FILE NUMBER Kent Grey, Partner 1 June 2012 Technology in Governance Risk-intelligent approach to the use of technology “in the Boardroom”

Slides:

Advertisements

Similar presentations

Zubulake v. UBS Warburg LLC “Zubulake IV”

Advertisements

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

Gaucho Round-Up FAQ’s This presentation covers some of the FAQ’s about campus clean-up day. Presentation #4 2/3/

Litigation Holds: Don’t Live in Fear of Spoliation Jason CISO – University of Connecticut October 30, 2014 Information Security Office.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.

Information & Compliance UL University of Limerick & UL employees obliged to comply with certain legislation, including: Freedom of Information.

PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.

Training Session January 7,  Background on the Policy (Juan)  Policy Roll-out Process (Pattie)  Records Management Self-Assessment (Amanda and.

Retention How State and Federal policies can impact local districts.

John L. Baines OIT Security and Compliance Retention: Preserving Public Records.

Records Management What to Keep and What to Toss.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

BC Freedom of Information and Protection of Privacy Act

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Developing a Records & Information Retention & Disposition Program:

1 Record Management Medical Center Administrative Group Fall Symposium November 15, 2000 University Audit.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Have Records? Have ? What to Keep, What to Delete, and How to do each Jim Corridan, Director Indiana Commission on Public Records Heather Willis.

New Data Regulation Law 201 CMR TJX Video.

Data Access and Data Sharing KDE Employee Training Data Security Video Series 2 of 3 October 2014.

Protected Health Information (PHI). Privileged Communication An exchange of information between two individuals in a confidential relationship. (Examples:

Compliance and Regulation for Mobile Solutions Amanda J. Smith Messick & Lauer, P.C. May 16, 2013.

Archiving Records Offsite Using the State Records Center (SRC)

Copyright© 2010 WeComply, Inc. All rights reserved. 9/19/2015 Record Management.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

1 Ethics For the Employee Benefits Agent.  Ethics – defined as a principle of right or good conduct; a system of moral principles or values; the rules.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

fact sheet (07/03/2007) 1 ARE ARCHIVING SOLUTIONS RECORDKEEPING SOLUTIONS? 7 th March 2007 Stephen Clarke Government Recordkeeping Programme.

Module 9 Configuring Messaging Policy and Compliance.

Ecords Management Records Management Paul Smallcombe Records & Information Compliance Manager.

Archiving s. How to Manage Auto-Archive in Outlook Your Microsoft Outlook mailbox grows as you create and receive items. To manage the space.

© Copyright 2011, Vorys, Sater, Seymour and Pease LLP. All Rights Reserved. Higher standards make better lawyers. ® CISO Executive Network Executive Breakfast.

Big Data Bijan Barikbin Denisa Teme Matthew Joseph.

Dangerous Documents. Legal Compliances State and federal laws Contractual obligations Subject to an affirmative legal duty to establish and maintain certain.

Module 9 Configuring Messaging Policy and Compliance.

Module 7 Planning and Deploying Messaging Compliance.

Project MED INF 403 DL Winter 2008 Group 3. Group Members Michael Crosswhite Maureen Farrell Julia Hernandez R Steven McDonald Jennifer Ogg David Robbins.

Elected Officials and Health Department Records Indiana Public Health Foundation February 27, 2008.

Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.

Managing Electronic Mail ( ) Audrey Terry KDLA.

CITY OF PHOENIX RECORDS MANAGEMENT AND E-PRIVACY Margie Pleggenkuhle City Clerk Department March 18, 2004.

Records Management and You!. Your responsibilities as a Government of Canada employee.

DEVELOPING A PERSONALLY CONTROLLED HEALTH RECORD (PCHR) USING MICROSOFT VISUAL C# SESSION 9 SUMMARY.

Scientific data storage: How are computers involved in the following?

Information Management (IM) 101. What you need to know about IM, in a nutshell.

Protection of Personal Information Act An Analysis on the impact.

Electronic Records Management Alan Cameron Records Management Consultant.

TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,

University of Kentucky Records Management Tutorial Taking responsibility for the records you create and managing their life-cycles.

Building an Effective Paperless Records Management Governance Structure BADM 559 Enterprise IT Governance Professor Michael Shaw By Moh’d A. Obeidat 12/15/2008.

Handling Personal Data & Security of Information Paula Trim, Information Officer, Children’s Strategic Services, Mon – Thurs 9:15-2:15.

