Presentation from the 2014 Southeastern Chapter of the American Association of Law Libraries conference in Knoxville, TN on privacy audits in law libraries.
Who owns your data ans why should you careDerek Keats
This is a video that was made from a webinar I did for Living in a connected world: Who owns my data, and why should I care? that was held by Nedbank, JCSE and EE Business Intelligence. My focus was on what ownership means.
An hour long presentation on "hot topics" for Canadian employers. Deals with business system monitoring, employee responsibility for "off duty" publication and background checks.
Frederick S. Lane is presenting at the Vermont Family Law Conference on divorce in the digital era. The presentation will cover pre-divorce digital checklists, identifying relevant digital information, digital investigations by clients and attorneys, electronic discovery and subpoenas, computer forensics in divorce cases, and issues of digital behavior during and after divorce. Lane has over 30 years of personal computer experience and 14 years of experience in computer forensics for various legal cases. He will discuss the legal risks and challenges of digital investigations in divorce proceedings.
Internal Investigations and Employee PrivacyDan Michaluk
This document discusses employee privacy considerations for internal investigators. It outlines that employee privacy rights come from statutes, collective agreements, and employment contracts. Investigators must view tactics through a risk assessment lens of balancing necessity and privacy. Collecting electronic communications and surveillance footage requires justification of grounds and consideration of less invasive means. Third party records require limited ability to access under privacy statutes. Investigation records should factually document interviews and communications without commentary to protect credibility.
Pli workplace privacy in the year 2013 2013-6-13mkeane
Addresses privacy issues associated with hiring in a social media world, privacy issues associated with BYOD programs; employee privacy rights associated with off-duty activity including Facebook postings and activity protected by lifestyle laws.
This is a narrow look at two issues related to social media look by employees - monitoring workplace computers and employee publication and "off duty" conduct.
Who owns your data ans why should you careDerek Keats
This is a video that was made from a webinar I did for Living in a connected world: Who owns my data, and why should I care? that was held by Nedbank, JCSE and EE Business Intelligence. My focus was on what ownership means.
An hour long presentation on "hot topics" for Canadian employers. Deals with business system monitoring, employee responsibility for "off duty" publication and background checks.
Frederick S. Lane is presenting at the Vermont Family Law Conference on divorce in the digital era. The presentation will cover pre-divorce digital checklists, identifying relevant digital information, digital investigations by clients and attorneys, electronic discovery and subpoenas, computer forensics in divorce cases, and issues of digital behavior during and after divorce. Lane has over 30 years of personal computer experience and 14 years of experience in computer forensics for various legal cases. He will discuss the legal risks and challenges of digital investigations in divorce proceedings.
Internal Investigations and Employee PrivacyDan Michaluk
This document discusses employee privacy considerations for internal investigators. It outlines that employee privacy rights come from statutes, collective agreements, and employment contracts. Investigators must view tactics through a risk assessment lens of balancing necessity and privacy. Collecting electronic communications and surveillance footage requires justification of grounds and consideration of less invasive means. Third party records require limited ability to access under privacy statutes. Investigation records should factually document interviews and communications without commentary to protect credibility.
Pli workplace privacy in the year 2013 2013-6-13mkeane
Addresses privacy issues associated with hiring in a social media world, privacy issues associated with BYOD programs; employee privacy rights associated with off-duty activity including Facebook postings and activity protected by lifestyle laws.
This is a narrow look at two issues related to social media look by employees - monitoring workplace computers and employee publication and "off duty" conduct.
Brad Houston provides a presentation on records management laws and policies for UWM employees. He discusses relevant laws like FERPA, HIPAA, and copyright law. The presentation emphasizes the importance of properly handling records requests, litigation holds, and electronic records. Employees are advised to contact legal affairs if they have questions about complying with records laws and policies.
