Privacy Meets Practice · EU Data Protection Bootcamp Hazel Grant, Partner, Bristows, Rocco Panett...

.privacyassocia

tion.o

hone a

PreconFerence WorkSHoP Day

cerTIFIcaTIon TraInInG anD TeSTInG

a neW reLeaSe FroM THe IaPP!

Building a Privacy Program: A Practitioner’s Guide

Early Bird Rate Regular Rate (Until August 19) (After August 19)

IAPP Member $1195 USD $1395 USD

Nonmember $1395 USD $1595 USD

www.PrIvAcyASSOcIATION.Org/AcAdemy

mAIN cONfereNce PrIcINg 5-Minute Mixer •

Welcome Reception •

Networking Dinners •

Table Topic Lunch •

Privacy Dinner and Awards Ceremony •

Early Bird Run/Walk •

neTWorkInG ToUcHPoInTS

FeaTUreD keynoTeS

The IAPP Privacy Dinner 2011Thursday, September 15The Fairmont Hotel

Rub elbows with privacy’s top innovators and leaders at the sixth annual Privacy Dinner and Awards Ceremony, where we will unveil the winners of the 2011 HP-IAPP Privacy Innovation Awards and the IAPP Privacy Vanguard Award. A ticket to this exceptional evening of celebration is included with your Academy main conference registration.

Keynote Speaker: Susan Combs, Comptroller, State of Texas

PrIVacy MeeTS eXceLLence

Be a privacy standout! Train and test for your IAPP certification at the Academy.

Training for the CIPP, CIPP/G and CIPP/IT, and testing for all modules will be offered at the Academy.

Visit the website for additional pricing information.

Rates available for corporate groups, government and higher education employees, Privacy Dinner only and privacy certification training and testing.

Get exclusive insider perspectives from some of the biggest players in the consumer privacy protection arena and learn how you can avoid being on the opposite side of the table.

Discover connections and build relationships at our many networking opportunities throughout the Academy:

8 a.m. – 12 p.m.Navigating the Maze: Federal Legislation and the Privacy Impact Assessment Process William C. Hoffman, CIPP, Senior Privacy Officer, General Dynamics Information TechnologyWhat does it take to make a privacy impact assessment (PIA) successful? As federal agencies scramble to ensure that all systems—as defined by FISMA, OMB and the Privacy Act—are covered by a PIA, it’s more important than ever to know the ins and outs of the process. Join this informative workshop for a comprehensive look at the legislative requirements and how to be prepared for them. Investigate the systematic process that can help to ensure compliance and produce a successful PIA procedure in your organization, including the pre-PIA work that can increase efficiency and improve completion and accuracy.

Protecting and Securing a Moving Target: NFC, RFID and Mobile PaymentsJacqueline Klosek, CIPP, Senior Counsel, Goodwin Procter LLP, Christopher T. Pierson, CIPP, CIPP/G, Chief Privacy Officer and Senior Vice President, Citizens Financial Group, Inc., James Shreve, CIPP, Associate Specialist, Buckley Sandler LLP

Although the broad-based adoption of Near Field Communication (NFC), RFID and mobile payments has taken longer than many anticipated, there are recent signs that the required momentum for such adoption may be close. With the expansive new capabilities of mobile phones and tablet devices, the possibility of including NFC technology in such devices, and upgrades to location tracking, it is becoming apparent that technology is starting to drive that momentum. This workshop will examine NFC, RFID and mobile payments and the regulation of such technologies under existing laws. Engage in a lively group discussion of how law and regulation—including proposed legislation—may adapt to meet privacy and data security issues raised by these technologies.

1 – 5 p.m.Debunking the Privacy Paradox Myth: Creating a Self-Synchronized Privacy ProgramMario Morel, Privacy Architect, YourPrivacyCognitive science has shown that consumers don’t make privacy decisions based on cost/benefit estimations. The apparent dissonance between what people say concerns them online and what they do in practice to protect their privacy is not a paradox; it is a call for

privacy pros to build programs people can relate to. Privacy officers who do just that give customers an optimum experience and gain a strategic asset for their business. The secret is “self-synchronization”—designing a program that can engage people’s insight, foresight and mind-sight at both an intellectual and emotional level. Using the latest research, this workshop will help you discover the nine key building blocks of a network-centric privacy infostructure and show you how to formulate a plan to dramatically increase privacy program participation from your customers, employees and partners.

