Presentation is loading. Please wait.

Presentation is loading. Please wait.

TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-1 6. Ensuring Privacy AICPA-CPA Canada Privacy Definition “the rights and obligations of individuals.

Published byBrianne Robertson Modified over 9 years ago

Similar presentations

Presentation on theme: "TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-1 6. Ensuring Privacy AICPA-CPA Canada Privacy Definition “the rights and obligations of individuals."— Presentation transcript:

1 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-1 6. Ensuring Privacy AICPA-CPA Canada Privacy Definition “the rights and obligations of individuals and organizations with respect to the collection, use, retention, disclosure, and disposal of personal information” AICPA – CPA Canada developed Generally Accepted privacy Principles as an international privacy standard. GAPP is a compendium of global best practices Management Notice Choice and Consent Collection Use and Retention Access Disclosure Security Quality Monitoring and Enforcement

2 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-2 6. Ensuring Privacy The United States respondents ranked Privacy higher than Canadian respondents. Canada has had national privacy legislation since 2001-2004 Most Canadian businesses have addressed privacy Canada’s privacy legislation does not include robust sanctions and penalties Has a privacy policy that addresses the requirements and risks appropriate to our size of organization and industry Good understanding of the appropriate privacy regulatory and compliance for our size of organization and industry Has put the appropriate privacy safeguards and controls in place to minimize our risk of a privacy breach. 66% 65% 60%

3 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-3 6. Ensuring Privacy Canada’s Privacy Legislation June 2013

4 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-4 6. Ensuring Privacy USA Privacy Legislation Sectorial legislation (GLB, HIPAA, COPPA) Security over Personal Information Breaches (CA-SB 1386, AB- 1750) Federal Trade Commission – FTA -Fraudulent and Deceptive Business Practices Harsh Penalties Commonwealth of Massachusetts - STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH 17.01: Purpose and Scope 17.02: Definitions 17.03: Duty to Protect and Standards for Protecting Personal Information 17.04: Computer System Security Requirements 17.05: Compliance Deadline

5 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-5 Access to Own Personal information Denying 41 patients’ access to their medical records HIPPA Violation Fine – $4.3 Million 6. Ensuring Privacy

6 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-6 6. Ensuring Privacy Biannual independent audit of security program to determine if it adequately protects consumer information Implement a comprehensive security program Failure to provide reasonably appropriate security The order is in effect for 20 years March 11, 2011

7 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-7 Regular independent privacy audit for the next 20 years Implement a comprehensive privacy protection program Honor commitments in your privacy notice Violations of the US-EU Safe Harbor Agreement 6. Ensuring Privacy March 30, 2011

8 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-8 7. Managing Systems Implementation The Concept of SDLC (Systems Development Lifecycle) is well established The Scope of SDLC has Increased to Include Governance issues such as strategic alignment, enterprise enabling capabilities Needs Identification Business Case Business Process Review Deign Development Test Update Policies-Procedures Update Forms, Screens, etc. Data Conversion Systems Implementation Post Implementation Review SDLC has changed with ERP Systems such as Oracle, PeopleSoft and SAP

9 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-9 7. Managing Systems Implementation Is properly analyzing the value (e.g. return on investment (ROI), value analysis, net payback, etc.) of IT-related projects Has the proper project governance controls in place to ensure implementation -related decision- making is in accord with the project’s overall goals & objectives Knows how to develop a strong business case for IT-related projects 26% 44% 45% 48% Creating appropriate testing scenarios to ensure that the system will meet the needs of the organization’s operational processes

10 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-10 7. Managing Systems Implementation Providing appropriate training and documentation to users on the new/ upgraded system Adequately analyzing and documenting key business requirements for IT-related projects 50% 51% 56% 57% Strong alignment between the organization’s strategic goals and alignment between IT-related projects and the organization’s strategic goals Ensuring the quality and integrity of data during the implementation of a new or upgraded system

11 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-11 7. Managing Systems Implementation Best Practices in SDLC Were Developed Decades Ago The Survey Identified that Except for: New System’s Alignment with Strategic Objectives Ensuring Data Quality and integrity During Implementation The Requirements of All Other Implementation Activities Surveyed Were Less Than 50% They Have Been Well Documented and Well Publicized Clearly Significant More Attention Needs to be Paid to Ensure that Recognized Systems Implementation Standards and Practices are Adopted

12 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-12 8. Leveraging Emerging Technologies Leading Edge vs. Bleeding Edge Fast Follower vs. Early Adopter Dealing With Emerging Technologies is a Way of Life For IT Professionals BYOD – Bring your own device Tablets and mobile computing Cloud computing Mobile apps Social networks RFID-NFC – Radio frequency identification & near-field communications Big data Security IT governance Green computing

