Hi [[ session.user.profile.firstName ]]

Utah protects mountains of data with the Cybersecurity Affirmative Defense Act

The legal landscape surrounding data use and privacy is increasing in complexity as U.S. states enact regulations to protect consumers and businesses. In March of 2021, Utah’s Governor, Spencer Cox, signed the Cybersecurity Affirmative Defense Act (H.B. 80). Introduced by Representative Walt Brooks, the Cybersecurity Affirmative Defense Act (CADA) offers liability protections as long as business victims follow reasonable cybersecurity controls and best practices when managing personal data.  Utah is the second state behind Ohio to establish an affirmative defense to claims arising from a breach of system security.
 
Spirion’s Scott Giordano, General Counsel, will sit down with Representative Brooks to discuss the motivation behind the Cybersecurity Affirmative Defense Act, what informed the elements of the legislation, and advice for future affirmative defense statutes.
 
Key takeaways include:
-Requirements under the Utah Cybersecurity Affirmative Defense Act
-The differences between the Ohio and Utah affirmative defense model
-The future of Utah and federal data protection law
Recorded May 20 2021 34 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Walt Brooks (Utah House Representative) & Scott M. Giordano (General Counsel at Spirion)
Presentation preview: Utah protects mountains of data with the Cybersecurity Affirmative Defense Act

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • U.S. Data Privacy Trailblazer: Virginia comprehensive data privacy law Jun 30 2021 8:00 pm UTC 38 mins
    Scott M. Giordano & VA Senator David W. Marsden
    On March 2, Virginia became the nation’s second state to adopt a comprehensive data privacy law—and the first state to enact such protection of its own accord. Introduced by Senator David W. Marsden, the progressive Virginia Consumer Data Protection Act (VCDPA) reflects many of the consumer rights granted under California’s privacy laws—but goes a step further—by aligning with the European Union’s General Data Protection Regulation in a few critical areas.

    Spirion’s Scott Giordano, VP and Sr. Counsel, Privacy and Compliance, has the privilege to sit down with Senator Marsden to discuss the spark behind the introduction of the Virginia Consumer Data Protection Act and the nuances of the VCDPA for companies doing business in Virginia or marketing to Virginian citizens.

    Can’t miss topics include:

    • Who must comply with the VCDPA?
    • Why is the VCDPA important for Virginia residents?
    • What are the business obligations of VCDPA?
    • How will VCDPA be enforced?
    • What additional state legislation is expected across the U.S. in 2021?
  • A single source of truth for sensitive data: Managing cyber and privacy risks Jun 15 2021 5:00 pm UTC 45 mins
    Jason Hodgert, Product Marketing Manager, Spirion, and Rob Server, Director of Product Marketing, Spirion
    Data privacy cannot be achieved with a one-size-fits-all solution. Regulations, business requirements, and customer concerns can vary between regions, industries, revenue, and more. While many agree that data discovery is a foundational aspect of any data privacy management program, what’s less clear is where organizations go from there.

    The concept of profiles in the NIST Privacy Framework addresses this and lays out strategies for organizations to map out the next steps in their privacy planning depending on factors such as organizational maturity, capacity for change, and regulatory requirements.

    This Tech Talk will detail how the world’s most accurate data discovery in Spirion Sensitive Data Platform (Spirion SDP) can be used to expand privacy operations with a blend of extended core functionality and intelligent optional add-ons.

    Key takeaways:
    • Discover the depth, breadth and accuracy of our Privacy-Grade solution, Spirion SDP
    • Explore how to automate SRR fulfilment with speed and accuracy using Spirion Sensitive Data Finder
    • Learn how to leverage Spirion Sensitive Data Watcher to monitor, connect and understand sensitive data

    With multiple tools to choose from, Spirion empowers organizations to design privacy programs that are right-sized for their company’s data privacy and security needs and to be confident that their data is protected – no matter where it lives.
  • Privacy Grade: Three Quality Standards for Surefire Data Protection Recorded: Jun 10 2021 61 mins
    Paige Bartley, Senior Analyst, 451 Research and Jason Hodgert, Product Marketing Manager, Spirion
    Amid an increasingly complex regulatory landscape, much ado is made over privacy theory and frameworks. But what are organizations today actually doing to meet data privacy and data protection requirements? Responsibility for data privacy practices are frequently spread across roles and departments, underscoring the need for methodology that spans business functions.

