CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.

Slides:

Advertisements

Similar presentations

International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry.

Advertisements

HIPAA Privacy Rule Training

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.

Information Risk Management Key Component for HIPAA Security Compliance Ann Geyer Tunitas Group

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

NARUC/NIGERIA REGULATORY PARTNERSHIP Peer Review Presented by Elijah Abinah Assistant Director Public Utilities Division Arizona Corporation Commission.

Fiducianet, inc. tm 1 Presented by H. Michael Warren, President fiducianet, inc. VoIP Technology Perspectives Law Enforcement Concerns & CALEA Compliance.

The Office of Information Technology Information Security Administrator Kenneth Pierce, Vice Provost for IT and Chief Information Officer.

Policing the Internet: Higher Education Law and Policy Rodney Petersen, Policy Analyst Wendy Wigen, Policy Analyst EDUCAUSE.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

Data Privacy: Third Parties, Vendors, & Nonprofits Baron Rodriguez (PTAC), Michael Hawes (DoED), & Mike Tassey (PTAC)

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

Implementing and Enforcing the HIPAA Privacy Rule.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Fraud, Waste & Abuse DEFICIT REDUCTION ACT OF 2005 Presented by: MARCH Vision Care, 2013.

RJC Certification - (COP 9) Bribery and Facilitation Payments Training Module – March 2014.

COMPLYING WITH HIPAA BUSINESS ASSOCIATE REQUIREMENTS Quick, Cost Effective Solutions for HIPAA Compliance: Business Associate Agreements.

1 HIPAA Security Overview Centers for Medicare & Medicaid Services (CMS)

CALEA Discussion EDUCAUSE MARC Conference Wilson Dillaway, Tufts University Doug Carlson, New York University January 18th, 2007.

CALEA Discussion Network Policy Council February 4, 2007.

Tony Dempster Herbert Smith LLP, Partner Claims Management.

Evolving IT Framework Standards (Compliance and IT)

Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.

HIPAA PRIVACY AND SECURITY AWARENESS.

HIPAA COMPLIANCE WITH DELL

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

041025_1 Your World-Class IT Business Solution _2 Bolt Networks, Inc. Providing you with world-class service and total technology solutions.

Working Effectively with Law Enforcement: How to Protect the Privacy of Your University Community Without Going to Jail Michael Corn Director, Security.

Integrating HIPAA Into Your Compliance Program Fifth Annual National Congress on Health Care Compliance February 7, 2002 Glenna S. Jackson Vice President.

Agenda Welcome – Don Welch Introduction to CALEA – Mary McLaughlin Non-CALEA Assistance Obligations – Beth Cate CALEA Update – Matt Brill Making the Compliance.

CALEA Market Overview Robert Golden Chief Research Officer Merit Network CALEA and Beyond January 31, 2007.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

CALEA Discussion Internet2 Joint Techs July 19, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University

Risk Management, Assessment and Planning Committee III-4.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.

Sridhar Ramachandran Chief Technology Officer Core Session Controller.

CALEA Status Overview Common Solutions Group September 20, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University.

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

CALEA Communications Assistance for Law Enforcement Act Current Campus Perspective of Implementation Issues November 17, 2005 Doug Carlson – New York University.

CALEA Discussion Institute for Computer Policy and Law June 28, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University.

HIPAA BASIC TRAINING Presented by Anderson Health Information Systems, Inc.

Engineering Essential Characteristics Security Engineering Process Overview.

CALEA IMPLEMENTATION IN VoIP NETWORKS By Cemal Dikmen, Ph.D. General Manager Lawful Intercept Products SS8 Networks, Inc. Thursday - 02/24/05, 8:15-9:00am.

Rhonda Anderson, RHIA, President  …is a PROCESS, not a PROJECT 2.

October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.

The Internet of Things and Consumer Protection

Managing Records: Good government, Better business. FOI Presentations to Boards & Committees Cayman Islands National Archive November 2008.

Session 7 Compliance failure policy. 1 Contents Part 1: COLP and COFA duties Part 2: What do we have to comply with and why does it matter? Part 3: Compliance.

May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

Flowers Hospital General Compliance Training-Students 2013.

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

Introduction to ITIL and ITIS. CONFIDENTIAL Agenda ITIL Introduction  What is ITIL?  ITIL History  ITIL Phases  ITIL Certification Introduction to.