Warning how background checks can get your staffing agency in big troubleMike McCarty
The highly unregulated background screening industry has peddled extremely low quality background checks by relying on incomplete databases, limiting the scope of the search to 7 years or not including alias names. Now, there is a fast growing movement to restrict the use of criminal background checks. It is critical that staffing companies understand how to conduct legally compliant criminal background checks that align with:
• Ban the Box
• EEOC 2012-2016 Strategic Plan
• Fair Credit Reporting Act
• Social Media Background Checks
This document provides an overview of compliance and ethics training for UWF staff and faculty. It discusses key topics like what compliance means, employee responsibilities, UWF regulations and policies, the differences between compliance and ethics, codes of conduct, the Florida Code of Ethics, accepting gifts, conflicts of interest, nepotism, outside activities, fraud prevention, retaliation, Florida's Sunshine Law, public records, IT security, and resources for getting help. Employees are expected to know and follow all applicable laws, policies, and procedures to ensure ethical and compliant behavior.
This document discusses confidentiality and best practices for using technology when working with students as a service provider. It provides an overview of relevant laws like FERPA, HIPAA, and ethical codes. It notes challenges like ensuring privacy of electronic records and recommends only including necessary information, using codes to identify students, strong passwords, and not sharing passwords or leaving devices unattended. It also provides scenarios and guidance on responding to subpoenas or parents requesting confidential counseling information.
The document discusses best practices for maintaining student confidentiality when using technology for student records and communication. It outlines various laws and ethical codes regarding privacy of student information, including FERPA, HIPAA, and ethical standards for school counselors. It provides recommendations for securing electronic student files, such as using passwords, encryption, and avoiding inclusion of identifiable information. It also addresses scenarios that could breach confidentiality and provides guidance on responding appropriately while upholding legal and ethical obligations.
Handling whistleblower complaints a global perspective for north american c...Case IQ
After last year’s award of more than $30 million to a foreign whistleblower who provided key information leading to a successful SEC enforcement action, it’s clear that whistleblowers don’t need to be in the home country to reap the rewards of their actions. Last year’s award was the largest by the SEC to date and the fourth award to a whistleblower living in a foreign country.
Considering the possible implications of a complaint that goes to the SEC or DOJ, it’s in every company’s best interest to handle internal whistleblower complaints effectively, no matter where they come from.
The General Counsel's office provides legal representation and services to the University of Houston System. The General Counsel handles lawsuits, contracts, student and faculty issues, employment matters, and legislation. Common legal issues that arise in classrooms include disruptive students, discrimination allegations, disabilities, and academic dishonesty such as cheating. Faculty must comply with laws such as FERPA regarding student privacy and records. The General Counsel can provide legal opinions and advice regarding these issues.
I’m attaching some info on the agency I work for. I work remot.docxdonnajames55
I’m attaching some info on the agency I work for. I work remotely at New Heights Middle School in Jefferson SC as a behavioral health counselor. I have a LMSW; I provide counseling services to kids from age 12-14. I was drawn to this agency due to my desire to work with kids. My prior job was at palmetto pee dee behavioral health. The kids there had mostly conduct disorders. At CareSouth I can focus a lot on actual counseling and less case management. They also pay for ceus and provide clinical supervision. My self-care that I practice is just doing something nice for myself once a week. Because sometimes you give so much of yourself to others you will forget about you.
State Laws Protecting Citizen Information and
Breach Notification Laws
ISOL633 - Legal Regulations,
Compliance, and Investigation
Learning Objective
Describe state legal compliance laws addressing public and private institutions.
Key Concepts
State regulation of privacy and information security
State data breach notification
State encryption regulations
State data disposal regulations
History of state privacy protection laws
DISCOVER: CONCEPTS
California Notification Law
California Database Security Breach Notification Act
First breach notification law
Enacted on July 1, 2003
Purpose to give California residents timely information to protect themselves
Serves as model for other states
California Notification Law
Anyone who owns or uses computerized data containing unencrypted personal information
Anyone who owns or uses computerized data containing unencrypted personal information
7/1/2018
6
Who Must Comply?