    The concept of “Privacy-Grade” embraces this reality, proposing a combination of technologies and techniques that ensure sensitive data protections are persistently enforced throughout an enterprise.

    Join 451 Research and Spirion for a webinar that looks at the real-world ways that large enterprises are handling data privacy and data protection requirements. This webinar will share essential take-aways from recent survey research and identify opportunities for businesses to embrace contemporary Privacy-Grade technologies and techniques to effectively close the gap—ensuring sensitive data protections are persistently enforced across the enterprise.

    Key topics include:
    -Organizational privacy dynamics and pain points
    -Data management and governance trends
    -Critical data privacy technological capabilities and limitations
    -Key metrics and success factors
    -Privacy-Grade technologies and techniques
  • The California Privacy Rights Act of 2020: Your Questions, Answered Recorded: Jun 3 2021 61 mins
    Scott M. Giordano, V.P. and Sr. Counsel, Privacy and Compliance, Spirion
    What is sensitive personal information?  What about cross-context behavioral advertising?  Where do I have to have to search when a consumer requests their personal information?  These and a whole host of other questions have been raised by voter approval of Prop. 24, the California Privacy Rights Act of 2020 (CPRA). 

    In this interactive webinar, we’ll take a look at this new law and how it expands on the new and wide-ranging consumer rights created by the CCPA.  We’ll also answer your questions, live, and offer insight into getting your organization ready in advance of the compliance deadline. 

    Takeaways include:
    - A summary of new consumer rights under the law
    - Likely changes you’ll need for your information security program
    - An understanding of the “opt-in” vs. “opt-out” rules for collecting, selling, and sharing personal information

    Speaker: Scott M. Giordano, V.P. and Sr. Counsel, Privacy and Compliance, Spirion
  • Utah protects mountains of data with the Cybersecurity Affirmative Defense Act Recorded: May 20 2021 34 mins
    Walt Brooks (Utah House Representative) & Scott M. Giordano (General Counsel at Spirion)
    The legal landscape surrounding data use and privacy is increasing in complexity as U.S. states enact regulations to protect consumers and businesses. In March of 2021, Utah’s Governor, Spencer Cox, signed the Cybersecurity Affirmative Defense Act (H.B. 80). Introduced by Representative Walt Brooks, the Cybersecurity Affirmative Defense Act (CADA) offers liability protections as long as business victims follow reasonable cybersecurity controls and best practices when managing personal data.  Utah is the second state behind Ohio to establish an affirmative defense to claims arising from a breach of system security.
     
    Spirion’s Scott Giordano, General Counsel, will sit down with Representative Brooks to discuss the motivation behind the Cybersecurity Affirmative Defense Act, what informed the elements of the legislation, and advice for future affirmative defense statutes.
     
    Key takeaways include:
    -Requirements under the Utah Cybersecurity Affirmative Defense Act
    -The differences between the Ohio and Utah affirmative defense model
    -The future of Utah and federal data protection law
  • Subject Rights Requests simplified: Using Spirion to maintain privacy compliance Recorded: May 19 2021 37 mins
    Jason Hodgert (Marketing Product Manager, Spirion) and Matthew Barnett (Sr. Technical Product Manager, Spirion)
    To date, 31 states have either signed, passed, or introduced GDPR/CCPA-style legislation to protect the privacy of consumers which is transforming how business and private sectors alike manage customer data.

    A common thread among many of these regulations are a list of consumer rights with regards to the handling of the data organizations like yours collect every day. While the naming and number of these rights vary from state to state, they commonly include, but are not limited to the Right of Access, the Right of Rectification, and the Right of Deletion.

    Consumers exercise these rights through what is commonly referred to as a Data Subject Access Request (DSAR), Individual Rights Request (IRR) or Subject Rights Request (SRR) detailing their personal data footprint. Under these regulations, these requests must be handled promptly, accurately, and without exception.