The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law

The Law Offices of Sheila Deselich Cohen. Generally subject to the Employee Retirement Income Security Act of 1974 (“ERISA”). Two main types of plans:

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

What is HIPAA? Health Insurance Portability and Accountability Act of HIPAA is a major law primarily concentrating on the prolongation of health.

Junli M. Awit, RN.  Enacted by President Bill Clinton in 1996  Title I of HIPAA protects health insurance coverage for workers and their families when.

HIPAA Privacy Rule Training

Surveillance around the world

Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.

Laws Relating to Accreditation, the use of NGABs, and Enforcement

2016 Annual CPNI Training CPNI & PI Awareness Beth Slough,

EDUCAUSE Security Professionals Conference 2018 Jason Pufahl, CISO

Presentation transcript:

CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006

Protect the privacy of their subscribers –Only disclose records or provide technical assistance that is supported by valid legal process –Properly manage the provisioning of electronic surveillance Assist subscribers who are victims of harassing and annoying calls –Address the customer’s concern –Provide a pathway to resolution –Act only in accordance with the law Protect the network from unlawful access and fraudulent use Service Providers’ Responsibilities

Comply with ELSUR Law and CALEA –Develop & Implement policies and procedures supporting ELSUR Keep detailed records of all interceptions. Implement measures to ensure the secrecy of interceptions Prevent unauthorized interceptions. –Designate a senior manager responsible for intercepts, and available to assist law enforcement 24/7. –Deploy CALEA compliant technology Trusted Third Party Legal Compliance Solutions fulfill all of the service provider’s responsibilities Service Providers’ Responsibilities

Trusted Third Party Record Production Management: –Receives legal process as “Agent”: Validate and clarify scope of demands –Retrieves & produces information, Toll/CDR: Certifies the authenticity of records produced –Acts as custodian of records produced: Provides testimony as required –Fully compliant and auditable process Manage Service Providers’ CALEA Compliance Program –Contract with Service Provider as “Agent”: Provide 24/7 LEA support Receive, validate and clarify scope of legal demands –Develop and Manage lawful intercept function Legal Compliance: Trusted Third Party Approach

Legal Compliance: Technical Assistance Technical assistance to LEA’s (CALEA compliance) –Review of provider’s compliance Assess current compliance and recommend solutions 24/7/365 LEA Support for Lawful Intercept –Manage the provider’s CALEA Compliance Program Contract operation of provider owned system –Remote provisioning & operation of CALEA /LI Systems –On-site Technical Assistance –Transition to carrier management –Health and status monitoring of provisioned circuits & LI systems Provide just in time mobile intercept capability –Custodian of Record for intercept information as required by CALEA & ELSUR Law Testify as necessary

PSTN CALEA Compliant VoIP Solution MTA Target CMTS LEA Softswitch Media Gateway Associate Mediation VPN Provisioning Link Provisioning Link is not established during intercept. Central Office VPN Centralized

Outsourcing Compliance: Why Carriers Do It Automation can help contain costs & maintain efficiency –Must access and retrieve information from a wide array of records keeping systems Billing, customer care and/or subscriber databases, call detail records (CDR) aggregation points Few carriers have been able to benefit from the efficiencies of a centralized records retrieval /subpoena mgt system –Why develop a new platform for non-revenue generating yet critical function? Too costly to build and maintain infrastructure for non-essential, non-core part of the business Automation is the key to Trusted Third Party Provider’s efficiency

The FCC, and Congress and the Courts for that matter, will not permit law enforcement to lose one of its most critical investigative techniques. Trusted Third Party Providers offer a cost effective alternative to building the legal compliance infrastructure in house Next Steps

Summary CALEA Mandates policies & procedures for handling of legal process & technical assistance: –Must be filed with the FCC –Must be implemented to shield against liability Understand what information & access the LEA is entitled to regarding Customer Information or Call Data & Call Content What legal process is required (Subpoena / Court Order / Search warrant) Procedures in place & updated as law changes Train Staff and Audit work to ensure compliance and good faith defense Severe criminal & civil penalties are imposed for failure to exercise good faith –Must act only on valid legal process

Thanks for your attention... Questions…?

For more information contact… H. Michael Warren, Vice President Fiduciary Services (voice - direct) (fax) (mobile) at