Planning on doing business overseas? Establishing a new office in a foreign land, or selling online to consumers in a new country? When going over company requirements for working in your new neighbourhood, don’t forget to review corporate privacy practices.
When it comes to privacy, expectations, safeguard minimums and rights of the data subject can vary between jurisdictions. From Canada and the United States, the European Union with its new GDPR, Japan, Australia, even between China and Hong Kong, there’s no single set of global standards. Fortunately however, many privacy legislations do contain common ground. There are also ways to proactively account for the differences.
Information and Privacy Professional Victoria McIntosh presents a taste of privacy across the globe, with some of the ways businesses can prepare in dealing with data across borders.
- Privitar Privacy Pulse 2018 -
Privacy matters to your customers. 9 out of 10 consumers believe that technological advancements pose a risk to their data privacy – but 64% of businesses believe that they could miss out on a competitive edge by not making the most of their data. How can you reconcile the two?
This session will unveil the results of a wide-ranging data privacy survey, during which we asked 5,000 consumers and 1,500 B2B leaders across the UK, US and France for their thoughts on data privacy and data protection. The webinar will feature experts from industry, policy and academia discussing the issues raised by the results, and their implications for your business.
Gain a deeper understanding of consumer and corporate attitudes to privacy and enjoy our expert’s view on the implications for business as we discuss:
- The missed opportunity of data utilisation
- Erosion of trust through misuse of data
- Demand for business prioritisation of data protection
- Communicating the value exchange
This will also be the chance to ask a panel of industry-leading professionals your data privacy questions, so please do register now to join the conversation. The key learnings from the report will also be available as a ready-to-download attachment for you to access and share.
- Nikki Stones, Head of Marketing, Privitar
- Jeni Tennison, CEO, The Open Data Institute
- Louise Turner, Managing Director, Edelman Intelligence UK & Ireland
- Alexandra Deschamps-Sonsino, Author, Smarter Homes: How Technology will Change Your Home Life
Investors are demanding that proxy statements include a greater range of information. In turn, companies need to disclose that information – and tell their story – in the most effective way. One solution is to create a ‘next-generation proxy summary’ that includes an extended summary spelling out the key information investors need. This can be used as part of the proxy statement and as a stand-alone document.
Our panel of experts will discuss how governance teams can make the best use of the extended summary in managing relationships with shareholders. Topics for discussion will include:
- What information should the extended summary include? What do investors want, and how should governance teams research what this is?
- What are some of the new best ways to present that information?
- How can governance and investor relations (IR) teams work best together and with other functions (the board, HR, IT, management and outside vendors) in preparing the extended summary?
- How can governance and IR teams use the summary during the approach to the AGM and outside of proxy season? How can it best be delivered as a stand-alone document?
- What is the best way to get feedback on your summary from investors to improve it for the following year?
Many companies are developing initiatives or programs to enhance the diversity and inclusiveness of their workforce and applicant pools. To implement such initiatives and track their progress, companies must collect, use, and store personal information such as race, gender, and ethnicity. Some jurisdictions consider these types of personal information sensitive and subject to special requirements or restrictions. Additionally, handling these types of data elements presents unique internal challenges for HR teams and data analysts.
This webinar will explore ethical and privacy implications of corporate diversity and inclusion activities, with a focus on GDPR restrictions and requirements. We will discuss some best practice solutions for developing and implementing global diversity and inclusion initiatives that protect worker and applicant privacy while enabling companies to understand and enhance diversity and inclusiveness.
- Jackie Wilkosz, Manager, Aleada Consulting
- Bret Cohen, Partner, Hogan Lovells LLP
Social Media: Impact and Implications for Corporate PrivacyRead more >
After multiple newsworthy data breaches in recent times, IT security and privacy governance has gained importance across the globe. Most organizations have established security and compliance policies and procedures to protect their intellectual property and corporate assets, especially in the IT space. As companies transition their applications and data to the cloud, it is critical for them to maintain, or preferably surpass, the level of security they had in their traditional IT environment. Leaders are also responsible for defining policies to address privacy concerns and raise awareness of data protection within their organization, and for ensuring that their cloud providers adhere to the defined privacy policies. Failure to ensure IT Security when using cloud services could ultimately result in higher costs and potential loss of business, thus eliminating any of the potential benefits of the cloud.