    On this Tech Talk, we will introduce Spirion Sensitive Data Finder to demonstrate how this tool protects and simplifies Rights Requests for current and future regulations. Key takeaways:

    -Find personal or sensitive data, wherever it lives (you can’t protect what you don’t know you have!)
    -Identify the data relationships between documents and locations associated with the same person through our personal data recognizer technology
    -Build an inventory of discovered subjects for fast reporting to fulfill DSAR, IRR, and SRR requests within a given compliance window through user-friendly dashboards
    -Build and generates subject reports containing a summary of data types
  • Privacy Compliance Hardship? Data privacy experts field the tough questions Recorded: May 12 2021 69 mins
    Terry Kurzynski (HALOCK), Jennifer Urban (Foley), Aaron Stine (Spirion), Bruce Sussman (Secure World)
    With evolving compliance requirements and the exponential growth of private data companies must manage, organizations are struggling to balance security, regulations, and corporate business goals. How do you prioritize resources and budget? Most organizations do not know where their data lives and may not want to do the hard work to find it. Or maybe.....that’s not it. Perhaps they simply don’t know how to start.

    There is a path forward. Our panel of experts will share how they are achieving data privacy across the U.S. for big and small clients.

    Discussion topics include:

    - The biggest challenges in the data privacy compliance process
    - Best methodologies to understand, protect, and govern your data
    - Balancing state-mandated compliance regulations
    - Methods for minimizing and controlling personal data
  • Stop Classifying Your Data Manually…use automation to add accuracy and security! Recorded: May 4 2021 36 mins
    Wally Bitaut (Seclore Technology), Alfonso Vazquez & Jason Hodgert (Spirion)
    Data classification has often been described as a foundational step in any data protection program, but has traditionally been seen as too laborious, time consuming, and inconsistent to deliver the results necessary for true peace of mind.

    Join Spirion along with Seclore, a pioneer in data-centric rights management, as we demonstrate how automation can consistently secure your data without placing an unnecessary burden on data stewards.

    In this webinar, you learn & see:
    -How automated discovery and classification is more accurate, more efficient, and better suited to modern workflows than manual methods
    -How Seclore takes the guesswork out of rights management by securing sensitive data with powerful reporting and revocable access that can be modified at any time
    -Why automated data protection replaces the need for manual classification
    -A live demonstration detailing a sample workflow
  • The Lone Star State Lassos Data Privacy With Texas-Sized Legislation Recorded: Apr 22 2021 38 mins
    Rep. Giovanni Capriglione, Texas House of Rep. Member & Scott M. Giordano, V.P. & Sr. Counsel Privacy and Compliance, Spirion
    U.S. Data Privacy Trailblazers:
    The Lone Star State lassos data privacy with Texas-sized legislation
     
    This year has seen at least 20 U.S. states introduce privacy legislation closely resembling the California Consumer Privacy Act (CCPA) or California Privacy Rights Act (CPRA).  In fact, some states have introduced multiple bills.  Texas, for example, has raised at least six bills that address consumer privacy. Texas State Representative Giovanni Capriglione will discuss the introduction and importance of House Bill 3741 and five additional Texas data protection bills.

    Takeaways include:

    - Amending the existing breach notification law and creating the Texas Privacy Protection Advisory Council
    - The Texas Privacy Protection Advisory Council’s report findings
    - How the Texas bills compare to the CCPA, CPRA, and recently-passed privacy legislation in Virginia
    - Balancing consumer protection with business friendliness
    - The prospects for a federal privacy law
  • Enabling End-to-End Data Security & Privacy: Spirion & Microsoft AIP/MIP Recorded: Apr 20 2021 43 mins
    Allison Kazerounian (Director, Product Marketing) and Cory Retherford (Advisory Solutions Engineer) at Spirion
    The ultimate combination to enrich your data security and privacy protection: Every organization has sensitive data. With that comes the legal responsibility to be good stewards to provide protections or security and privacy. Understanding what kinds of data you have and where it resides is a challenge- because it lives everywhere, not just on Office 365 products. Microsoft AIP/MIP is a fairly common application in business today and many organizations capitalize on its built in features that provides some security to Microsoft products. But, with data security and data privacy will that layer of defense be enough for the entire ecosystem that isn’t a Microsoft utility? Spirion partners with Microsoft to enrich that layer of data security and privacy protection that AIP and MIP addresses and then goes beyond what they don’t secure- your file servers, non-Microsoft cloud technologies, other non-Microsoft on premise cloud databases and Microsoft, Mac, and Linux work-stations.

