DOWNLOAD - MANAGING PRIVACY COMPLIANCE

Document Sample
DOWNLOAD - MANAGING PRIVACY COMPLIANCE Powered By Docstoc
					Course Leader                                This program has been accredited by the Law Society of Upper Canada
David M. W.                                       towards the professional development requirement for certification.
Young,                                                                      Corporate & Commercial Law: 10 hours.
Lang Michener
LLP

Course Leader
Terry McQuay,
Nymity Inc.




                   3 MANAGING
Patrick D.                 rd
Flaherty,
Torys LLP




                     PRIVACY
Tracy Ann
Kosa,
Government
of Ontario
PIA Centre of
Excellence
Nicole Kutlesa,




                     COMPLIANCE
Osler, Hoskin &
Harcourt LLP



George C. Eyre,
George C. Eyre,
Law Offices

                                 Enforcing sound practices, reducing vulnerabilities and mitigating
Maureen                          risks
L. Murphy,
Gowling Lafleur
Henderson LLP                     “Very knowledgeable,                                                     “Great Materials &
(Ottawa)                          professional presenters.”                                                Examples.”
Fazila Nurani,
PrivaTech
Consulting
                   March 22 & 23, 2010, Toronto                    Two-Day Event!
John Russo,
Equifax
Canada Inc.        Workshop Included: The Five Critical Steps for Avoiding a Privacy Breach
                   participating organizations
Gillian Shearer,   BMO Financial Group                                            Lang Michener LLP
Bruce Power
                   Bruce Power                                                    Nymity Inc.
                   Equifax Canada Inc.                                            Osler, Hoskin & Harcourt LLP
                   George C. Eyre, Law Offices                                    PrivaTech Consulting
Shelley Samel,     Gowling Lafleur Henderson LLP                                  Torys LLP
Gowling Lafleur    Government of Ontario PIA Centre of Excellence                 Unilever Canada Inc.
Henderson
(Toronto) LLP      Hicks Morley Hamilton Stewart Storie LLP                       vpi Inc.

Ruth Rapoport,
                   course highlights
Unilever           •   Best practices for designing and implementing a privacy compliance program
Canada Inc.
                   •   How to research, prepare and write a privacy impact assessment
                   •   Strategies for minimizing the damage to reputation in the event of a breach
Scott T.
                   •   Legal risks associated with employee surveillance and monitoring
Williams,          •   Minimizing privacy exposure in outsourcing relationships
Hicks Morley       •   International privacy laws and their impact on business practices
Hamilton
Stewart Storie     •   Privacy practices to prevent ID theft
LLP

as well as:        who should attend
Lisa McKay,        -   VPs, Directors & Managers responsible for:Privacy Compliance, Security, Internal Audit, IT & IS
BMO Financial      -   General Counsel
Group
                   -   Corporate & In-House Counsel
Curtis             -   Lawyers
McDonnell,
vpi Employment     -   Litigators
Services           -   Consultants
FACULTY

