Control
Objec2ves
PCI
DSS
Requirements
1.
Install
and
maintain
a
firewall
configuraFon
to
Build
and
Maintain
a
Secure
protect
cardholder
data
Network
2.
Do
not
use
vendor-­‐supplied
defaults
for
system
passwords
and
other
security
parameters
3.
Protect
stored
cardholder
data
Protect
Cardholder
Data
4.
Encrypt
transmission
of
cardholder
data
across
open,
public
networks
5.
Use
and
regularly
update
anF-­‐virus
sosware
on
Maintain
a
Vulnerability
all
systems
commonly
affected
by
malware
Management
Program
6.
Develop
and
maintain
secure
systems
and
applicaFons
7.
Restrict
access
to
cardholder
data
by
business
Implement
Strong
Access
need-­‐to-­‐know
Control
Measures
8.
Assign
a
unique
ID
to
each
person
with
computer
access
9.
Restrict
physical
access
to
cardholder
data
Regularly
Monitor
and
Test
10.
Track
and
monitor
all
access
to
network
Networks
resources
and
cardholder
data
11.
Regularly
test
security
systems
and
processes
Maintain
an
InformaFon
12.
Maintain
a
policy
that
addresses
informaFon
Security
Policy
security
31

32. Privacy
&
security
globally
• Examples
of
countries
w/
Data
ProtecFon
Countries
with
Data
Privacy
Laws
15
EU
Members
Hungary
ArgenFna
Iceland
Australia
Israel
Brazil
New
Zealand
Bulgaria
Norway
Canada
Paraguay
Chile
Poland
Czech
Republic
Russia
Estonia
Slovakia
Hong
Kong
Switzerland
Japan
Taiwan
32

33. Privacy
&
security
globally
• Examples
of
countries
with
limited
or
no
data
protecFon
Countries
without
Data
Privacy
Laws
Most
of
Asia
expect
Russia
Philippines
China
Singapore
(evolving)
India
(in
progress
quickly)
Central
America
Africa
Mexico
Malaysia
Middle
East
except
Israel
33

34. Global
regula2ons
U.S.A.
Sectoral
Laws
Outside
the
U.S.A.
• HIPAA-­‐Health
Insurance
Portability
and
• Countries
with
Comprehensive
Privacy
Accountability
Act
laws
(e.g.
EEA,
Japan,
ArgenFna,
Canada,
• HITECH-­‐Health
InformaFon
Technology
Australia)
for
Economic
and
Clinical
Health
Act
• Countries
with
sectoral
laws
or
as
part
of
• FCRA-­‐Fair
Credit
ReporFng
Act-­‐impacts
their
consFtuFon:
Colombia,
Paraguay,
employment
re
credit
checks
Venezuela,
Ecuador,
Uruguay
• COPPA-­‐Children s
Online
Privacy
ProtecFon
Act-­‐impacts
markeFng
to
• EU-­‐
Data
ProtecFon
DirecFve: Safe
children
Harbor
as
it
relates
to
EU
DirecFve
• CAN-­‐SPAM-­‐Controlling
Assault
on
Non-­‐
Solicited
Pornography
and
MarkeFng
• TSR-­‐TelemarkeFng
Sales
Rule,
DNC-­‐Do
Not
Call,
DNF-­‐Do
Not
Fax
• GLBA-­‐Gramm-­‐Leach
Bliley-­‐impacts
Financial
informaFon
• FTC
Act
(unfair
and
decepFve
pracFces)
• GINA-­‐GeneFc
InformaFon
NondiscriminaFon
Act
34

35. Privacy
in
Australia
• Privacy
in
Australian
law
is
the
right
of
natural
persons
to
protect
their
personal
life
from
invasion
and
to
control
the
flow
of
their
personal
informaFon.
• Privacy
is
not
an
absolute
right;
it
differs
in
different
contexts
and
is
balanced
against
other
compeFng
rights
and
duFes.
• It
is
affected
by
the
Australian
common
law
and
a
range
of
Commonwealth,
State
and
Territorial
laws
and
administraFve
arrangements.
35