13 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-13 Social Networks / Social Media Why is it Important? Facebook and other public social networks are already an important part of many individuals’ lives outside their corporate lives Increasingly social networks are being used by businesses and government as a means of communications News broadcasters and law enforcement are aggressively switching to social networks as a means of obtaining and sharing information The use of on-line communities involving customers is also being used to develop customer insights and to encourage customer loyalty Within organizations, social networks are being used to support the development of teams and communities of practise

14 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-14 8. Leveraging Emerging Technologies Social Media Issues Source: TC Business 2013-03-23 Off Topic Blogs

15 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-15 8. Leveraging Emerging Technologies Social Media Issues Inappropriate Postings April 2, 2013 A report from the Securities and Exchange Commission clears companies to use social media outlets like Facebook and Twitter to announce key information, provided that investors have been alerted about which social media will be used “One set of shareholders should not be able to get a jump on other shareholders just because the company is selectively disclosing important information,” said George Canellos, acting director of the SEC’s Division of Enforcement. The SEC’s inquiry into a post by Netflix CEO Reed Hastings on his personal Facebook page stating that Netflix’s monthly online viewing had exceeded 1 billion hours for the first time. Netflix did not report this information to investors through a press release or Form 8-K filing

16 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-16 8. Leveraging Emerging Technologies Is ahead of its competitors with regards to identifying and leveraging emerging technology 25% 29% Has the appropriate staff and resources to support new revenue or cost reduction opportunities related to IT Has the appropriate resources in place with the experience and capabilities to manage a vendor supported emerging technology environment 34% Understands and is appropriately managing the risk associated with emerging technologies 41%

17 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-17 8. Leveraging Emerging Technologies 43% Has the necessary knowledge to identify new revenue or cost reduction opportunities related to IT. Has access to resources (e.g. training, consultants, internal staff/knowledge) to enable our staff to leverage new technologies 49% Believes that emerging technology, either by leveraging or not leveraging, will be a major factor in determining the success of the organization in the near future 58% 60% Has the financial resources (e.g. capital, credit) to support adoption of emerging technologies

18 TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-18 8. Leveraging Emerging Technologies They Know Emerging Technologies Are Important Have the Financial Resources 58% 60% Have the appropriate staff and resources Have appropriate experience and capabilities 25% 34% Understands and appropriately managing the risk 41% Key Messages Are They Capitalizing?

Download ppt "TOP 10 TECHNOLOGY INITIATIVES © 2013 - Robert G. Parker S-1 6. Ensuring Privacy AICPA-CPA Canada Privacy Definition “the rights and obligations of individuals."

Similar presentations

Mobile Payments and the FTC Manas Mohapatra Director of Mobile Policy Mobile Technology Unit Federal Trade Commission The views expressed are not necessarily.

Mobile Payments and the FTC Manas Mohapatra Director of Mobile Policy Mobile Technology Unit Federal Trade Commission The views expressed are not necessarily.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Freshfields Bruckhaus Deringer LLP Global investigations What to advise your board Marius Berenbrok Edward Braham Matthew Herman Melissa Thomas 29 February.

Freshfields Bruckhaus Deringer LLP Global investigations What to advise your board Marius Berenbrok Edward Braham Matthew Herman Melissa Thomas 29 February.
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.

Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.
Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.

Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.
Social Media in the Physician Practice Setting. Objectives 1. Review the types of social media available for communication with patients. 2. Explain the.

Social Media in the Physician Practice Setting. Objectives 1. Review the types of social media available for communication with patients. 2. Explain the.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
THE RIGHT TECHNOLOGY IN INVESTOR RELATIONS: WHAT TO DO ONLINE? THOMSON REUTERS Alex Ménage Head of Business Development Corporate Services Rapidly Developing.

THE RIGHT TECHNOLOGY IN INVESTOR RELATIONS: WHAT TO DO ONLINE? THOMSON REUTERS Alex Ménage Head of Business Development Corporate Services Rapidly Developing.
Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA 2014. The policy advocacy and regulatory work of the GSMA Mobile Money team.

Code of Conduct for Mobile Money Providers 6 November 2014 All material © GSMA The policy advocacy and regulatory work of the GSMA Mobile Money team.
Presented By: Donna Denker, CPA Donna Denker & Associates.

Presented By: Donna Denker, CPA Donna Denker & Associates.
SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT.

SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT.

Similar presentations

Ads by Google