© 2015 Sherman & Howard L.L.C. TO B OR NOT TO B YOD Emily Keimig, Esq. 303-299-8240

Slides:

Advertisements

Similar presentations

Privacy Concerns in the Management of Today's Information Andrew B. Clauss, Esq. Partner, Brophy Clauss, LLC Don McLaughlin, Esq. Founder and CEO, Falcon.

Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Regulatory Issues in Campus Computing Privacy and Security in a Digital World Presented by David Gleason, Esq. University Counsel University of Maryland,

Springfield Technical Community College Security Awareness Training.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

Gramm-Leach-Bliley Act for Financial Aid Val Meyers Associate Director Michigan State University.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

Protecting Personal Information Guidance for Business.

© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

Privacy (or Data) Breaches - Examples South Carolina Department of Revenue Hackers got into the SCDOR’s computers, and stole information on up to 3.2 Million.

KDE Employee Training. What IS a Data Breach? Unauthorized release (loss or theft) of Sensitive or Confidential Data, such as PII, PHI, etc. On site or.

© 2010 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Emerging Risks in a Mobile.

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Steps to Compliance: Bring Your Own Device PRESENTED BY.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Developing a Records & Information Retention & Disposition Program:

Computer Security: Principles and Practice

1 ZIXCORP The Criticality of Security Dena Bauckman Director Product Management April 2015.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Privacy and Security Risks in Higher Education

In the Belly of the Breach: What Every In-House Counsel Needs to Know about Data Breach Response ACC International Legal Affairs Committee Legal Quick.

Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.

Eric J. Pritchard One Liberty Place, 46 th Floor 1650 Market Street Philadelphia, Pennsylvania (215)

INTELLECTUAL PROPERTY TRADE SECRETS COPYRIGHTS PATENTS.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Social.

Security and Privacy Strategic Global Partners, LLC.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

2 September 2015 Building Scalable Insurance Programs For Each Growth Stage of a Entrepreneurial Company.

ENCRYPTION Team 2.0 Pamela Dornan, Thomas Malone, David Kotar, Nayan Thakker, and Eddie Gallon.

© Copyright 2011, Vorys, Sater, Seymour and Pease LLP. All Rights Reserved. Higher standards make better lawyers. ® CISO Executive Network Executive Breakfast.

1 ZIXCORP The Criticality of Security Kevin Cloutier Oct 2015.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

New Identity Theft Rules Rodney J. Petersen, J.D. Government Relations Officer Security Task Force Coordinator EDUCAUSE.

The Privacy Symposium – Summer 2008 Identity Theft Resource Center Jay Foley, Executive Director Presents: Privacy: Pre- and Post-Breach © Aug 2007.

Legal Counsel to the Financial Services Industry PRIVACY AND DATA SECURITY: UNDERSTANDING THE LEGAL FRAMEWORK November 19, 2010 Presented by: Donna L.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Energize Your Workflow! ©2006 Merge eMed. All Rights Reserved User Group Meeting “Energize Your Workflow” May 7-9, Security.

Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.

1 PARCC Data Privacy & Security Policy December 2013.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.

Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.

Chapter 4: Laws, Regulations, and Compliance

New EU General Data Protection Regulation Conference 2016 Managing a Data Breach Prevention-Detection-Mitigation By Gerard Joyce Dun Laoghaire Feb 24 th.

QIP Education Session INFORMATION SECURITY Joseph Zurba Information Security & IT Compliance Officer Harvard Medical School February 16, 2015.

CYBER SECURITY & ITS IMPACT ON FINANCIAL STATEMENTS AUDITS BOB WAGNER TUESDAY, NOVEMBER FLORIDA SCHOOL FINANCE OFFICERS ASSOCIATION CONFERENCE.

Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

BlueCross BlueShield of Tennessee, Inc., an Independent Licensee of the BlueCross BlueShield Association. This document has been classified as public Information.

IRS Resources for Payroll Professionals & IRS Combats ID Theft with the Help of Payroll Professionals June 16, 2016 Nora Huffman.

1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.

Ben Roach Telephone: (515) | Facsimile: (515) | Walnut, Suite 1600 | Des Moines, IA | (515)

Law Firm Data Security: What In-house Counsel Need to Know

Combating Identity Fraud In A Virtual World

E&O Risk Management: Meeting the Challenge of Change

Chapter 3: IRS and FTC Data Security Rules

Agenda Consumer ID theft issues Data breach trends Laws and regulations Assessing and mitigating your risk.