State agencies
Private organiza-tions
Business
Any entity storing info on California residents
Nonprofit organiza-tions
Data Breach Notification Laws
Requirements to inform customers of a data breach
Civil and/or criminal penalties for failure to disclose
Private right of action
Exemptions from reporting
DISCOVER: PROCESS
Personal Information - Defined
The general definition of “personal Information” is:
Both the Individual’s first name/initial and last name
And one or more of
Social Security Number
Driver’s License / State ID Number
Financial Account/Credit/Debit number AND the PIN/code/password to access it
Does not include publicly available information legally obtainable by general public from governmental records.
Check out this PDF from Baker & Hostetler, LLP for a nice chart documenting where personal information is wider than the general definition.
Breach Notification Decision Making
If breach occurred or may have occurred and
Computer system contains personal information
Personal information was encrypted
No notification required
Breach Notification Decision Making
If breach occurred or may have occurred and
Computer system contains personal information
Personal information was not encrypted
Individuals must receive notice of security breach
DISCOVER: ROLES
Roles
Chief Infor.
Higher education institutions experience more data breaches than any other industry. The document discusses privacy and security laws and regulations that apply to higher education such as FERPA, GLB, and state privacy laws. It provides recommendations for developing a comprehensive privacy program including inventorying information assets, assessing risks, reviewing policies, training employees, and monitoring compliance.
This document provides guidance to school counsellors on record keeping and note taking. It discusses what information to record, how much to record, where to record it, and how long to keep it. It also addresses how to decide what is confidential versus shareable, and to whom information can be shared. The document outlines different types of files like cumulative files and counselling case files. It provides guidance on case note style, content, and sharing information according to legislation.
The document discusses FERPA guidelines for sharing student information. It provides scenarios and answers regarding what information can be shared with parents and others. Key points include that grades and class performance cannot be shared with parents without student consent, and only directory information like name and enrollment status can be shared with recruiters. Student records belong to the student and must be kept private and secure according to FERPA law.
This document provides an overview of FERPA (Family Educational Rights and Privacy Act) for Gallaudet University employees. It begins by emphasizing the importance of understanding FERPA information and passing a required quiz. It then discusses key aspects of FERPA including its origins, responsibilities of the Family Policy Compliance Office, and its reach to institutions receiving federal funds. It also summarizes FERPA's guarantees of student rights related to their education records. The document provides guidance to employees on FERPA compliance in areas like handling student records, communications, and technology use.
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Steve Werby
Data breach notification laws have proliferated worldwide, beginning with California’s law, which was enacted nearly a decade ago. As a result, citizens are being bombarded by breach notifications and media coverage of data exposures has skyrocketed. But are these increasingly onerous laws leading to stronger information security and better decisions by citizens or are they backfiring? I’ll compare existing laws, analyze data breach notifications and explore the effects of these laws, including feedback from citizens and information security professionals. By comparing data exposure disclosure to other negative events that don't require disclosure and sharing alternate disclosure models, I'll leave the audience questioning whether there's a better way.
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
No matter what kind of law practice you have, you need to comply with privacy laws generally and lawyers' ethical duties with respect to privacy, specifically. In this presentation, legal ethics counsel Sarah Banola (Cooper, White and Cooper, LLP) and employment and privacy attorney Diana Maier (Law Offices of Diana Maier) deliver a primer on privacy law and teach you the key areas of privacy law and associated ethical obligations.
The document discusses implementing an information security program and provides recommendations. It covers topics like security and privacy standards, assessing risks, developing policies and procedures, training employees, and monitoring compliance. The University of Illinois Foundation implemented a successful security program by reviewing practices, removing sensitive data, providing training, revising policies, and gaining stakeholder support.
