Quick Quiz Identity Theft Protection and Your Law Firm.

Slides:

Advertisements

Similar presentations

Chapter 20 Legal Liability McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Advertisements

Red-Flag Identity Theft Requirements February 19th 2009 Cathy Casagrande, Privacy Officer.

Red Flags Rule BAS Forum August 18, What is the Red Flags Rule? Requires implementation of a written Identity Theft Prevention Program designed.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

ETHICS. Business Conduct  The Agent agrees to conform to all applicable federal, state and local laws in conducting business under this agreement.

Red Flag Rules: What they are? & What you need to do

HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.

©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

I.D. Theft Alaska’s New Protection of Personal Information Act Ed Sniffen Senior Assistant Attorney General Alaska Department of Law.

© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

Data Protection.

SC Identity Theft Act and Red Flag Rules Stephanie O’Cain, CPA Municipal Association of SC October 6, 2009.

Ethical Issues in Data Security Breach Cases Presented by Robert J. Scott Scott & Scott, LLP

1 The University of Texas at Tyler Protecting the Confidentiality of Social Security Numbers UTS165 Information Resources Use and Security Policy.

Orlando, Florida Prevention: The Legacy (Data) We Leave Behind Courtney M. Dunn Registered Patent Attorney, Senior Associate © 2011.

CIVIL & CRIMINAL LIABILITY Staff Development Emergency Operations Volunteer Training Legal Issues:

© Chery F. Kendrick & Kendrick Technical Services.

McGraw-Hill ©2010 The McGraw-Hill Companies, Inc. All rights reserved.

Practical Steps to Minimize Privacy Risks: Understanding The Intersection Between Information Management and Privacy Law Presented by Alexandria McCombs.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

Data Protection Act. Lesson Objectives To understand the data protection act.

4Chapter SECTION OPENER / CLOSER: INSERT BOOK COVER ART Intentional Torts Section 4.1.

© 2004 West Legal Studies in Business A Division of Thomson Learning 1 Chapter 52 Liability of Accountants and Other Professionals Chapter 52 Liability.

Investigating & Preserving Evidence in Data Security Incidents Robert J. Scott Scott & Scott, LLP

Veterinary Practice Law Quiz J EFFREY L. R OTH FEES & BURGESS, P.C. 213 Green Street Huntsville, Alabama Telephone  Facsimile

Electronic Records Management: What Management Needs to Know May 2009.

Kaplan University - Adjunct Professor Brian Tippens, J.D. - September 10, Legal Ethics – Unit Seven Fair Fees and Client.

HIPAA PRIVACY AND SECURITY AWARENESS.

Understanding the Fair and Accurate Credit Transaction Act, the “Red Flag” Regulations, and their impact on Health Care Providers Raising a “Red Flag”

© Chery F. Kendrick & Kendrick Technical Services, LLC.

I-9, Immigration, E-Verify Compliance Matters. Immigration Compliance Policy  The purpose of this policy is to comply with the U.S. Immigration Law by.

R ed F lag R ule Training for the Medical Industry © Chery F. Kendrick & Kendrick Technical Services.

PAB/ICAJ Seminar1 The Public Accountancy Board & The Institute of Chartered Accountants of Jamaica Sustaining the Knowledge of Public Accountants - Seminar.

© Copyright 2011, Vorys, Sater, Seymour and Pease LLP. All Rights Reserved. Higher standards make better lawyers. ® CISO Executive Network Executive Breakfast.

Privacy and the Civil Commitment Process Allyson K. Tysinger Assistant Attorney General June 4-5, 2008.

Data Protection Act AS Module Heathcote Ch. 12.

Unit 4: Electronic Documents and the Paperless Office.

Unit 5 Midterm Review. What are some of the components of the ABA?

Unit 2/3. Battleship Legal Ethics (Tests 2/3) Rules for Battleship I have a grid with ships (Two battleships (4x), two submarines(3x), five tugboats (2x))

Session 7 Compliance failure policy. 1 Contents Part 1: COLP and COFA duties Part 2: What do we have to comply with and why does it matter? Part 3: Compliance.

Session 8 Confidentiality and disclosure. 1 Contents Part 1: Introduction Part 2: The duty of confidentiality Part 3: The duty of disclosure Part 4: Confidentiality.

Handling of Advance Fees and IOLTA Accounts AILA Seminar – October 9, 2015 Donald M. Scheetz Assistant Disciplinary Counsel The Supreme Court of Ohio.