EU Data Protection BootcampHazel Grant, Partner, Bristows, Rocco Panetta, Partner, Panetta & AssociatiJoin our expert European faculty for this broad overview of data protection practices across the pond. Learn about the political and legal structures in the EU, the role of data protection authorities, and the complex web of laws that guide data. You’ll leave with a strong general understanding of the roles, responsibilities and laws governing privacy in the European Union.

PrecONfereNce wOrKShOPS (Wednesday only)

One Session (half day) $545 USDTwo Sessions (full day) $695 USDPrivacy Bootcamp (full day) $695 USD

Get your copy of this essential and long-awaited guide to putting together an effective privacy operation—being released this summer! Register for the Privacy Bootcamp preconference workshop and get a free copy.

Copies will also be available for sale at the Academy bookstore. Meet the authors and get your copy signed!

WeDneSDay, SePTeMber 14

Can’t make it to our daylong Privacy Bootcamp at the Practical Privacy Series? Catch it at the Academy!

8 a.m. – 5 p.m.Privacy BootcampJ. Trevor Hughes, CIPP, President & CEO, IAPP, Kirk Nahra, CIPP, Partner, Wiley Rein LLPPrivacy can be a bewildering topic. With multiple laws, jurisdictions, technologies and business models converging, and evolving, in today’s enterprise it is hard to know how to navigate the maze of challenges you face. Privacy Bootcamp is your opportunity to get a solid grounding in this dynamic field. This two-part intensive program will introduce you to the fundamentals of privacy. Part 1 provides an overview of basic privacy concepts and philosophies. Part 2 will provide you with a “Privacy Toolkit”—practical, hands-on guidance for managing data within your organization. You’ll leave with a sound foundation that will give you the structure and understanding you need to make the right decisions for your privacy initiatives.

Attendees will receive a free copy of the IAPP’s new publication, Building a Privacy Program: A Practitioner’s Guide

Scott A. KamberKamberLaw LLC

Marc RotenbergPresident, EPIC

Privacy Meets Practice

IAPP PrIvAcy AcAdemySeptember 14 –16 dallas, TX

www.privacyassociation.org/academy

cOme TOgeTher wITh The PrIvAcy PrOfeSSION

Privacy is interwoven into every facet of today’s economy, but privacy professionals often are the lone wolf in their organization—walking the fine line of protecting customers and satisfying regulators, without stifling innovation and business objectives.

Now, more than ever, privacy professionals need to come together to share challenges, get answers and improve their practices. This year, Dallas is the crossroads for the privacy profession.

MeeT THe PeoPLe WHo HaVe THe anSWerS

Come to the Academy and get information and answers to the questions that keep you up at night. Could your organization’s reputation survive a breach? Is there a possibility that you could be the target of an FTC enforcement action? How do you ensure that your organization’s products are trustworthy? Talk to your peers, hear from the experts and get unique insider perspective from top privacy enforcers that can impose real consequences on your brand and your reputation.

See HoW IT aLL FITS ToGeTHer

Join your peers in Dallas for three days of quality education and networking and return to work with the tools and experiences you need to excel in your daily practice and be a leader for your organization’s privacy efforts.

Conference Location and Hotel Accommodations

The Fairmont Hotel1717 N. Akard Street, Dallas, TX 75201Phone: +1 214.720.2020Fax: +1 214.720.7405