Privacy, Privilege And Confidentiality For Lawyerscanadianlawyer
This slide show was part of a presentation by mark Hayes at the 2011 Canadian Bar Association Annual Meeting in Halifax, Nova Scotia on August 16, 2011.
Best Practices In Corporate Privacy & Information Securitysatyakam_biswas
The document discusses best practices for corporate privacy and information security policies and compliance. It covers topics such as privacy fundamentals, legal compliance requirements, developing comprehensive security policies, and preparing for and responding to security breaches. Specific areas addressed include privacy models, data transfer agreements, employee training, encryption standards, access controls, auditing, and third party contracting language. The goal is to help companies avoid regulatory issues, protect data, and strengthen security.
Merit Event - Understanding and Managing Data Protectionmeritnorthwest
From the 24th of October 2002, the Data Protection Act 1998, which applies to local government, NHS Trusts, Schools, Universities and all UK organisations who process personal information, comes into full force. The Data Protection Act 1998 gives people more rights to have their personal information handled fairly, to object to certain types of processing and to have access to any information held about them.
Who should attend:
These briefings have been designed for those who are responsible for the implementation of the Data Protection Act 1998. The practical as well as the theory will be dealt with and attendees will have the opportunity to discuss Data Protection business issues with experts and other delegates.
Briefing Content:
Morning session - Introduction
a) The Data Protection Act and its Principles
b) Responsibilities
c) Policies and Notification
d) Dealing with sub-contractors
e) Subject Access
f) Manual Records
g) Human Resource
Afternoon Session - Auditing
a) Do you need to Audit?
b) How to Audit
c) Do you know what data you process?
d) Reviewing Responsibilities
e) Procedures and Processes
f) Putting Things Right
g) Demonstrating Compliance
About the eBusiness Club
This training day is being organised as part of the eBusiness Club activities managed on behalf of the Chamber on Merseyside by MERIT (NW) Ltd and supported by leading public and private sector partners. The Merseyside eBusiness club will assist members to achieve the best possible results from their ICT and eBusiness systems. At the same time they will learn about innovations in the market place and hear directly from the leading voices in the industry
Full details about the eBusiness Club can be found online at www.merit.org.uk/ebusinessclub or alternatively by contacting Ian Bulmer, eBusiness Club Co-ordinator, MERIT (NW) Ltd, One Old Hall Street, Liverpool. L3 9HG. Tel: 0151 285 1400 email: ebusinessclub@merit.org.uk
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Brad Houston provides a presentation on records management laws and policies for UWM employees. He discusses relevant laws like FERPA, HIPAA, and copyright law. The presentation emphasizes the importance of properly handling records requests, litigation holds, and electronic records. Employees are advised to contact legal affairs if they have questions about complying with records laws and policies.
Warning how background checks can get your staffing agency in big troubleMike McCarty
The highly unregulated background screening industry has peddled extremely low quality background checks by relying on incomplete databases, limiting the scope of the search to 7 years or not including alias names. Now, there is a fast growing movement to restrict the use of criminal background checks. It is critical that staffing companies understand how to conduct legally compliant criminal background checks that align with:
• Ban the Box
• EEOC 2012-2016 Strategic Plan
• Fair Credit Reporting Act
• Social Media Background Checks
This document provides an overview of compliance and ethics training for UWF staff and faculty. It discusses key topics like what compliance means, employee responsibilities, UWF regulations and policies, the differences between compliance and ethics, codes of conduct, the Florida Code of Ethics, accepting gifts, conflicts of interest, nepotism, outside activities, fraud prevention, retaliation, Florida's Sunshine Law, public records, IT security, and resources for getting help. Employees are expected to know and follow all applicable laws, policies, and procedures to ensure ethical and compliant behavior.
This document discusses confidentiality and best practices for using technology when working with students as a service provider. It provides an overview of relevant laws like FERPA, HIPAA, and ethical codes. It notes challenges like ensuring privacy of electronic records and recommends only including necessary information, using codes to identify students, strong passwords, and not sharing passwords or leaving devices unattended. It also provides scenarios and guidance on responding to subpoenas or parents requesting confidential counseling information.