Privacy & Access to Information

Protecting Personal Information Guidance for Business.

Red Flags Rule An Introduction County College of Morris

Cyber Trends and Market Update

Digital $$ Quiz Test your knowledge.

CompTIA Security+ Study Guide (SY0-401)

Privacy Policy the Law….

Anthem Data Breach Group 2: Jing Jiang, Dongjie Wang, Haitao Huang, Binju Gaire, Parneet Toor.

Colorado “Protections For Consumer Data Privacy” Law

Presentation transcript:

© 2015 Sherman & Howard L.L.C. TO B OR NOT TO B YOD Emily Keimig, Esq

© 2015 Sherman & Howard L.L.C. BYOD: ITS BENEFITS AND RISKS

© 2015 Sherman & Howard L.L.C. BENEFITS Save on the cost of devices Employee comfort level Employee productivity Employee convenience Efficiency of communication Simple reimbursement polices

© 2015 Sherman & Howard L.L.C. RISKS Your Whole Company – Intellectual Property – Financial Records – Trade Secrets – Business Plans – Building and Construction Plans – Employee PII – Third Party PII – Statutory Requirements Remediation, Reporting and Clean Up Efforts

© 2015 Sherman & Howard L.L.C. THE LEGAL PATCHWORK OF DATA PROTECTION Payment Card Industry Standards Consumer Data (FTC; California; VPPA; Cable Act) Health Information (HIPAA) Financial Institutions (Gramm-Leach-Bliley Act) Reporting Requirements (Variation from state to state) FCRA Common Law Claims (invasion of privacy; breach of contract; fraud; unjust enrichment)

© 2015 Sherman & Howard L.L.C. ASIDE FROM THE LAWS, VALUING DATA Trade Secrets Confidential Information Customer Lists Financial Information PII Health Information

© 2015 Sherman & Howard L.L.C. REASONABLE/UNREASONABLE SECURITY MEASURES In the business of data – Comprehensive policies and procedures – Administrative, technical, physical safeguard – Legal Review – Executive and Director involvement – Risk Assessment

© 2015 Sherman & Howard L.L.C. REASONABLE/UNREASONABLE SECURITY MEASURES Intellectual Property/Trade Secrets – “Reasonable” changes over time – Non-disclosure agreements – “Warnings” – Training

© 2015 Sherman & Howard L.L.C. WHAT DO WE USE ODs FOR? Personal and business communication of all types

© 2015 Sherman & Howard L.L.C. Attached data can include documents, spreadsheets, pictures, drawings, text

© 2015 Sherman & Howard L.L.C. TEXTING OR MESSAGING All can now accommodate pictures and videos

© 2015 Sherman & Howard L.L.C. SOCIAL MEDIA AND RELATED APPS Facebook, Twitter, LinkedIn, Instagram, Snapchat

© 2015 Sherman & Howard L.L.C. Use of ODs Will Only Expand Business Insider. February 5, :15 p.m.

© 2015 Sherman & Howard L.L.C. WHO SHOULD YOU BE WORRYING ABOUT AND WHY? Third-party thieves or hackers Anyone with access to the information

© 2015 Sherman & Howard L.L.C. SMARTPHONES ALONE Consumer Reports. May, – About 3.1 million American consumers were victims of smartphone theft in 2013 – Double 2012 – About 1.4 million smart phones lost and never recovered

© 2015 Sherman & Howard L.L.C. DATA ABOUT DATA SECURITY AND BREACHES Hard to know about the non-Sonys, non-Targets of the world Reportable versus non-reportable breaches mean many data breaches are never disclosed or reported in statistics 40-70% caused by employees

© 2015 Sherman & Howard L.L.C. THE ROLE OF EMPLOYEES Bad actors or victims? Possibly both

© 2015 Sherman & Howard L.L.C. WHAT CAN YOU DO TO MITIGATE THE RISKS AND COSTS? BYOD policy Limit access Remote wipe ability Encryption Short lock out times Security software Cybersecurity Insurance

© 2015 Sherman & Howard L.L.C. TO B OR NOT TO B YOD Emily Keimig, Esq