    Join us for a 30 minute tech-talk where we take a look at how Spirion complements Microsoft AIP and MIP to provide your organization with what you need for data security and privacy.

    Key takeaways include:
    - How a complete data discovery framework in your entire ecosystem can protect your organization and the community you serve
    - How Spirion can discover common sensitive data (PII) and complex data specific to your organization, above and beyond the normal Microsoft Regular Expression with high confidence.
    - How Spirion classifications and labeling provides AIP and MIP users more options and business context than the single one that Microsoft provides
    - Know the difference between protecting data at rest and data in motion and how Spirion plus AIP and MIP scanning can be a game changer for your business

    Speakers: Allison Kazerounian (Director, Product Marketing) and Cory Retherford (Advisory Solutions Engineer) at Spirion
  • U.S. Data Privacy Trailblazer: Virginia comprehensive data privacy law Recorded: Apr 15 2021 38 mins
    Scott M. Giordano at Spirion & Virginia Senator David W. Marsden
    On March 2, Virginia became the nation’s second state to adopt a comprehensive data privacy law—and the first state to enact such protection of its own accord. Introduced by Senator David W. Marsden, the progressive Virginia Consumer Data Protection Act (VCDPA) reflects many of the consumer rights granted under California’s privacy laws—but goes a step further—by aligning with the European Union’s General Data Protection Regulation in a few critical areas.

    Spirion’s Scott Giordano, VP and Sr. Counsel, Privacy and Compliance, has the privilege to sit down with Senator Marsden to discuss the spark behind the introduction of the Virginia Consumer Data Protection Act and the nuances of the VCDPA for companies doing business in Virginia or marketing to Virginian citizens.

    Can’t miss topics include:

    • Who must comply with the VCDPA?
    • Why is the VCDPA important for Virginia residents?
    • What are the business obligations of VCDPA?
    • How will VCDPA be enforced?
    • What additional state legislation is expected across the U.S. in 2021?
  • Data Privacy Legislation in the Sunshine State Recorded: Mar 25 2021 50 mins
    Fiona McFarland (Member of FL House of Representatives) and Scott M. Giordano (Spirion)
    A growing number of states across the country have enacted consumer privacy legislation in response to potential personal data misuse. Florida is now prioritizing data ownership and taking steps to safeguard consumers. Representative Fiona McFarland, with the Florida governor, and Florida Speaker of the House support, introduced a ground-breaking Consumer Data Privacy Bill in the Florida House of Representatives. Spirion has the privilege to sit down with Representative McFarland as she sheds light on standards established by House Bill 969.

    -What does Florida's Consumer Privacy legislation mean for consumers?
    -The impact the bill may have on companies doing business in Florida
    -The progression of the bill as Florida joins the fast-growing number of states expanding the protection of consumer's right to privacy

    Speakers: Fiona McFarland, Member of Florida House of Representatives; Scott M. Giordano, V.P. and Sr. Counsel, Privacy and Compliance, Spirion
  • Data Needs Monitoring: Reduce the Privacy Risk of Your Sensitive Data Recorded: Mar 25 2021 30 mins
    Jason Hodgert, Product Marketing Mgr.; Penni Kessler, Dir. of Product Management; Britton Karon, Sr. Technical Product Mgr.
    As organizations struggle over misuse and exfiltration of data, visibility and accountability is more important than ever.

    This Tech Talk will explore the Activity Monitoring functionality of Spirion Sensitive Data Watcher (SD Watcher). Powered by Spirion Sensitive Data Platform (SDP), Spirion SD Watcher allows users to collect and report on file and folder activity to help identify unauthorized or abnormal behavior involving sensitive data. This better allows organizations to prioritize privacy risk management by determining if, when and, how sensitive data may have been accessed or exfiltrated and build a stronger security posture.