The document discusses best practices for maintaining student confidentiality when using technology for student records and communication. It outlines various laws and ethical codes regarding privacy of student information, including FERPA, HIPAA, and ethical standards for school counselors. It provides recommendations for securing electronic student files, such as using passwords, encryption, and avoiding inclusion of identifiable information. It also addresses scenarios that could breach confidentiality and provides guidance on responding appropriately while upholding legal and ethical obligations.
Handling whistleblower complaints a global perspective for north american c...Case IQ
After last year’s award of more than $30 million to a foreign whistleblower who provided key information leading to a successful SEC enforcement action, it’s clear that whistleblowers don’t need to be in the home country to reap the rewards of their actions. Last year’s award was the largest by the SEC to date and the fourth award to a whistleblower living in a foreign country.
Considering the possible implications of a complaint that goes to the SEC or DOJ, it’s in every company’s best interest to handle internal whistleblower complaints effectively, no matter where they come from.
The General Counsel's office provides legal representation and services to the University of Houston System. The General Counsel handles lawsuits, contracts, student and faculty issues, employment matters, and legislation. Common legal issues that arise in classrooms include disruptive students, discrimination allegations, disabilities, and academic dishonesty such as cheating. Faculty must comply with laws such as FERPA regarding student privacy and records. The General Counsel can provide legal opinions and advice regarding these issues.
I’m attaching some info on the agency I work for. I work remot.docxdonnajames55
I’m attaching some info on the agency I work for. I work remotely at New Heights Middle School in Jefferson SC as a behavioral health counselor. I have a LMSW; I provide counseling services to kids from age 12-14. I was drawn to this agency due to my desire to work with kids. My prior job was at palmetto pee dee behavioral health. The kids there had mostly conduct disorders. At CareSouth I can focus a lot on actual counseling and less case management. They also pay for ceus and provide clinical supervision. My self-care that I practice is just doing something nice for myself once a week. Because sometimes you give so much of yourself to others you will forget about you.
State Laws Protecting Citizen Information and
Breach Notification Laws
ISOL633 - Legal Regulations,
Compliance, and Investigation
Learning Objective
Describe state legal compliance laws addressing public and private institutions.
Key Concepts
State regulation of privacy and information security
State data breach notification
State encryption regulations
State data disposal regulations
History of state privacy protection laws
DISCOVER: CONCEPTS
California Notification Law
California Database Security Breach Notification Act
First breach notification law
Enacted on July 1, 2003
Purpose to give California residents timely information to protect themselves
Serves as model for other states
California Notification Law
Anyone who owns or uses computerized data containing unencrypted personal information
Anyone who owns or uses computerized data containing unencrypted personal information
7/1/2018
6
Who Must Comply?
State agencies
Private organiza-tions
Business
Any entity storing info on California residents
Nonprofit organiza-tions
Data Breach Notification Laws
Requirements to inform customers of a data breach
Civil and/or criminal penalties for failure to disclose
Private right of action
Exemptions from reporting
DISCOVER: PROCESS
Personal Information - Defined
The general definition of “personal Information” is:
Both the Individual’s first name/initial and last name
And one or more of
Social Security Number
Driver’s License / State ID Number
Financial Account/Credit/Debit number AND the PIN/code/password to access it
Does not include publicly available information legally obtainable by general public from governmental records.
Check out this PDF from Baker & Hostetler, LLP for a nice chart documenting where personal information is wider than the general definition.
Breach Notification Decision Making
If breach occurred or may have occurred and
Computer system contains personal information
Personal information was encrypted
No notification required
Breach Notification Decision Making
If breach occurred or may have occurred and
Computer system contains personal information
Personal information was not encrypted
Individuals must receive notice of security breach
DISCOVER: ROLES
Roles
Chief Infor.