While security and privacy are related, they are also distinct. IT security is primarily concerned with defending against attacks, not all of which are aimed at stealing data, while privacy is specifically related to personal data held by an organization, which may be endangered by negligence or software bugs, not necessarily by malevolent persons. On this webinar our panel of experts will address some of the key distinctions, and discuss some best practices for managing IT security and implementing privacy governance for the cloud.
Join top security, privacy and risk experts for an interactive Q&A discussion to learn more about:
- Is privacy the new marketing gold
- How to build your privacy and data security compliance programs
- Should you hire a Data Protection Officer
- Breaches, data leaks and notifications
- Recommendations for improving security and safeguarding privacy beyond GDPR's deadline day
The session is being brought to you in partnership with ITSPmagazine and will be streamed LIVE from Las Vegas during Black Hat.
Personal data of individuals – consumers and employees – is in constant motion across international borders. Nonetheless, existing privacy laws purport to prohibit organizations in many countries from transferring data to another jurisdiction in the absence of adherence to various legal frameworks or contractual mechanisms designed to enhance the protection of personal data.
Those legal frameworks suffered a blow last year when the European Court of Justice struck down the 15 year old Safe Harbor Framework. A year later, the EU-US Privacy Shield Framework has been approved as a replacement, and many companies have begun to certify, but the new Framework remains subject to potential legal challenge. Other European data transfer mechanisms – standard contractual clauses and Binding Corporate Rules – are also subject to legal challenge. And other jurisdictions around the globe in South America, Asia and elsewhere, are imposing restrictions on the transfer or personal data and in some cases even calling for data localization. Yet, data continues to flow in real-time.
What does it mean in the real world? What are the real risks for multinational data owners and for service providers that process data of such data controllers? This presentation will distinguish fact from fiction and provide practical tools for companies that are struggling (understandably) to wrap their virtual arms around the world.
eDiscovery can be expensive, risky, complex—and expensive again. For companies dealing with massive amounts of data in litigation, it’s not unusual to see budgets quickly overwhelmed by burdensome discovery requirements, endless vendor bills, and outside counsel who fail to make efficiency a concern, let alone a priority. But it doesn’t have to be this way.
A comprehensive corporate eDiscovery program can reduce discovery costs by tens of millions of dollars—or more.
Join us for this upcoming webinar featuring experts who have saved companies millions.
Attendees will learn:
- The characteristics of a cost-effective eDiscovery program
- Strategies for active litigation management
- The role of information governance in reducing corporate legal spend
- How outside counsel can contribute to corporate cost savings
Wayne Matus, Matus Consulting Group LLC: Wayne Matus is a litigation partner & managing director with extensive experience in litigation, investigations and compliance, adept at solving eDiscovery, privacy & data related problems for organizations large & small. Prior to launching Matus Consulting Group LLC, Wayne revolutionized the eDiscovery process at UBS, reducing eDiscovery costs by tens of milions of dollars.
Bill McManus, Partner at Cosmich Simmons & Brown. Bill is an experienced litigator & corporate counsel with specialized expertise in eDiscovery, information management, & more. Bill’s practice focused on utilizing dedicated teams of attorneys & leveraging technology to streamline legal processes with predictable pricing & predictable & defensible outcomes.
Ron Sotak, Director of e-Discovery at Cosmich, Simmons & Brown, where manages a specialized team of document review attorneys within the firm’s Strategic Business Solutions practice group. Ron has worked with Corporate & merits counsel to develop custom workflows utilizing state-of-the-art technologies in hundreds of document review projects.
Data privacy isn’t an easy task, you need to ensure the security of sensitive information while complying with a variety of regulations. But data privacy never ends and the laws are constantly changing. The answer? A data-centric security strategy covers all corporate data, so you can connect everyone to everything while staying in complete control. The challenge? Knowing where all your mainframe data is located, how it’s being used, who has access to it, and whether it’s compliant with industry regulations.
Join Stuart McIrvine, Vice President of Mainframe Security Product Management to cover the foundation of building data-centric security strategies that cover all corporate data, simplify regulatory compliance, and outline how to leverage security as a competitive advantage, from mobile to mainframe.
Featuring Timothy Edgar, former national security and intelligence official, cybersecurity expert, privacy attorney and civil liberties activist; and Brett Dorr, Director of Solutions Engineering at Virtru.
You've got until May 25, 2018 to comply with GDPR guidelines. Are your email and file sharing systems ready?
In this session, privacy attorney Timothy Edgar and data protection advisor Brett Dorr will provide valuable insights and actionable advice to help you ensure you’re prepared.
Join us, to understand the relevant areas of concern — especially if you are considering or have already made a move to the cloud.