    You will learn:
    - How the accuracy and breadth of data discovery delivered by Spirion SDP is augmented by Spirion SD Watcher to allow data stewards to better to manage compliance and privacy risk
    - What the MITRE ATT&CK framework is and how it provides a best-practices approach to activity monitoring
    - The concept of the “accidental insider” and how to protect against these types of breaches

    Speakers: Jason Hodgert, Penni Kessler, and Britton Karon from Spirion
  • Stop chasing your data: Change your security posture from reactive to proactive Recorded: Mar 16 2021 31 mins
    Wally Bitaut, Alfonso Vazquez & Jason Hodgert
    In this 30-minute webinar, we will discuss and demonstrate a unique combination of best-of-breed technologies which automates the discovery, classification, and protection of your most valuable assets – your information!

    You will see:
    1. How Spirion data discovery brings a robust understanding of the sensitive data organizations possess and where it exists across networks, file shares and endpoints
    2. How Seclore rights management is automatically invoked to secure sensitive data wherever it travels including complete revocation of access post distribution
    3. How universal dashboards provide insights into how your data is being used versus abused ensuring conformance to regulatory compliance
    4. A live demonstration detailing the seamless user-friendly workflow

    Stop monitoring and chasing your data – discover and protect your data – a true Proactive Security Posture.
  • GDPR vs. CCPA vs. CCPA 2.0: 10 Critical Differences Recorded: Mar 11 2021 60 mins
    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion
    “The CCPA is just the U.S. version of the GDPR.”

    “If I’m compliant with the GDPR, I’m also compliant with the CCPA.”

    “Personal data under GDPR is the same as personal information under CCPA.”

    All of this common wisdom about the GDPR and CCPA is arguably false. In fact, there are numerous differences, some great and some subtle, between the two that serve as traps for the unwary. Add to this the upcoming CCPA 2.0, with its new class of (and significant restrictions on the use of) personal information, and the potential for consumer complaints and disputes with supply-chain members becomes dramatic. In this interactive webinar, a privacy and security industry veteran will analyze, compare, and contrast these laws and offer insight into what they mean for your data protection program.

    Takeaways include:

    -Key differences between the three laws that impact your data protection strategy
    -Avoiding conflicts with supply-chain members and other business partners
    -How to leverage current compliance efforts for CCPA 2.0 and other upcoming data protection laws

    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion

    Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery. Scott is a member of the bar in Washington state, California, and the District of Columbia.
  • GDPR: Lessons Learned From 200 Companies Who Got It Wrong Recorded: Feb 2 2021 62 mins
    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion
    About: Since EU supervisory authorities began GDPR enforcement in May of 2018, over 200 companies and government agencies have been punished for privacy and security failures by EU authorities. Those companies include both marquee and non-household brands where close to €400M in proposed fines were issued. The failures to comply were attributable to not having basic privacy and security practices in place. In this webinar, we will review several post-mortems, determine what went wrong, and discuss the implications for not complying with the privacy and security requirements of the GDPR going forward.

    Key takeaways include:

    -Understanding what regulators consider when issuing a penalty

    -Generating better privacy success measurements by leveraging the NIST Privacy Framework and ISO 27701

    -Applying these lessons for California Consumer Privacy Act (CCPA) compliance

    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion

    Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery. Scott is a member of the bar in Washington state, California, and the District of Columbia.
  • Incident Response Post Mortem From The Experts Recorded: Jan 19 2021 54 mins
    Spirion, Atakama, and Mainline
    Data breaches of all sizes have become a matter of when, not if. Hear first-hand from an experienced CISO, former regulator/privacy attorney, and Security Chief Innovation Officer as they breakdown real-life examples of data breaches and incident responses, and how they could have been proactively avoided.

    Discover how to:
    - Help your organization avoid, or worst case be prepared for an incident response vs. a data breach
    - Utilize data discovery combined with granular file-level encryption to develop a Zero Trust DLP strategy for 2021 and beyond
    - Have confidence in your overall data protection strategy

    Benefit from our panel's seasoned industry leadership and data security experience to help you get a handle on an emergency that every business must be prepared to confront.

    Gain invaluable insights as to how to avoid becoming the next breach victim from Spirion, Atakama and Mainline.
  • What to Prioritize During Uncertain Times: Data Protection & Privacy Recorded: Jan 12 2021 50 mins
    Allison Kazerounian (Spirion) with Panelists: Heidi Shey (Forrester), Jennifer Mailander (Fannie Mae)
    We are all adapting to an ever-changing environment that forces us to work, learn, and live differently than we ever have before. Cybercriminals also do not rest during uncertain times. For these bad actors, a global pandemic and its workforce challenges become a new attack vector – an overt opportunity for personal data theft and cybercrime. We recognize the struggle front-line IT professionals are experiencing today and have teamed with the experts in cybersecurity to guide you in how to keep your organization operating and compliant by protecting one of your most important assets, personal data.