.privacyassocia

tion.o

hone a

mAIN cONfereNce PrIcINg 5-Minute Mixer •

Networking Dinners •

Table Topic Lunch •

Privacy Dinner and Awards Ceremony •

Early Bird Run/Walk •

FeaTUreD keynoTeS

IAPP PrIvAcy AcAdemySeptember 14 –16 dallas, TX

mber 1

6The F

asterB

Click 4 C

r Library

xperian

LovellsId

entity Fin

an Law

sultin

troz Fried

arlyle

rivacyassocia

tion.o

hone a

t +1 6

mAIN cONfereNce PrIcINg5-Minute Mixer•

Networking Dinners•

Table Topic Lunch•

Privacy Dinner and Awards Ceremony•

Early Bird Run/Walk•

FeaTUreD keynoTeS

International Association of P

rivacy Professionals

Pease International Tradeport

Rochester A

ve., Suite 4

Portsm

outh, NH

IAPP PrIvAcy AcAdemySeptember 14–16 dallas, TX

mber 1

6The F

asterB

Click 4 C

r Library

xperian

LovellsId

entity Fin

an Law

sultin

troz Fried

arlyle

rivacyassocia

tion.o

hone a

t +1 6

mAIN cONfereNce PrIcINg5-Minute Mixer•

Networking Dinners•

Table Topic Lunch•

Privacy Dinner and Awards Ceremony•

Early Bird Run/Walk•

FeaTUreD keynoTeS

International Association of P

rivacy Professionals

Pease International Tradeport

Rochester A

ve., Suite 4

Portsm

outh, NH

IAPP PrIvAcy AcAdemySeptember 14–16 dallas, TX

September 14 – 16 • the Fairmont hotel • DallaS, tX

PrIvAcy AcAdemy 2011 PrOgrAm

cONfereNce SeSSIONS

vISIT www.PrIvAcyASSOcIATION.Org /AcAdemy TO regISTer ANd fOr uP-TO-dATe INfOrmATION

onLIne PrIVacyMonitoring and Preserving Data on Social Media SitesErik Laykin, Managing Director, Duff & PhelpsWhat options are available for the defensible and forensic preservation of social media data and usage? Gain practical guidance while getting a hands-on, visual review of the tools and technologies available for the real-time monitoring and preservation of electronic data contained on social media sites.

Online Privacy: Who’s Watching the Kids? Moderator: Nuala O’Connor Kelly, CIPP, CIPP/G, Senior Counsel, Information Governance & Chief Privacy Leader, General ElectricParry Aftab, Executive Director, WiredSafety, Michelle Dennedy, Founder & CEO, iDennedy Project, Lydia Parnes, Partner, Wilson Sonsini Goodrich & RosatiWhat do our kids really think about online privacy and what are they doing online? Join this lively session for a discussion of the practical, legal and policy implications of online privacy as applied to children and teens, and take away practical strategies and advice on talking to our kids about staying safe online.

The Self-Regulatory Principles for Online Behavioral Advertising: A How-to Compliance WorkshopGenie Barton, Director, Online Interest-Based Advertising Accountability, Council of Better Business Bureaus, Xenia Boone, Senior Vice President Corporate and Social Responsibility, Direct Marketing Association, Scott Meyer, CEO, EvidonGain a clear understanding of the requirements of the Self-Regulatory Principles, including who must implement them, how to implement them, and what to expect from the Council of Better Business Bureaus and the Direct Marketing Association, the groups that provide accountability for the Self-Regulatory Program.

HeaLTHcareA Health Privacy Segmentation of the American Public and EHR Users: Results of a National SurveyAlan Westin, Professor Emeritus, Columbia UniversityLearn the results of a national survey being conducted to measure levels of trust and its benefits in U.S. EHR systems. The survey applied a set of Health Privacy Intensity Measures developed by Dr. Alan Westin, who will report and describe the sources of high, medium and low health privacy intensity for four U.S. patient populations.

Medical Software and Its Regulation: HHS, FDA and the RulesPeter McLaughlin, CIPP, Senior Counsel, Foley & Lardner LLPThe HITECH Act directed HHS and the FTC to prescribe rules for electronic health records, systems that are made up of software and can collect patient data from numerous sources. Explore the impact of the FDA’s recently issued rules concerning medical device data systems and other software tools for developers and healthcare providers.

Top 10 New Lessons in Healthcare Privacy Kirk Nahra, CIPP, Partner, Wiley Rein LLP Join in a review of the latest developments in the world of healthcare privacy and identify the key new takeaways for healthcare companies and their business partners. Explore enforcement developments, new regulations, the latest in risk areas and the key topics for controversy involving healthcare privacy issues.

GLobaLCertifying for the Safe Harbor: The Practical AspectsKimberly A. Bubnes, CIPP, Global Privacy Director, General Motors Corporation, Robert L. Rothman, Principal, Privacy Associates International LLCRoll up your sleeves and dive into the practical aspects of how to certify a class of data for Safe Harbor. Learn the scope of Safe Harbor certification and how to create a Safe Harbor team using internal certification trees.