COURSE LEADERS
DAVID M.W. YOUNG                                   Ontario PIA Centre of Excellence. She has             of public and private sector clients on all issues
David M.W. Young is a Partner and co-chair         10 years of privacy experience across Canada          related to labour and employment matters in
of the Privacy Law Group at Lang Michener          working with federal and provincial legislation       both unionized and non-unionized setting.
LLP. His practice focuses on regulatory law        in the public and private sectors.
with an emphasis on privacy, product regula-
tion and organizational compliance.
                                                                                                         LISA MCKAY
                                                   NICOLE KUTLESA                                        Lisa McKay manages privacy breaches for the
                                                   Nicole Kutlesa is a member of Osler, Hoskin &         global privacy office at BMO Financial Group.
TERRY MCQUAY                                       Harcourt LLP’s Franchise and Distribution Spe-
Terry McQuay is the founder and President          cialty Group and Marketing & Distribution Practice
of Nymity Inc. He is the Canadian Co-Chair         Group. Nicole regularly advises on marketing,         GILLIAN SHEARER
                                                   trade practice, regulatory and privacy matters.       Gillian Shearer is the Code of Conduct &
of the International Association of Privacy
                                                                                                         Privacy Officer at Bruce Power. She worked
Professionals’ KnowledgeNet and a Certified
                                                                                                         in private practice in the areas of labour and
Information Privacy Professional.                  FAZILA NURANI                                         employment, health and safety, human rights,
                                                   Fazila Nurani, Founder of PrivaTech Consult-          and privacy.
                                                   ing, is a privacy and information security consul-
  CO-LECTURERS                                     tant, lawyer and trainer for the public and private
                                                   sectors. She advises businesses in a range of         SHELLEY SAMEL
                                                   industries on privacy and security best practices.    Shelley Samel is a partner in the Toronto office
                                                                                                         of Gowling Lafleur Henderson LLP, practis-
GEORGE C. EYRE                                                                                           ing in the area of intellectual property, with a
George C. Eyre has been well known in the          RUTH RAPOPORT                                         focus on advertising and marketing law.
I/T industry since 1988 when he was called to      Ruth Rapoport is Assistant General Counsel at
the bar. He is an ex-computer consultant who       Unilever Canada Inc. Her practice at Unilever         MAUREEN L. MURPHY
had ten years experience in the computer field     includes marketing, advertising, regulatory,          Maureen L. Murphy, a Partner at Gowling Laf-
with companies such as Bell Canada and IBM         packaging and labelling law for foods and home        leur Henderson LLP, practices in the areas
before returning to law school.                    and personal care products and privacy issues.        of medical law and privacy law. She advises
                                                                                                         clients on privacy compliance, developing
PATRICK D. FLAHERTY                                JOHN RUSSO                                            privacy policies and responding to privacy
Pat Flaherty’s practice at Torys LLP focuses on    John Russo is Vice President, Legal Counsel           breaches.
civil litigation, with an emphasis on corporate/   for Equifax Canada Inc. His responsibilities
commercial, intellectual property, information     include, global sourcing, all security and com-       CURTIS MCDONNELL
technology, competition, privacy and media law.    pliance, government and legislative relations,        Curtis McDonnell is General Counsel at vpi
                                                   corporate governance and privacy functions.           Inc. His practice consists of employment and
                                                                                                         labour matters. Curtis has particular interest
TRACY ANN KOSA
                                                   SCOTT WILLIAMS                                        and involvement in privacy law and was Co-
Tracy Ann Kosa is currently a Privacy Impact
                                                   Scott Williams, a Partner at Hicks Morley Ham-        Chair of FMC’s Privacy Law Group in Ontario.
Assessment Specialist with Government of
                                                   ilton Stewart Storie LLP, advises a wide variety




COURSE PROGRAM
DESIGNING AND IMPLEMENTING A PRIVACY                                         OVERVIEW OF PRIVACY LAW IN CANADA
COMPLIANCE PROGRAM
                                                                             The regulatory landscapes surrounding privacy is increasingly complex
A large and continually growing challenge for all businesses is the ef-      and continually evolving to address emerging issues. In order to put an
fective management of information and privacy compliance. Privacy            effective program in place to avoid costly litigation and damage to cor-
compliance requires the effective implementation of sound privacy            porate reputation, a thorough understanding of the current state of the
policy and practices. This session will provide an overview of what goes     law is required. This session will review privacy law in Canada, focusing
into creating and implementing a privacy compliance program that ad-         on the latest regulatory developments and enforcement priorities.
dresses business processes, systems and applications changes, train-
ing and education and other infrastructure and support requirements.         · Recent findings by the Federal Privacy Commissioner
                                                                             · PIPEDA and provincial privacy regime overview:
· Elements of an effective privacy compliance program                          current state of the law
· Utilizing a systematic and structured approach to privacy compliance       · The latest federal and provincial regulatory developments
· Supporting privacy policy with a governance framework,                     · Enforcement priorities relating to privacy
  procedures and an ongoing plan to monitor its effectiveness                · Enforcement and penalties
· Assembling a multidisciplinary privacy team                                · Recent case law and the latest guidelines
· Auditing your information handling practices                               · Ensuring privacy compliance in multiple jurisdictions
· Addressing all aspects of collection, use, disclosure,
  retention and destruction of personal information
· Establishing privacy policies
· Practical case illustrations, best practices & lessons learned
CONDUCTING PRIVACY IMPACT ASSESSMENTS                                      ADDRESSING INCREASING ONLINE PRIVACY CONCERNS