Attend this webinar to learn:
- How GDPR affects all companies doing business in the EU
- Why email protection is important in GDPR
- Key areas related to data protection for emails and files
- What GDPR says specifically about encryption, key management, and access control
- Technical solutions to help you enable compliance when exchanging personal data by email
We’re looking forward to answering your GDPR data protection questions.
Tuesday, October 30, 2018
8.00 am PST / 11.00 am EST / 3.00 pm GMT / 4.00 pm CET
Duration: 30 minutes
Join Corporate Secretary and Nasdaq for a discussion on cyber-security.
Our expert speakers will discuss:
• Cyber-risk and the responsibilities of the board
• Why cyber-risk is different from other types of risk
• Embedding cyber-risk in corporate governance practices
• Role of the corporate secretary/governance professional on information provided to the board on cyber-risk
• Board member education/preparedness
• Board member recruitment in looking for expertise/experience in cyber-security
• Board reporting – what the board needs to know
• Moderator: Ben Maiden, editor, Corporate Secretary
• Martyn Chapman, head of strategy, Nasdaq Governance Solutions
• John Reed Stark, president, John Reed Stark Consulting
Short, sharp and packed with expert insight, this webinar will get you up to speed on these critical issues in just 30 minutes. Sign up to BrightTALK to view this essential briefing and be informed of future webinars produced by Corporate Secretary.
Employees leave organizations each year, but did your sensitive data leave with them? Osterman Research found that 39% of companies are not sure that they have recovered all corporate data assets, posing a significant risk in terms of data breach, regulatory and compliance implications, while leaving IT trying to locate and contain sensitive information.
This presentation with Michael Osterman, president of Osterman Research, as he shares new research, and Drew Nielsen, Director of Enterprise Security, Druva. Key learnings include:
* Understanding your organization's data vulnerabilities for data exfiltration
* Recommended technologies, policies, and procedures to protect critical information
* Preparation that can save IT time from potential audits, investigations or litigation
We are all concerned about Privacy. Every day there we hear about multiple PII breach announcements. Our current solution – lets create laws to require announcements and levy fines to encourage proper activities and protections. With GDPR looming on the horizon, as the most recent and perhaps the most comprehensive regulation yet, we find ourselves wondering if others will adopt similar regulations. If so, do we as security professionals need to be concerned about our ability to perform forensic analysis, and gather information outside of our realm of direct influence to identifier a hacker? Do elements of GDPR create a situation in which hunting for a hacker might violate their privacy rights? In the end will companies still be able to monitor and protect their assets as they do today, or will it require a change? This webinar will provide insight into the Privacy vs Security Debate.Read more >
In the age of the customer and data hacks a brand’s reputation can come down to their ability to protect customer data. The transparency that will develop between brand and consumer with the upcoming General Data Protection Regulation (GDPR) will provide organizations with an opportunity to empower and build trust with their customer.
Armed with a unified and single view of the customer, brands will be able to truly personalize the customer journey while maintaining compliance and securing customer data.
Hear from Lewis Barr and David Fowler as they discuss how to turn the GDPR into business opportunity while focusing on the following topics:
- Heightened consent requirements and consent lifecycle management
- Expanded privacy notice requirements
- Data subject access rights (SARs) and fulfillment requirements
- Business exposure and liability for failing to meet these GDPR requirements
- Practical next steps to achieve operational readiness
About the Presenters:
Lewis manages Janrain’s legal compliance and privacy functions as the company continues its international expansion. He brings more than 15 years of leadership in a wide range of legal and privacy-related matters for growing technology companies. Lewis also utilizes his diverse background as a litigator in private practice, federal appeals court staff attorney, and teacher.
David is the Head of Digital Compliance at Act-On Software and is responsible for all issues pertaining to digital compliance, including email deliverability, privacy compliance, and industry stewardship in regard to our customers and our corporate objectives. David has over 20 years’ experience providing senior leadership in the marketing industry. In the last nine years, he has been strictly focused on issues associated with email marketing, deliverability, digital marketing, and privacy compliance.
Nicola Franchetto will discuss in a practical and business oriented way, the new provisions of the GDPR and how the PLA Code of Conduct supports compliance with the forthcoming EU Data Protection Legislation. More precisely, Franchetto will highlight the true privacy compliance “game changers” introduced by the GDPR and offer the audience practical inputs on how to set up a sound and effective corporate Data Protection Compliance Programme, which will also include having a PLA in place with Cloud Service Providers.Read more >