Mexico’s New Data Protection Law: Policy and ComplianceJonathan D. Avila, CIPP, Vice President, Counsel, Chief Privacy Officer, The Walt Disney Company, Rosa Maria Franco, Attorney, Basham, Ringe Y Correa, S.C., Jacqueline Peschard Mariscal, President Commissioner, Federal Institute for Access to Information and Data Protection, Harry A. Valetk, CIPP, Corporate Privacy Director, MetLife Join this session for an overview of the policy choices that Mexico has made in adopting comprehensive data protection legislation and discuss the practical challenges for business in implementing the law.

Migrating to a Global Shared Services Center? Consider the IssuesJon Olefson, Vice President and General Counsel (Europe), Cognizant Technology Solutions, Heidi Salow, CIPP, Shareholder, Greenberg Traurig LLP The commercial sector—and to some extent the federal government—has moved toward a shared services model, in which multiple business functions are centralized into a single global center. Learn what privacy and data security issues are associated with the use of these centers, particularly when they are outsourced in countries with no data protection laws or laws that differ from the “host” country.

New Data Protection Laws and Case Law Trends in South America Cedric Laurant, Cedric Laurant Consulting, Renato Opice Blum, Attorney, Opice Blum Advogados AssociadosJoin this topical discussion of the most recent privacy developments in Latin American countries, including new legislation in Brazil and Colombia, Uruguay’s expected “adequate protection” approval of its recent privacy law from European authorities, and how upcoming EU legislation could have important consequences for the development and implementation of online behavioral advertising in South America.

LaW anD PoLIcyEthical PrivacyEdward McNicholas, Partner, Sidley Austin LLP Join this session for an overview of practical legal ethics issues that confront privacy professionals and discussion of a possible approach to a code of ethics for all professionals in the privacy field.

How to Avoid Becoming a Privacy Class Action or FTC Enforcement TargetD. Reed Freeman, Jr., CIPP, Partner, Morrison & Foerster LLP, Jim Halpert, Partner, Communications, e-Commerce and Privacy Practice, DLA Piper US LLPJoin this session to identify the FTC enforcement priorities from among the agency’s laundry list of best practices and learn how to handle a subpoena or other initial FTC inquiry. Discover the privacy practices that give rise to significant class action risk, and discuss strategies to become a much harder target against the threat of a class action lawsuit.

How Will the Safe Harbors in Pending Privacy Legislation Work?Marty Abrams, Senior Policy Advisor, Hunton & Williams LLP, Jennifer Barrett, CIPP, Global Privacy and Public Policy Executive Privacy Leader, Acxiom Corporation, Scott Taylor, CIPP, Vice President and Chief Privacy Officer, Hewlett-Packard Company, María Elena Pérez-Jaén Zermeño, Commissioner for Access to Public Information and Data Protection of the Institute for Access to Public Information of the Federal District, MexicoThe Obama administration has proposed federal legislation that would encourage industry codes of conduct that would be safe harbors. Suggested legislation on the hill would also contain safe harbors. Find out how these would work and formulate a plan for putting safe harbors into effect.

Litigation: There’s an App for That!Sherry Ramsey, CIPP, AVP - Public Policy, AT&T Inc., Alan Raul, Partner, Sidley Austin LLP

“App privacy” is a cutting edge legal issue that has garnered acute attention from congress, privacy advocates, the FTC and plaintiffs lawyers. Explore the complaints and investigations that have been leveled to date against “apps” that collect, share, store, use or compromise user IDs, unique device identifiers, personal information or location data without (alleged) adequate disclosure and consent from the app users. Leave with best “app” practices to avoid the legal cross-hairs of the privacy enforcers in the first place.

Never Enter Your Real Data!Rocco Panetta, Partner, Panetta & AssociatiTake a focused look at the issues arising out of the data flows around the world and relevant legal consequences, especially with respect to the principle of jurisdiction, establishment and relevant applicable laws and regulations.

