This presentation reviews the legal reasons for companies to establish a records retention and destruction policy and identifies the major steps in establishing a policy. It also presents a high level overview of the new Ontario e-Discovery rules.
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
The Data Protection Act 2019, was enacted on November 8th, 2019, ushering a new era of accountability and responsibility with regard to processing of personal data and information. Naturally, there has been a resurrection of the chatter around data protection in increasingly data-driven social and economic settings. The question on everyone’s mind being what does this mean for me?
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
Presented at a workshop for the Internet Society Singapore Chapter in May 2013. Visit techmusicartandlaw.blogspot.com to contact the author, or www.isoc.sg to find out more about the Internet Society in Singapore
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor
In this session, we will go through the roles and responsibilities of the main actors responsible for protecting data in an organization: the Data Protection Officer, Information Security Manager, and Information Security Auditor.
The webinar will cover:
• What are the roles and responsibilities of the main actors responsible for protecting data in an organization?
• How can an organization find out if they are required to designate a DPO role or not?
• Can the roles of a DPO and Information Security Manager be covered by the same individual?
• What organizations are required to do to have the DPO perform its role and responsivities independently?
Presenter:
Our first presenter for this webinar is Peter Geelen, director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Our second presenter is Stefan Mathuvis, owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Recorded webinar: https://www.youtube.com/watch?v=Y0hnv1laxAw&feature=youtu.be
Electronic Evidence is found in all computer and multimedia as well as communication devices. Increasingly most of the business transactions are done in paperless mode but when the disputes arise, then where to look for evidence? This presentation will help you in this field.
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-regulations-and-requirements-2021/
Defining an IT Auditor,
IT Auditor Certifications & ISACA,
IT Audit Phases,
Preparing to be Audited,
How IT auditor audits an Applications,
Auditing technology for Information System.
Information Security Awareness
Tips to improve infosec awareness in any organization
To learn more visit http://www.SnapComms.com/solutions/employee-security-awareness
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
Presented at a workshop for the Internet Society Singapore Chapter in May 2013. Visit techmusicartandlaw.blogspot.com to contact the author, or www.isoc.sg to find out more about the Internet Society in Singapore
Key Data Privacy Roles Explained: Data Protection Officer, Information Securi...PECB
Key Data Privacy Roles Explained: Data Protection Officer, Information Security Manager, and Information Security Auditor
In this session, we will go through the roles and responsibilities of the main actors responsible for protecting data in an organization: the Data Protection Officer, Information Security Manager, and Information Security Auditor.
The webinar will cover:
• What are the roles and responsibilities of the main actors responsible for protecting data in an organization?
• How can an organization find out if they are required to designate a DPO role or not?
• Can the roles of a DPO and Information Security Manager be covered by the same individual?
• What organizations are required to do to have the DPO perform its role and responsivities independently?
Presenter:
Our first presenter for this webinar is Peter Geelen, director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Our second presenter is Stefan Mathuvis, owner & senior consultant at Quality Management & Auditing BV, Zonhoven, Belgium. With over 20 years of experience, Stefan built strong experience in quality management systems, Information Security management systems, GDPR, data privacy & data protection. Stefan is accredited ISO/IEC 27001 Lead Auditor and operates as a third party auditor for DQS Belgium. Dividing his time between consultancy, training & third party auditing on an international scale, Stefan remains in touch with the issues of today allowing him to assist clients in their needs for Information Security and Data Privacy.
Recorded webinar: https://www.youtube.com/watch?v=Y0hnv1laxAw&feature=youtu.be
Electronic Evidence is found in all computer and multimedia as well as communication devices. Increasingly most of the business transactions are done in paperless mode but when the disputes arise, then where to look for evidence? This presentation will help you in this field.
Introduction to US Privacy and Data Security Regulations and Requirements (Se...Financial Poise
The United States has no federal data security or privacy law covering all businesses or all U.S. citizens. Instead, federal agencies and individual states have created their own patchwork of laws and regulations which must be evaluated for their application to a business.
This webinar will help you navigate the overlapping and sometimes confusing system of laws and regulations which may impact your business, ranging from emerging state-level privacy legislation to the numerous data breach notification statutes to cybersecurity regulations with extraterritorial effect.
To view the accompanying webinar, go to: https://www.financialpoise.com/financial-poise-webinars/introduction-to-us-privacy-and-data-security-regulations-and-requirements-2021/
Defining an IT Auditor,
IT Auditor Certifications & ISACA,
IT Audit Phases,
Preparing to be Audited,
How IT auditor audits an Applications,
Auditing technology for Information System.
Information Security Awareness
Tips to improve infosec awareness in any organization
To learn more visit http://www.SnapComms.com/solutions/employee-security-awareness
25th May 2018 marks the enforcement date of EU’s General Data Protection Regulation. This new regulation strives to increase privacy for individuals and penalize businesses in breach. The complexity organizations face in managing consumer data is driving the growth of privacy tech solutions that decisively address a slew of privacy compliance challenges.
Records Retention and Destruction Policies 2015Richard Austin
Overview of records retention and destruction policies including why have an RRDP, issues to consider in developing an RRDP and steps in developing an RRDP
The Top Skills That Can Get You Hired in 2017LinkedIn
We analyzed all the recruiting activity on LinkedIn this year and identified the Top Skills employers seek. Starting Oct 24, learn these skills and much more for free during the Week of Learning.
#AlwaysBeLearning https://learning.linkedin.com/week-of-learning
SkyLaw's submission to the Ontario Securities Commission regarding the proposed plan of arrangement involving Turquoise Hill Resources Ltd., Rio Tinto International Holdings Limited and Rio Tinto plc, pursuant to the provisions of the Business Corporations Act (Yukon).
