Presentation is loading. Please wait.

Presentation is loading. Please wait.

Yes. You’re in the right room.. Hi! I’m David (Hi David!)

Published byDamon Ross Modified over 9 years ago

Similar presentations

Presentation on theme: "Yes. You’re in the right room.. Hi! I’m David (Hi David!)"— Presentation transcript:

1 Yes. You’re in the right room.

2 Hi!

3 I’m David (Hi David!)

4 I’m a lawyer.

5

6

7 Today we’re going to talk about:

8

9

10 Major laws Legal guide Contract issues Toolkit Roadmap

11

12 Major laws Computer Fraud and Abuse Act - 18 USC 1030 Wiretapping – 18 USC 2511 Stored Communications Act (email) – 18 USC 2701 Destruction of communication devices – 18 USC 1362 Patriot Act – amends many laws RICO Foreign Intelligence Surveillance Act (FISA) Medical Computer Crime Act State laws

13 Major laws KnowledgeExceeding authorityInfrastructure that is not public / openDisclosure / retention of data

14

15 Major laws CFAA – up to 20 yearsSCA – 5 years in the absence of maliceWiretapping – 5 years

16 Major laws Penalty considerations Potential and actual loss Sophistication and planning involved Purpose of offense Intent Impact on privacy rights National security Interference with critical infrastructure Threat to public health

17

18 Legal guide ScopePermissionThird partiesAccess

19 Legal guide Scope What is the customer trying to protect? Systems to be protected Limitations on testing Types of information processed

20 Legal guide Permission Methods to be used Types of customers serviced Categories of information held Data to be retained Data to be purged

21 Legal guide Third parties Who are customer’s third party vendors? Does customer contract allow testing? Will you use third parties? Consider law enforcement and prosecutorial priories

22 Access Document data to which you have access Limit the number of employees who have access to data Create and implement access policies Require written notice Legal issues

23

24 Contract PermissionScope of accessIndemnificationTermination issues

25 Contract Permission and Scope of Access Customer grants Company full and unlimited access to the information and systems set out on the Statement of Work (Access). Access is only limited by the express statements set out in the Statement of Work. Company agrees to keep complete and accurate records of its activities related to Access. Company shall be entitled to produce these records should it be alleged that Company has exceeded the Access authorized by Customer. You must have express permission

26 Indemnification Customer hereby releases and agrees to indemnify and defend Company, and any and all directors, officers, employees, contractors and agents of Indemnitee (collectively, the “Indemnitees”) from and against any and all liabilities, claims, losses, damages, costs, and expenses, including reasonable attorneys’ fees arising out of or in any way relating to the activities set out on the Statement of Work. This indemnification obligation shall extend to claims brought by customers of Customer and any third party claiming injury of any sort from the activities set out in the Statement of Work. In addition, the indemnification obligation shall extent to any charges brought against Company by a law enforcement or regulatory entity of any type based on the activities contemplated in this Agreement. Contract Indemnification must be broad and extend to end users / law enforcement

27 Termination Contract Upon termination or expiration of this Agreement, Company shall delete all data and provide Customer with written confirmation of this deletion. Company shall also instruct any entities who have had access to the data to also delete it and provide Customer with written certification of this deletion. The security obligations set out in this Agreement relating to the data shall survive termination or expiration of this Agreement until such time as the data is completely deleted by Company. Company shall require this provision, or one similarly protective of Customer’s rights in all its contracts with suppliers or other vendors who provide aspects of the Services. Company may keep copies of data created pursuant to this Agreement, subject to this paragraph When agreement terminates, your rights terminate.

28

29 Toolkit Determine how services will be usedEvaluate customer’s data structure Understand end user’s data Determine the type of data you may retainHigh risk regulatory areasDisposition of data on termination

30 surveymonkey/source12

31 Thanks for coming! W:dsnead.com T: @wdsneadpc

Download ppt "Yes. You’re in the right room.. Hi! I’m David (Hi David!)"

Similar presentations

A GIA is a contract between a surety company and a contractor (or subcontractor)/principal. A GIA is a standard, typical document in the construction.