Will There Be a “Privacy Bill of Rights” and If So, What Will It Mean?Justin Brookman, Director, Consumer Privacy, Center for Democracy & Technology, Jules Polonetsky, CIPP, Co-Chairman and Director, Future of Privacy Forum, Christopher Wolf, Co-Chair Privacy and Data Security Practice Group, Hogan Lovells US LLPExamine the proposal for a Privacy Bill of Rights, intended to implement Fair Information Practice Principles through codes of conduct enforced by the FTC. Explore the details of the proposal as well as the political prospects for passage in the near term.

FInancIaL SerVIceSThe Designated Transfer Date under Dodd-Frank Has Come and Gone: What Does It Mean for Financial Privacy? (A two-part session)H. Leigh Feldman, Senior Vice President, Compliance Program Executive, Bank of America, L. Richard Fischer, Partner, Morrison & Foerster LLP, Lynn A. Goldstein, CIPP, Senior Vice President & Chief Privacy Officer, JP Morgan Chase Bank, N.A., Russell Schrader, Chief Privacy Officer and Global Enterprise Risk Counsel, Visa Inc.Examine the developments on the regulatory implications of the Consumer Financial Protection Bureau over the last nine months, with a focus on those sections of the Dodd-Frank Act with privacy implications. What have been the ramifications of the transfers of authority called for by the act? Is it too soon to tell, or are there clear trends developing on these and other issues important to financial privacy?

Hot Button Privacy Issues in Payments and Financial ServicesErin Fonte, CIPP, Shareholder, Cox Smith Matthews IncorporatedGet the latest updates on the hottest topics in the world of payments and financial services, including discussion of secure encrypted e-mail at financial institutions, suggested best practices for social media activities, and unique mobile transaction and marketing issues.

MobILe coMPUTInG/LocaTIon-baSeD SerVIceSAvoiding the Mobile App TrapsMark W. Brennan, Associate, Hogan Lovells US LLP, Devin Crock, Counsel, Sprint Nextel, Matthew Gerst, Counsel, External & State Affairs, CTIA—The Wireless Association®

“You snooze, you lose” in the mobile app ecosystem. But, “haste makes waste” when it comes to data privacy and security. What’s a business to do? Find out how to address privacy and security issues associated with mobile apps and still remain competitive by identifying the key traps.

Choice on the Grid: Geolocation Technologies and PrivacyDavid Keating, Attorney, Alston & Bird LLP, Mikko Niva, CIPP/E, Global Privacy Counsel, Nokia, Rod Witmond, SVP, Product Management & Marketing, CardlyticsInvestigate global data protection standards—from a U.S. perspective—for geolocation technologies on mobile devices and apply those standards to advertising driven by location-based personalization. Examine the difficult balance between large market valuations attached to location-based advertising businesses, and data protection.

Privacy by Design in the Mobile App Ecosystem: Thinking Global, Acting LocalKen Anderson, Assistant Commissioner of Privacy, Information and Privacy Commissioner of Ontario, Frank Dawson, CIPP/IT, Head of Consumer Data & Privacy Program, Nokia, Ed Schmit, Director, AT&T Developer Program, AT&T Inc., Patrick Walshe, Director of Privacy, GSMAThe convergence of mobile and the web has created a vibrant and dynamic mobile ecosystem that is dramatically changing our world for the better. Learn about leading industry approaches to addressing the challenges and creating meaningful privacy experiences for mobile users.

oPeraTIonaL PrIVacyEmployees, Smart Phones and Social Media: Best Practices for Mobile Computing and Social Media PoliciesJohn Heitmann, CIPP, Partner, Kelley Drye & Warren, LLPJoin in a discussion exploring the best ways to create mobile computing and social media policies designed to effectively address practical and legal concerns raised by the use of personal mobile devices and social media for business purposes.

Enhanced Notice and ControlJustin Brookman, Director, Consumer Privacy, Center for Democracy & Technology, Jane Horvath, CIPP, CIPP/G, Global Privacy Counsel, Google Inc., Shane Wiley, CIPP, Sr. Director, Privacy & Data Governance, Yahoo! Inc.Experts from two of the largest global Internet companies and the Center for Democracy and Technology, a neutral consumer-advocacy group, will review the global development and progress of CLEAR Ad Notice, the emergence of DNT, and where these intersect with the need for Privacy by Design.