Higher education institutions experience more data breaches than any other industry. The document discusses privacy and security laws and regulations that apply to higher education such as FERPA, GLB, and state privacy laws. It provides recommendations for developing a comprehensive privacy program including inventorying information assets, assessing risks, reviewing policies, training employees, and monitoring compliance.
This document provides guidance to school counsellors on record keeping and note taking. It discusses what information to record, how much to record, where to record it, and how long to keep it. It also addresses how to decide what is confidential versus shareable, and to whom information can be shared. The document outlines different types of files like cumulative files and counselling case files. It provides guidance on case note style, content, and sharing information according to legislation.
The document discusses FERPA guidelines for sharing student information. It provides scenarios and answers regarding what information can be shared with parents and others. Key points include that grades and class performance cannot be shared with parents without student consent, and only directory information like name and enrollment status can be shared with recruiters. Student records belong to the student and must be kept private and secure according to FERPA law.
This document provides an overview of FERPA (Family Educational Rights and Privacy Act) for Gallaudet University employees. It begins by emphasizing the importance of understanding FERPA information and passing a required quiz. It then discusses key aspects of FERPA including its origins, responsibilities of the Family Policy Compliance Office, and its reach to institutions receiving federal funds. It also summarizes FERPA's guarantees of student rights related to their education records. The document provides guidance to employees on FERPA compliance in areas like handling student records, communications, and technology use.
Data Breach Notifications Laws - Time for a Pimp Slap Presented by Steve Werb...Steve Werby
Data breach notification laws have proliferated worldwide, beginning with California’s law, which was enacted nearly a decade ago. As a result, citizens are being bombarded by breach notifications and media coverage of data exposures has skyrocketed. But are these increasingly onerous laws leading to stronger information security and better decisions by citizens or are they backfiring? I’ll compare existing laws, analyze data breach notifications and explore the effects of these laws, including feedback from citizens and information security professionals. By comparing data exposure disclosure to other negative events that don't require disclosure and sharing alternate disclosure models, I'll leave the audience questioning whether there's a better way.
Privacy Best Practices for Lawyers: What Every Law Practice Needs to Know Abo...Diana Maier
No matter what kind of law practice you have, you need to comply with privacy laws generally and lawyers' ethical duties with respect to privacy, specifically. In this presentation, legal ethics counsel Sarah Banola (Cooper, White and Cooper, LLP) and employment and privacy attorney Diana Maier (Law Offices of Diana Maier) deliver a primer on privacy law and teach you the key areas of privacy law and associated ethical obligations.
The document discusses implementing an information security program and provides recommendations. It covers topics like security and privacy standards, assessing risks, developing policies and procedures, training employees, and monitoring compliance. The University of Illinois Foundation implemented a successful security program by reviewing practices, removing sensitive data, providing training, revising policies, and gaining stakeholder support.
Privacy, Privilege And Confidentiality For Lawyerscanadianlawyer
This slide show was part of a presentation by mark Hayes at the 2011 Canadian Bar Association Annual Meeting in Halifax, Nova Scotia on August 16, 2011.
Best Practices In Corporate Privacy & Information Securitysatyakam_biswas
The document discusses best practices for corporate privacy and information security policies and compliance. It covers topics such as privacy fundamentals, legal compliance requirements, developing comprehensive security policies, and preparing for and responding to security breaches. Specific areas addressed include privacy models, data transfer agreements, employee training, encryption standards, access controls, auditing, and third party contracting language. The goal is to help companies avoid regulatory issues, protect data, and strengthen security.
Merit Event - Understanding and Managing Data Protectionmeritnorthwest
From the 24th of October 2002, the Data Protection Act 1998, which applies to local government, NHS Trusts, Schools, Universities and all UK organisations who process personal information, comes into full force. The Data Protection Act 1998 gives people more rights to have their personal information handled fairly, to object to certain types of processing and to have access to any information held about them.