A GIA is a contract between a surety company and a contractor (or subcontractor)/principal. A GIA is a standard, typical document in the construction.
THE ROLE OF INSURANCE REQUIREMENTS WITHIN AN ORGANIZATION By Aaron Hardiman, MBA, ARM.

THE ROLE OF INSURANCE REQUIREMENTS WITHIN AN ORGANIZATION By Aaron Hardiman, MBA, ARM.
© 2012 McNees Wallace & Nurick LLC CONTRACT ESSENTIALS Diane M. Tokarsky Chair, Construction Law 100 Pine Street, PO Box 1166 Harrisburg, PA 17108-1166.

© 2012 McNees Wallace & Nurick LLC CONTRACT ESSENTIALS Diane M. Tokarsky Chair, Construction Law 100 Pine Street, PO Box 1166 Harrisburg, PA
Let’s Study Legal English Together!

Let’s Study Legal English Together!
Basics of Insurance Law PLI: Bridge the Gap II Robert H. Friedman May 26, 2005 Robert H. Friedman May 26, 2005 1.

Basics of Insurance Law PLI: Bridge the Gap II Robert H. Friedman May 26, 2005 Robert H. Friedman May 26,
Waiver of Liability. Purpose The main intent of the Waiver of Liability statement is to highlight the very small yet real risk that volunteer activities.

Waiver of Liability. Purpose The main intent of the Waiver of Liability statement is to highlight the very small yet real risk that volunteer activities.
© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.

© 2013 Sri U-Thong Limited. All rights reserved. This presentation has been prepared by Sri U-Thong Limited and its holding company (collectively, “Sri.
Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for.

Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for.
CARLIN LAW GROUP, APC (619)615-5325 Know Your Indemnity Obligation Know Your Risk Know Your Insurance Company by KEVIN R. CARLIN, ESQ.

CARLIN LAW GROUP, APC (619) Know Your Indemnity Obligation Know Your Risk Know Your Insurance Company by KEVIN R. CARLIN, ESQ.
©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.

©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
Risk Management Contract Basics Beth Carmichael Risk Manager, Five Colleges Inc Wednesday, June 14, 2006. Connecticut Conference of Independent Colleges.

Risk Management Contract Basics Beth Carmichael Risk Manager, Five Colleges Inc Wednesday, June 14, Connecticut Conference of Independent Colleges.
Ontario School Boards’ Insurance Exchange “Indemnifying Agreements, Hold Harmless – When Should They Be Used?” November 6, 2008.

Ontario School Boards’ Insurance Exchange “Indemnifying Agreements, Hold Harmless – When Should They Be Used?” November 6, 2008.
Managing Risk in Academic Placement Agreements Joseph C. Risser, CPCU, ARM-P Director, Risk Management California Polytechnic State University.

Managing Risk in Academic Placement Agreements Joseph C. Risser, CPCU, ARM-P Director, Risk Management California Polytechnic State University.
Exposure to Loss  What are we doing? (What is the increased exposure?)  What do we get out of it? (Is it worth it?)  What is the likelihood of.

Exposure to Loss  What are we doing? (What is the increased exposure?)  What do we get out of it? (Is it worth it?)  What is the likelihood of.
Design Lease Contracting for Services IT/Security Medical IGA Special Events Providing Services.

Design Lease Contracting for Services IT/Security Medical IGA Special Events Providing Services.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
 Freedom of Information Act General Background. Access to Army Records. Exemptions. Exclusions. Procedural Rules for Processing FOIA Requests for Army.

 Freedom of Information Act General Background. Access to Army Records. Exemptions. Exclusions. Procedural Rules for Processing FOIA Requests for Army.
Research Development for Android Coopman Tom. What is Android?  Smartphone operating system  Google  Popular  ‘Easy to develop’  Open-Source  Linux.

Research Development for Android Coopman Tom. What is Android?  Smartphone operating system  Google  Popular  ‘Easy to develop’  Open-Source  Linux.

Similar presentations

Ads by Google