Moving Toward Privacy by Design: The Microsoft Experience David Bowermaster, Senior Cloud Privacy Strategist, Microsoft Corporation, Javier Salido, CIPP, CIPP/IT, Senior Program Manager, Trustworthy Computing Group, Microsoft CorporationGet a “behind the scenes” look at Microsoft’s internal privacy process, which is responsible for ensuring that privacy needs are taken into account throughout the product development process and into the management of personal information within the company.

A Roadmap to Move up the Privacy Maturity CurveNancy Cohen, CIPP, Senior Technical Manager, Quality Control, American Institute of Certified Public Accountants, Marilyn Prosch, CIPP, Associate Professor, Arizona State UniversityMeasuring and monitoring privacy compliance requires the establishment of effective monitoring procedures and a baseline against which to assess performance. Learn how the Privacy Maturity Model can provide an effective tool to assess privacy compliance and progress against recognized benchmark data.

cLoUD coMPUTInGCloud Computing Compliance: The What, Who and WhereChristopher Millard, Professor, Bristows, LondonJoin this informative session to learn the key compliance issues for users and providers of cloud services, including the implications of anonymization, encryption and fragmentation of data in cloud environments, and the local law impact of geographical arrangements—such as the “long-arm” reach of the EU Directive.

Joint Data Controllership: A Silver Bullet for Cloud Computing Privacy Issues? Jan Geert Meents, Partner, Chair, DLA Piper IP & Technology Practice, Germany Cloud computing has raised significant privacy objections in the EU, making the use of cloud solutions by multinational companies problematic. Explore how joint data controller arrangements can provide a breakthrough for the privacy dilemma of modern cloud computing.

Obscured by Clouds: Privacy Audit in the CloudDoron Rotman, CIPP, National Privacy Service Leader, KPMG LLP (US)Learn how to identify the impact of the move to cloud computing on an organization’s ability to undergo a privacy audit, and the considerations that should be taken into account in the selection, contracting and ongoing management of cloud service providers.

Securing Data in the CloudKenneth E. Stavinoha, CIPP, Solutions Architect, Cisco Systems, Inc.Explore the challenges of securing data in the cloud and the role of encryption as a tool. Hear the results of extensive research into the critical factors that influence the adoption of encryption to secure data in the cloud.

Taming the Cloud: Contracting for a Cloud that Actually WorksBenjamin Hayes, CIPP, CIPP/C, CIPP/G, CIPP/IT, Americas Data Privacy Compliance Lead, Accenture, David Navetta, CIPP, Founding Partner, Information Law GroupHow can we “solve” the difficult application of privacy laws to the cloud? Discover a successful new approach to negotiating cloud contracts that attempts to re-allocate applicable privacy and security requirements between data owner, cloud provider and system integrator.

Utilization of Cloud-Based Enterprise Solutions: Google’s Business Perspective of Privacy Challenges and SolutionsMarc Crandall, CIPP, Product Counsel, Google Inc.What are the regulatory obligations and privacy impacts of cloud computing? What are the options regarding international conflicts of law? Take part in this session and gain the tools you need to identify privacy risks in moving data to the cloud.

InForMaTIon SecUrITyChanging the Culture of Low Tech Information Security: Critical Policy Elements and Compliance StrategiesRobert Johnson, Executive Director, National Association for Information DestructionHow can you implement a program to ensure compliance and avoid the embarrassment of a costly

“low tech” security breach? Explore the existing culture of low tech privacy concerns (the disposal of confidential material) and discuss how to shift the current thinking to make the subject more of a security issue and less a price-driven commodity.

The CPO and the CSO: Building Bridges to Improve Both Privacy and SecurityMartin Carmichael, Chief Security Officer, TD Ameritrade Holding Corporation, David Hale, CIPP, Chief Privacy Officer, TD Ameritrade Holding CorporationThe close relationship between privacy and security can lead to conflict—or to synergies and complementary roles. Find out how you can build a relationship between the privacy office and the security structure that can greatly facilitate both jobs.

The New World of Cyber Risk: Advanced Persistent ThreatsAlan Brill, CIPP, Senior Managing Director, Secure Information Services, KrollExamine Advanced Persistent Threats (APTs), a new and far more dangerous type of cyber attack, to learn how they work, how they target PII and PHI—among other targets—and the importance of evolving from perimeter defense to a more comprehensive doctrine of defense-in-depth.