    In this webinar, our guests, Heidi Shey, Principal Analyst, Forrester, Robert Eckman, CISO, Kent State University, and Jennifer Mailander, Deputy General Counsel, Fannie Mae discuss:

    -Today’s most critical security risks
    -What technologies, processes, and protection measures are most important
    -How to keep data protection and privacy top of mind

    Moderator - Allison Kazerounian | Director of Product Marketing, Spirion
    Panelist - Heidi Shey | Principal Analyst, Forrester
    Panelist - Jennifer Mailander | Deputy General Counsel, Fannie Mae
  • GDPR: Lessons Learned From 200 Companies Who Got It Wrong Recorded: Jan 5 2021 62 mins
    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion
    About: Since EU supervisory authorities began GDPR enforcement in May of 2018, over 200 companies and government agencies have been punished for privacy and security failures by EU authorities. Those companies include both marquee and non-household brands where close to €400M in proposed fines were issued. The failures to comply were attributable to not having basic privacy and security practices in place. In this webinar, we will review several post-mortems, determine what went wrong, and discuss the implications for not complying with the privacy and security requirements of the GDPR going forward.

    Key takeaways include:

    -Understanding what regulators consider when issuing a penalty

    -Generating better privacy success measurements by leveraging the NIST Privacy Framework and ISO 27701

    -Applying these lessons for California Consumer Privacy Act (CCPA) compliance

    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion

    Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery. Scott is a member of the bar in Washington state, California, and the District of Columbia.
  • GDPR vs. CCPA vs. CCPA 2.0: 10 Critical Differences Recorded: Dec 29 2020 60 mins
    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion
    “The CCPA is just the U.S. version of the GDPR.”

    “If I’m compliant with the GDPR, I’m also compliant with the CCPA.”

    “Personal data under GDPR is the same as personal information under CCPA.”

    All of this common wisdom about the GDPR and CCPA is arguably false. In fact, there are numerous differences, some great and some subtle, between the two that serve as traps for the unwary. Add to this the upcoming CCPA 2.0, with its new class of (and significant restrictions on the use of) personal information, and the potential for consumer complaints and disputes with supply-chain members becomes dramatic. In this interactive webinar, a privacy and security industry veteran will analyze, compare, and contrast these laws and offer insight into what they mean for your data protection program.

    Takeaways include:

    -Key differences between the three laws that impact your data protection strategy
    -Avoiding conflicts with supply-chain members and other business partners
    -How to leverage current compliance efforts for CCPA 2.0 and other upcoming data protection laws

    Speaker: Scott M. Giordano, Esq., V.P., Data Protection, Spirion

    Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Scott has held senior positions at several legal technology firms and is listed as co-inventor on Intelligent Searching of Electronically Stored Information, patent application no. 13/842,910. In addition, he taught the first law school course anywhere on electronic evidence and e-discovery. Scott is a member of the bar in Washington state, California, and the District of Columbia.
Discover, Classify, and Protect Data - Wherever it lives
Spirion has relentlessly solved real data protection problems since 2006 with accurate, contextual discovery of structured and unstructured data, purposeful classification, automated real-time risk remediation, and powerful analytics and dashboards to give organizations greater visibility into their most at-risk data and assets.

Spirion’s privacy-grade™ data protection software enables organizations to reduce risk exposure (protect against data breaches and avoid costly fees), gain visibility into their data footprint—wherever it lives, improve business efficiencies and decision-making while facilitating compliance with ever-changing data protection laws and regulations.

With solutions offered both in a highly-scalable cloud architecture or on-premise, Spirion is equipped to help protect what matters most—the personal data of our customers, our colleagues, and our communities.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Utah protects mountains of data with the Cybersecurity Affirmative Defense Act
  • Live at: May 20 2021 5:00 pm
  • Presented by: Walt Brooks (Utah House Representative) & Scott M. Giordano (General Counsel at Spirion)
  • From:
Your email has been sent.
or close