Is Your Background Check Process Compliant?. 2 © Copyright 2015 ADP, LLC. Proprietary and Confidential Information. Agenda Privileged & Confidential.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

Why Do You Need Legal Expenses Cover?.  In our daily activities, at times we find ourselves on the wrong side of the law. This is rather serious since.

HIPAA: Breach Notification By: Office of University Counsel For: Jefferson IRB Continuing Education September 2014.

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

 Online Miranda quiz Online Miranda quiz. The constitutional implications of custodial interrogation.

1 Identity Theft Prevention and the Red Flag Rules.

4Chapter SECTION OPENER / CLOSER: INSERT BOOK COVER ART Intentional Torts Section 4.1.

Health & Safety Management “and a few other things for your consideration”

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved Chapter 20 Legal Liability.

Unit 2/3. Battleship Legal Ethics (Tests 2/3) Rules for Battleship I have a grid with ships (Two battleships, two submarines, five tugboats) You have.

Identity Theft Presentation

Chapter 20 Legal Liability

Chapter 42 Liability of Accountants & Other Professionals

Data Protection Legislation

Chapter 3: IRS and FTC Data Security Rules

Red Flags Rule An Introduction County College of Morris

Clemson University Red Flags Rule Training

Privacy & Security ABC Family Practice.

Student Data Privacy: National Trends and Wyoming’s Role

Getting the Green Light on the Red Flags Rule

Presentation transcript:

Quick Quiz Identity Theft Protection and Your Law Firm

Disclaimer This quiz is intended for educational purposes only. Any information contained herein is provided “as is” and does not constitute legal advice, nor should it be used in lieu of competent legal counsel. Click anywhere to continue.

Instructions This five-minute quiz will determine how much you know about identity theft protection and your law firm. For each question, just click on the appropriate answer. Click anywhere to continue.

A.Narcotics Trafficking B.Identity Theft C.Padding Legal Fees Which of these illegal activities generates the most money on a global scale?

Sorry, that’s incorrect. The revenue from trafficking financial data has surpassed that of drug trafficking. – Secret Service, March 2007 What’s more, increasing levels of identity theft, continuing illegal immigration, the high cost of healthcare, and the ongoing economic recession are likely to sustain the rapid expansion of the black market for personal identity data in the future. Click anywhere to continue.

You’re Right! Click anywhere to continue. The revenue from trafficking financial data has surpassed that of drug trafficking. – Secret Service, March 2007 What’s more, increasing levels of identity theft, continuing illegal immigration, the high cost of healthcare, and the ongoing economic recession are likely to sustain the rapid expansion of the black market for personal identity data in the future.

True or False? Since the FTC Red Flags Rule doesn’t apply to attorneys or law firms, I don’t need to worry about identity theft. A.True B.False

Sorry, that’s incorrect. Although attorneys have been tentatively excluded from the FTC Red Flags Rule, local, state, and federal legislation including HITECH, HIPAA, FACTA and others fully apply to attorneys. Furthermore, regardless of statutory requirements, failure to protect personal identity data, by either exposing or corrupting it, is increasingly leading to civil litigation. Click anywhere to continue.

You’re Right! Click anywhere to continue. Although attorneys have been tentatively excluded from the FTC Red Flags Rule, local, state, and federal legislation including HITECH, HIPAA, FACTA and others fully apply to attorneys. Furthermore, regardless of statutory requirements, failure to protect personal identity data, by either exposing or corrupting it, is increasingly leading to civil litigation.

True or False? Those with enough knowledge and influence can easily recover from identity theft. A.True B.False

Sorry, that’s incorrect. James is an identity theft victim in the southeastern United States, who was recently arrested because a criminal had stolen his identity and used his information with the police when being charged with a DUI. James’ wife was a clerk for a state Supreme Court Justice. She was able to get him out of jail, but she was not able to successfully correct his record in the many criminal databases. Several months later, James was arrested again. His wife, now an Assistant Attorney General of the state, was again able to free her husband, but not to completely correct his record. He and his wife expect that he will be arrested again in the near future. Click anywhere to continue.

You’re Right! Click anywhere to continue. James is an identity theft victim in the southeastern United States, who was recently arrested because a criminal had stolen his identity and used his information with the police when being charged with a DUI. James’ wife was a clerk for a state Supreme Court Justice. She was able to get him out of jail, but she was not able to successfully correct his record in the many criminal databases. Several months later, James was arrested again. His wife, now an Assistant Attorney General of the state, was again able to free her husband, but not to completely correct his record. He and his wife expect that he will be arrested again in the near future.