The CFPB is currently seeking public comment on several proposed amendments to its final rules issued in 2013, which went into effect in January 2014. The comment period is open through March 16, 2015, so mortgage servicers, or any interested parties, still have about a month to chime in on the proposed amendments.
By now, servicers are all familiar with the final CFPB Rules promulgated in 2013 that modified the impact of the Real Estate Settlement Procedures Act (RESPA) and the Truth in Lending Act (TILA). In November 2014, the Bureau proposed amendments to those Rules. Several proposed amendments are noteworthy to those in the mortgage servicing industry:
An expansion of "borrower" to include successors in interest to collateral property. Specifically, for the purposes of Regulation X, the Bureau is proposing to define "successor in interest" in § 1024.31 as "a member of any of the categories of successors in interest who acquired an ownership interest in the property securing a mortgage loan in a transfer protected by the Garn-St Germain Act." (See 12 U.S.C. § 1701j-3(d).) The expansion would include situations where the collateral property is transferred as a result of divorce. The effect of this would be that, for all intents and purposes of Regulation X, any successor in interest would now be considered a borrower.
UK Adjudicators September 2019 newsletter discussing construction adjudication around the world with a look at the UK, Singapore and Australia in this edition.
All product and company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
A copy of the lawsuit filed by the city of Pikeville against cable provider Suddenlink, alleging the company is in default on penalties owed due to violations of its franchise agreement with the city.
This operational audit of the City of Winter Springs (City) focused on selected City processes and
administrative activities. Our audit disclosed the following:
Finding 1: The City continues to incur fines and penalties for wastewater treatment violations.
Finding 2: The City should improve its water utility contract monitoring processes.
Finding 3: The City’s use of consent agendas to revise the project list provided to the public in advance
of the voter referendum approving the local government infrastructure sales surtax reduced transparency
by depriving the opportunity for public information and discussion. In addition, the City did not provide
for separate accountability of transferred sales surtax moneys.
Finding 4: Contrary to State law, the City did not estimate fees assessed to fulfill public records
requests requiring extensive information technology resources or clerical or supervisory assistance
based on actual costs. In addition, the City did not always promptly respond to public records requests.
Finding 5: Contrary to City ordinances, the City Manager had not established written uniform
purchasing policies and procedures, and the City did not always competitively procure goods and
services in accordance with City ordinances.
Finding 6: Although the City’s cardholder agreement requires purchase card (P-card) expenditures be
pre-approved by supervisory personnel, City records did not demonstrate that pre-approval was obtained.
In addition, the City had not established comprehensive P-card policies and procedures to provide
effective controls over the accountability and use of the cards.
Finding 7: The City experienced significant turnover in key management positions from April 2019
through February 2023.
Finding 8: The City needs to establish policies and procedures for communicating, investigating, and
reporting known or suspected fraud.
The Securities and Exchange Commission (“SEC”) just issued a press release announcing KBR, Inc. has its “first enforcement action against a company for using improperly restrictive language in confidentiality agreements with the potential to stifle the whistleblowing process.”
At issue, was KBR, Inc.’s standard practice of requiring employees interviewed in internal investigations to sign confidentiality statements with the following language:
“I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department. I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.”
The SEC found those terms violated Rule 21F-17, which prohibits companies from taking any action that would impede whistleblowers from reporting possible securities violations to the SEC.
In addition to agreeing to pay a fine of $130,000, KBR, Inc. also agreed to amend its standard confidentiality statement signed by employees interviewed during an internal investigation to read as follows:
“Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such reports or disclosures and I am not required to notify the company that I have made such reports or disclosures.”
To read more visit www.WinWinHR.com
The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) is an Act of the Indian Parliament (No 21 of 2000) notified on 17 October 2000. It is the primary law in India dealing with cybercrime and electronic commerce. It is based on the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model) recommended by the General Assembly of United Nations by a resolution dated 30 January 1997.
The Artificial Intelligence World: Responding to Legal and Ethical IssuesRichard Austin
The presentation examines the legal and ethical issues that Facial Recognition Systems and Autonomous and Self-driving Vehicles present then looks at organizational, regulatory and individual tools available to respond to these issues.
An examination of the legal and ethical issues that the use of Artificial Intelligence products and services presents to lawyers including by reference to the American Bar Association's Model Rules of Professional Conduct.
Intermediary Accountability in the Digital AgeRichard Austin
Examination of the accountability of Internet Intermediaries with a focus on Online Reputation, Cambridge Analytica and Facebook and Competition issues
Ai on the case legal and ethical issues (may 17 2019)Richard Austin
Presentation on the legal and ethical issues that the use of Artificial Intelligence products and systems presents for lawyers including discussion of ABA Model Rules of Professional Conduct
Knowing and managing what's been agreed the case for contract managementRichard Austin
This presentation, by Richard Austin and Eric Notkin, looks at: (i) the context of Contract Management - why it is becoming more important; (ii) the reasons for expectations' and performance gaps in contracts; and (iii) ideas and initiatives to improve Contract Management.
Use of audit clauses in information technology and outsourcing agreements including implications for the Cloud, OSFI Memorandum of February 29, 2012, control audits and CSAE 3416 Audits (Richard Austin and Ken Silverman)
This presentation reviews key provisions of source code escrow agreements including (i) how to define escrow deposits; (ii) the importance of verfication services; and (iii) definitions of release events. The presentation also considers other uses of escrow such as SaaS escrow. It concludes by looking at IP licenses under s. 365(n) of the U.S. Bankruptcy Code and under s. 65.11 of the recently amended Canadian Bankruptcy and Insolvency Act.
Protecting Third Party Information under FOI LegislationRichard Austin
Examination of the protection available for vendor confidential information in public sector procurements in light of client concerns for public accountability and disclosure (including under FOI legislation).