Who Am I? Understanding Multi-Factor Authentication in Online EnvironmentsChristopher T. Pierson, CIPP, CIPP/G, Chief Privacy Officer and Senior Vice President, Citizens Financial Group, Inc., James Shreve, CIPP, Associate Specialist, Buckley Sandler LLPTake part in a lively discussion of the emergence outside the banking sector of dual-factor and tri-factor authentication, how these technologies work, and how to perform a risk-based assessment to determine the type of security one might offer.

DaTa breacHBuilding a Records Retention Policy Aligned with Privacy ObjectivesRichard L. Johnson, Manager, Global Information Compliance, John Deere & Company, Marty Provin, CIPP, EVP Business Development Group, Jordan LawrenceIn several recent high-profile data breaches, the compromised data was old and outdated. This fact underscores the importance of having a consistently executed retention policy as part of a company’s overall data security and privacy strategy. Learn how to take a more intelligent, comprehensive approach to information management and retention that approaches privacy and information governance as a single initiative.

Data Breach—Help Your Company Avoid Being a Victim of CompromiseCharles Kallenbach, General Counsel, Heartland Payment Systems, Doug Meal, Ropes & Gray, Erin Nealy Cox, Executive Managing Director and Deputy General Counsel, Stroz Friedberg LLCLots of influential companies have learned the hard way about being the victim of a data breach, even though they may have complied with regulations and standards. Join this session to learn from those who have survived a breach how you can use the tools and techniques of corporate compliance to be prepared.

Data Breach Resolution: Preparing for a Data Breach and How to Respond to ItModerator: Tony Hadley, Sr. V.P. of Government Affairs & Public Policy, Experian Tom Bowers, Managing Director, Security Constructs LLC, Patricia Wagner, Member of the Firm, EpsteinBeckerGreenWhat tools do you need to prepare for a data breach and what are the best practices? How did the breach happen and where did the data go? Join this lively session to learn how to build a forensics case once a breach happens.

FacILITaTeD neTWorkInGNetworking Session: 5-Minute MixerFacilitator: Chris Zoladz, CIPP, CIPP/G, Founder, Navigate LLC Don’t know anyone at the conference? Looking to network? Share your professional background and discover connections with other Academy attendees and privacy leaders in fast, fun five-minute one-on-one meetings.

Networking Session: To Track or Do Not Track? Browser Controls, Self Regulatory Programs or New LawsJules Polonetsky, CIPP, Co-Chair and Director, Future of Privacy Forum

Networking Session: Study Tips and Advice from Certified Professionals—Your Burning Privacy Questions Answered!Facilitated by CIPP-certified professionalsYou’ve read tons of reference material, you’ve been to training, and you’ve even attended some great conference sessions, but still you have burning questions about privacy. We have experienced privacy professionals ready to help you put out that fire! Talk to IAPP instructors about privacy-related topics that are important to you.

Networking Session: Minimize Boredom, Maximize Your Member ExperienceFacilitated by the IAPP Membership DepartmentIAPP staff members will give you the inside scoop on the many ways that you can become more involved with your professional association. Learn about volunteer career development opportunities in this casual networking session, where you’ll also have an opportunity to provide feedback on how the IAPP can better serve you.

Networking Session: Your Company and the CloudFacilitator: Tanya Forsheit, CIPP, Founding Partner, InfoLawGroup LLPFacilitator: Christine Lyon, Partner, Morrison & Foerster LLPIt’s your turn to join the discussion! Bring your questions, concerns and insights for a lively discussion about managing privacy in the cloud, including due diligence and selection of providers, data back-up, encryption options, contractual protections (or lack thereof), cross-border transfers in the cloud environment, audit and third-party certification, and other topics of interest from the day’s cloud computing sessions.

cONfereNce SeSSIONS

PRIORITY CODE:

The IAPP PrIvAcy AcAdemy 2011

September 14–16The Fairmont HotelDallas, TX

Privacy Meets Practice · EU Data Protection Bootcamp Hazel Grant, Partner, Bristows, Rocco Panett...

Documents

Transcript of Privacy Meets Practice · EU Data Protection Bootcamp Hazel Grant, Partner, Bristows, Rocco Panett...