What percentage of data breaches are caused by human error? A.Less than 20% B.About 30% C.About 40% D.More than 50%

Sorry, that’s incorrect. More 50% of data breaches are a result of human error, and are therefore largely preventable at no or low cost through a combination of training and data security policies. Click anywhere to continue.

You’re Right! Click anywhere to continue. More 50% of data breaches are a result of human error, and are therefore largely preventable at no or low cost through a combination of training and data security policies.

True or False? Businesses/firms that suffer a data breach can reverse the damage by notifying their clients of the breach and providing credit monitoring services. A.True B.False

Sorry, that’s incorrect. Click anywhere to continue. Once a breach has occurred, it is practically impossible to prevent or reverse the damage to clients. They may be subject to multiple forms of identity theft, including drivers license, social security, medical, character/criminal and financial. Credit monitoring only addresses financial identity theft, and it generally cannot prevent future identity theft from occurring; it can only provide notification after the fact in many cases.

You’re Right! Click anywhere to continue. Once a breach has occurred, it is practically impossible to prevent or reverse the damage to clients. They may be subject to multiple forms of identity theft, including drivers license, social security, medical, character/criminal and financial. Credit monitoring only addresses financial identity theft, and it generally cannot prevent future identity theft from occurring; it can only provide notification after the fact in many cases.

True or False? There is no need to notify clients or customers of a breach unless required by the law. A.True B.False

Sorry, that’s incorrect. Even if not required by law to notify clients/customers of a breach, a company or firm can be held liable if its failure to provide notification results in additional damages. In addition, lawyers may have an ethical duty to notify clients of a breach. In cases where notification is legally required, violation of these laws can result in the suspension or revocation of attorney’s licenses. Click anywhere to continue.

You’re Right! Click anywhere to continue. Even if not required by law to notify clients/customers of a breach, a company or firm can be held liable if its failure to provide notification results in additional damages. In addition, lawyers may have an ethical duty to notify clients of a breach. In cases where notification is legally required, violation of these laws can result in the suspension or revocation of attorney’s licenses.

True or False? Even if I protect identity data that is under my direct control, I can still be held responsible for what happens after I pass it on to a third party. A.True B.False

Sorry, that’s incorrect. If you allow identity data to pass to a third party who does not have reasonable safeguards in place and has not complied with identity theft, data security, data destruction and privacy laws, you may be held responsible. This applies to custodial services, shredding services, data hosting/backup, copier/office equipment companies and more. Click anywhere to continue.

You’re Right! Click anywhere to continue. If you allow identity data to pass to a third party who does not have reasonable safeguards in place and has not complied with identity theft, data security, data destruction and privacy laws, you may be held responsible. This applies to custodial services, shredding services, data hosting/backup, copier/office equipment companies and more.

Which of the following steps, taken now, can protect your firm in the event of a breach? A.Training your staff on how to properly handle identity data. B.Enacting a written data security policy for all staff. C.Formally appointing an Information Security Officer for the firm. D.All of the above.

That’s partially correct. All of the steps listed may protect your firm in the event of a breach. The time to train your staff and adopt appropriate policies is now, before a breach occurs. The costs are extremely low, compared to the potential damages caused by a failure to safeguard personal identity information. Click anywhere to continue.

You’re Right! Click anywhere to continue. All of the steps listed may protect your firm in the event of a breach. The time to train your staff and adopt appropriate policies is now, before a breach occurs. The costs are extremely low, compared to the potential damages caused by a failure to safeguard personal identity information.

Identity Theft Protection Training from the South Carolina Bar On May 20, 2010, the SC Bar is offering a seminar and live webcast titled, “Identity Theft, Data Protection and Privacy: Obstacles and Opportunities for all Attorneys.” Don’t wait until a breach exposes you to liability. Take this opportunity to ensure that proper training and safeguards are in place in your firm. Identity Theft, Data Protection and Privacy: Obstacles and Opportunities for all AttorneysIdentity Theft, Data Protection and Privacy: Obstacles and Opportunities for all Attorneys Also coming in May 2010, look for compliance training seminars online from the SC Bar. You and your staff will learn how to protect client identity data from collection to disposal, insulate your firm from liability and comply with relevant state and federal legislation.