36. Privacy
in
Australia
• Privacy
can
be
divided
into
a
number
of
separate,
but
related,
concepts:
– InformaFon
privacy,
which
involves
the
establishment
of
rules
governing
the
collecFon
and
handling
of
personal
data
such
as
credit
informaFon,
and
medical
and
government
records.
It
is
also
known
as
'data
protecFon'
– Bodily
privacy,
which
concerns
the
protecFon
of
people’s
physical
selves
against
invasive
procedures
such
as
geneFc
tests,
drug
tesFng
and
cavity
searches
– Privacy
of
communica2ons,
which
covers
the
security
and
privacy
of
mail,
telephones,
e-­‐mail
and
other
forms
of
communica2on
– Territorial
privacy,
which
concerns
the
seyng
of
limits
on
intrusion
into
the
domesFc
and
other
environments
such
as
the
workplace
or
public
space.
This
includes
searches,
video
surveillance
and
ID
checks
36

37. Privacy
in
Brazil
• A
Brazilian
ciFzen's
privacy
is
protected
by
the
country's
consFtuFon
which
states:
– The
inHmacy,
private
life,
honor
and
image
of
the
people
are
inviolable,
with
assured
right
to
indenizaHon
by
material
or
moral
damage
resulHng
from
its
violaHon
37

38. Privacy
in
Canada
• Federal
Personal
Informa2on
Protec2on
and
Electronic
Documents
Act
(PIPEDA)
governs
the
collecFon,
use
and
disclosure
of
personal
informaFon
in
connecFon
with
commercial
acFviFes
and
personal
informaFon
about
employees
of
federal
works,
undertakings
and
businesses
• Does
not
apply
to
non-­‐commercial
organizaFons
or
provincial
governments
• Personal
informa2on
collected,
used
by
the
federal
government
is
governed
by
the
Privacy
Act
• Many
provinces
have
enacted
similar
provincial
legislaFon
such
as
the
Ontario
Freedom
of
InformaFon
and
ProtecFon
of
Privacy
Act
which
applies
to
public
bodies
in
that
province
38

39. Privacy
in
India
• New
privacy
rules
and
laws
(June
2011)
– Any
organizaFon
that
processes
personal
informaFon
must
obtain
wriGen
consent
from
the
data
subjects
before
undertaking
certain
acFviFes
• InformaFon
Technology
(Amendment)
Act,
2008
– SecFon
43A
deals
with
implementaFon
of
reasonable
security
pracFces
for
sensiFve
personal
data
or
informaFon
and
provides
for
the
compensaFon
of
the
person
affected
by
wrongful
loss
or
wrongful
gain
including
encrypFon
– SecFon
72A
which
provides
for
imprisonment
for
a
period
up
to
3
years
and/or
a
fine
up
to
Rs.5,00,000
for
a
person
who
causes
wrongful
loss
or
wrongful
gain
by
disclosing
personal
informaFon
of
another
person
while
providing
services
under
the
terms
of
lawful
contract
39

40. Privacy
in
Taiwan
• Computer
Processed
Personal
Informa2on
Protec2on
Act
was
enacted
in
1995
in
order
to
protect
personal
informaFon
processed
by
computers
• The
general
provision
specified
the
purpose
of
the
law,
defined
crucial
terms,
prohibited
individuals
from
waiving
certain
rights.
40

41. Resources
• hGp://www.sc.gov/bcp/menus/consumer/data/child.shtm
• hGp://www.sc.gov/bcp/menus/consumer/data/idt.shtm
• hGp://www.sc.gov/bcp/menus/consumer/data/privacy.shtm
• HIPAA
Privacy
Rule:
hGp://privacyruleandresearch.nih.gov/
• Data
Privacy
Day:
hGp://dataprivacyday2010.org/
• IAPP-­‐InternaFonal
AssociaFon
of
Privacy
Professionals:
hGps://www.privacyassociaFon.org/
• AICPA.org
• hGp://www.hhs.gov/ocr/privacy/
41

42. Compliance
Simplified
–
Achieve
,
Illustrate,
Maintain
Compliance
Simplified!
 HIPAA
Compliance
Achieve
 HITECH
Attestation
 Meaningful
Use
core
measure
Illustrate
15
Free
Demo
and
15
Day
Maintain
Evaluation
855.85HIPAA
http://compliancy-­‐group.com/
New
&
Past
Webinars
http://compliancy-­‐group.com/
webinar/
855.85HIPAA
www.compliancygroup.com

43. Thank
you
Presented
by
Robby
Gulri,
VP
Products
gulri@echoworx.com
For
product
inquiries,
Ryan
Vaudry,
Account
Director
vaudry@echoworx.com
43