Retention Breakout Session

Protecting PHI & PII 12/30/2017 6:45 AM

UW-Madison Guidelines for Managing the Records of Departing Employees*

Mysale Information Classification 101

Privacy & Confidentiality

Information Security Seminar

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

ICN Cartel Working Group SG-1

Mysale Information Classification 101

1.2 Types of information storage media

HIPAA Overview.

Records Retention and Its Effects on Discovery

Good Spirit School Division

Is your medico-legal practice GDPR compliant?

Presentation transcript:

FILE NUMBER Kent Grey, Partner 1 June 2012 Technology in Governance Risk-intelligent approach to the use of technology “in the Boardroom”

Overview What is “technology in the Boardroom”? iPads Tape recorders/electronic recording devices Legal requirements for company record keeping Benefits of technology in Boardrooms Issues to consider Tips/traps

Company Records – Corporations Act 2001 Requirement to keep minute books – s251A Requirement to keep written financial records – s286 Electronic copies of company records are compliant if: secure from unauthorised access, theft, damage, destruction and falsification can be reproduced in a hard copy on demand can be accessed by those entitled to it (s1306) A person must not conceal, destroy, mutilate or falsify company records (s1307)

Benefits of technology “in the Boardroom” Desirability and inevitability of technology “in the boardroom” driven by: Portability Ease of storing, accessing, searching board papers Rapid, timely dissemination of board papers (including updates) Convenience of access Cost savings/environmental considerations Implications are not just “in the boardroom”, but before and after the boardroom: company secretarial practices directors’ duties

Status of the Law Law lagging behind technology Use of technology in boardrooms largely untested by Courts limited guidance on electronic recordings Adverse implications might take some time to emerge Best practice tip: implement company policies outlining acceptable uses of technology in Board context

Security & confidentiality Materials sent outside the company: to private/personal addresses to other companies’ addresses Lack of external security measures Materials in “possession, custody, power” of other companies Materials captured by other companies’ systems Materials subject to other companies’ document retention policies and security measures (or lack thereof).

Security & confidentiality How confidential is the material? What is the commercial damage, if materials fall into wrong hands? Does the company lose important legal protections? ASX Listing Rule 3.1A.2 (ie; the “confidentiality” exception to continuous disclosure) Legal Professional Privilege Should you restrict ability to save locally or print materials? Best practice: encryption, security measures

Directors’ duties Centro case (ASIC v Healey & Ors (2011)) “It is the Board’s responsibility to determine the information that it requires or does not require” Directors’ defence relied on volume and complexity of information supplied to board Court held: Board has ability to control amount and format of information received Directors are required to take into account all the information they receive, when performing their duties.

Presentation & delivery of information Be wary of exponential increase in volume of information provided for Board’s review Be mindful of how information is conveyed; content presentation accessibility Are these best not provided in electronic form? documents with links to other documents financial spreadsheets information in larger-than-A4 format (maps, charts)

Reliability of access to electronic materials Directors (and ex-directors) have some rights to access board papers: common law Corporations Act (s198F, s290) contract (deeds of access, indemnity & insurance) Implement appropriate data protection measures: security back-up/redundancy DRP Best practice tip: retain one hard copy of board papers and minutes.

Return of Board materials Policies requiring return of board materials after meetings Deletion from iPads may be problematic: backup storage on local devices; cloud computing ongoing security/confidentiality risks Litigation risk (discovery)

Directors’ notes & annotations Increasingly important to demonstrate discharge of directors’ duties duty of care and diligence – s180(1) Business Judgment Rule - s180(2) Personal property of director(?) Not automatically company “property” (but may be in company’s possession, custody or power) Company policies on retention of annotations for future evidentiary purposes Discoverability of annotations on board papers.

Tape recording board meetings Use of tape recordings in board meetings: by company secretary/minute-taker by participants at the meeting Listening and Surveillance Devices Act 1972 (SA) consent required to electronically record private conversations exception: for protection of a “lawful interest” Alliance Craton Explorer v Quasar Resources (2010)

Conclusion: Tips for use of technology It is good governance and best practice to: Consider “user-friendly” formatting Ensure manageable volume of materials is distributed don’t bombard directors with too much information Ensure management of materials remains professional don’t make late changes, just because they can be distributed easily at the last minute Give directors a choice as to medium of delivery of materials financials, spreadsheets & maps may be better in hard copy