Who should attend:
These briefings have been designed for those who are responsible for the implementation of the Data Protection Act 1998. The practical as well as the theory will be dealt with and attendees will have the opportunity to discuss Data Protection business issues with experts and other delegates.
Briefing Content:
Morning session - Introduction
a) The Data Protection Act and its Principles
b) Responsibilities
c) Policies and Notification
d) Dealing with sub-contractors
e) Subject Access
f) Manual Records
g) Human Resource
Afternoon Session - Auditing
a) Do you need to Audit?
b) How to Audit
c) Do you know what data you process?
d) Reviewing Responsibilities
e) Procedures and Processes
f) Putting Things Right
g) Demonstrating Compliance
About the eBusiness Club
This training day is being organised as part of the eBusiness Club activities managed on behalf of the Chamber on Merseyside by MERIT (NW) Ltd and supported by leading public and private sector partners. The Merseyside eBusiness club will assist members to achieve the best possible results from their ICT and eBusiness systems. At the same time they will learn about innovations in the market place and hear directly from the leading voices in the industry
Full details about the eBusiness Club can be found online at www.merit.org.uk/ebusinessclub or alternatively by contacting Ian Bulmer, eBusiness Club Co-ordinator, MERIT (NW) Ltd, One Old Hall Street, Liverpool. L3 9HG. Tel: 0151 285 1400 email: ebusinessclub@merit.org.uk
Similar to Library privacy and the privacy audit (20)
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
FREE A4 Cyber Security Awareness Posters-Social Engineering part 3Data Hops
Free A4 downloadable and printable Cyber Security, Social Engineering Safety and security Training Posters . Promote security awareness in the home or workplace. Lock them Out From training providers datahops.com
2. What is Privacy?
In a library (physical or virtual), the right to
privacy is the right to open inquiry without
having the subject of one’s interest examined
or scrutinized by others.
– ALA, An Interpretation of the Library Bill of
Rights
3. Privacy and Confidentiality
Confidentiality exists when a library is in
possession of personally identifiable
information about users and keeps that
information private on their behalf.
– ALA, An Interpretation of the Library Bill of
Rights
4. Personally Identifiable
Information
Generally includes any information that can
identify a specific individual
Name Address Phone/Fax number
Social security
number
Driver’s license
number
Bar or Student ID
Number
Email address
Mother’s maiden
name
Spouse information
Financial information Medical information Education information
Birth date IP address Signature
5. What Laws Govern Library
Privacy?
Federal
1st Amendment
Video Privacy Protection Act
Freedom of Information Act (FOIA)
Family Educational Rights and Privacy Act
(FERPA)
State
Library privacy statutes
Records retention/destruction statutes
7. Georgia Business Records
Statutes
O.C.G.A. § 10-11-2. Time period for
retention of business records
O.C.G.A. § 10-15-2. Disposal of
business records containing personal
information
8. Privacy Audit
What is it?
Whose responsibility is it?
What is the end product?
9. What is a Privacy Audit?
Ensure goals supported by practices
Protect from liability
Process, not a one-time event
12. Preliminary Steps
1. Evaluate existing policies and procedures
2. Compile definitions, including what is
considered PII
3. Identify a process/department to audit
15. Auditing for PII
Patron records
Transaction logs
Notices for overdue items and fines
ILL and document delivery records
Visitor registers
Reference logs
Public terminals
16. Data Collection Considerations
Why is data being collected?
Who is collecting?
Who else has access?
How stored?
For how long?
How will data be destroyed?
17. Developing a Privacy Policy
State that privacy and 1st Amendment
rights are protected
Specifically discuss patron use info related
to books, multimedia resources, and the
internet
State that general statistical data may be
compiled, but that PII is not included
Offer an opt-in for contact unrelated to
library activities
Mention vendors
Have it reviewed by legal counsel
19. Audit Results
Existing privacy policy
Electronic security
Issues in practice
Instances of borrowing history revealed
Papers not secured/shredded
Processes needed updating
20. Audit Results – Electronic
Info
Patron circulation data well protected
ILS set to only keep current check outs and
unpaid fine information
Staff not clearing patron data from
circulation computer monitor
Scanned files need to be manually
deleted
27. Law Enforcement Requests
Separate policy
Easy reference
University-wide
THERESA CHMARA, PRIVACY AND
CONFIDENTIALITY ISSUES: A GUIDE FOR
LIBRARIES AND THEIR LAWYERS (2009).
28. Audit Results – Training
10-15 student assistants each semester
with a completely new staff every 2
years
Students are the main circulation desk
contacts
Training issues/reinforcement
Reminder sign posted next to the
circulation computer
29. Audit Results – Paper Problems
MANY issues
Inadvertent prints from the circulation
computer
Copies of checks
Old student info with social security numbers
Graded student work left by former
employees
Staff info page on a bulletin board
Print copies of sent overdue notices
35. Components of a Good Privacy
Policy
Notice of rights & applicable laws
Choice & consent
Access & updating
Data integrity and security
Data aggregation
Required disclosures
3 years; shred, erase, or redact; applies to wide variety of businesses (not government)
Determine what data is being collected and whether it needs to be collected
Categorize data based on degree of security required
Assess sensitivity, security risks, and public perceptions of collected information
Test your security measures
Destroy data when time requirements met
Repeat for each type of data collected/process that collects it
Problem: 1st Amendment and state library privacy laws protect patrons from exposure of borrowing history
Solution: Train staff to respond that they cannot reveal this information, but that they can investigate and recall the item or place a hold. Address ongoing individual training issues as they arise. Student worker asking which jury instructions would have instructions on child molestation. It’s not just the impacted patron, but also the one who overhears and thinks that he can’t ask a question for fear that it will be announced to the entire library.
Reference desks are often centrally placed to encourage patrons to ask questions. Some patrons don’t mind asking sensitive questions in a public area, but others may not be so comfortable. Absent completely rearranging our library, what can we do? Offer patrons a piece of paper to write down a reference question if they look hesitant or offering to move the conversation to a less public area to make them feel more comfortable.
Inadvertent printing happens a lot in our library. The student workers were just recycling the inadvertently printed pages. We trained them to shred any paper that listed a patron name instead of recycling it.
There are a lot of old records in my office because it is large and was used for storage for 4 years while my position was unfilled. One of the things that I found that made me think to do a privacy audit was years worth of copies of checks. With the information on a copy of a check, I have a person’s full name, address, bank name, account number, and signature. An identity thief could do a lot of damage with that information. When I looked into it, I found out that the copies were necessary in case a check was returned for insufficient funds because the university accounting office would just give the amount of the check and the check number, not the name of the person who presented it. So in the audit, we determined that we were collecting this information for a valid reason, but we had no rules for how we stored it, how long we kept it, and how we destroyed it. Now we keep the information only until the checks clear. We have no business need to keep it for any longer. We keep the copies locked up in a spot that only three people have access to, and when we discard the information, we take it to the secure shredder in the registrar’s office.
Records not saved or searchable in our circulation software
Print once and then are cleared out
We keep a copy of what we’ve sent to patrons with overdue items and fines
Was just in a notebook; now locked in a filing cabinet
Students and staff had trouble remembering to clear patron data from the circulation computer. IT could not install a screen saver because of the restrictions on the machine. Compromise was this screen insert that blocks all but straight on viewing of the information on the screen.
Post a notice that terminals are restricted to legal research use. This is likely to be reasonable with respect to your library’s purpose (case law) and gives you support to ask patrons to conduct non-legal research computer use elsewhere.
While you’re keeping an eye out for patron data privacy issues, cast a broader net and you may be able to find related areas where you can save your library or your staff some time and trouble with some small changes/education. BTW, the rolodex is REAL!