One of the first and most important steps in implementing a successful     With the amount of business being done on the internet, it is critical to
privacy compliance program is the development of an effective privacy      consider the unique privacy threats posed by online business activity,
policy and conducting privacy impact assessments (PIA) in order to         especially in response to the growth in online fraud and identity theft
discover ways to mitigate or avoid privacy incidents. This session will    that is undermining public confidence in online commerce. This session
examine the role that privacy impact assessments play.                     will look at how you can best safeguard privacy online.

· How to research, prepare and write a privacy impact assessment           ·   Techniques being used to extract sensitive personal information
· Privacy concepts that should be addressed if and                         ·   Responding to the threat
  when you implement a PIA                                                 ·   Practical and legal privacy issues raised by using the Internet
· Practical benefits, techniques and formats for PIAs and PIA reports      ·   Steps to take to protect your business and customers online
                                                                           ·   Protecting yourself against phishing and pharming
PRIVACY BREACH GUIDELINES: POST-BREACH                                     ·   Managing online risk and liability
BEST PRACTICES                                                             ·   E-mail privacy and security issues
                                                                           ·   Conducting a web site compliance audit
A privacy breach can have disastrous impact on your business as well
as your company’s reputation. The seriousness of such an occurrence        E-COMMERCE TECHNICAL, SECURITY & PRIVACY ISSUES
has led to the release by the Office of the Privacy Commissioner of a
new set of guidelines for responding to a data breach. This session will   There are a host of new technologies and systems that can be used to
examine what your responsibilities are in the event that your organiza-    achieve privacy compliance. This session will review the latest techni-
tion experiences a breach as well as post-breach best practices for        cal, security and privacy trends and techniques that can be considered
mitigating any damage.                                                     to safeguard and protect confidential information and facilitate its
                                                                           authorized use and disclosure.
· Breach containment practices
· Response and notification requirements                                   · Encryption
· Strategies for minimizing the damage to reputation                       · Designing privacy protections into a new system or
  in the event of a breach                                                   the re-design of a system
· Developing and implementing a privacy response process                   · Disclosure & Requests
· Establishing effective communication procedures                          · Technical, privacy and security issues for web 2.0:
· Managing the fallout: immediate actions to minimize your liability         cloud computing and social networking
· Managing an internal investigation of the breach
                                                                           PRIVACY PRACTICES TO PREVENT ID THEFT
EMPLOYEE AND WORKPLACE PRIVACY ISSUES
                                                                           With the vast amount of personal information now being held by organi-
Privacy at the workplace is becoming a critical issue with the growing     zations, there is a growing concern in our society over the potential for
potential to monitor employees through the use of new technology,          identity theft and data breaches. Companies have a duty to adequately
communications systems and internal reporting mechanisms. This             protect personal information from unauthorized uses and may be sub-
panel discussion will address how to remain privacy compliant in the       ject to penalties as well as to damages to reputation and customer trust
collection, use and disclosure of employee information in addition to      if they fail to protect that data. This session will discuss how to protect
other emerging workplace privacy issues.                                   your brand and customers from this growing threat.

· Compliant information gathering to investigate employee misconduct       ·   Legal implications of ID theft
· Creating an employee personal information management program:            ·   Best practices for preventing and minimizing the risk of ID theft
  legal obligations with respect to document retention                     ·   Blocking and filtering technologies
· Legal risks associated with employee surveillance and monitoring         ·   Indemnification and insurance
· Impact of technology: RFID, GPS, biometrics, voice recognition,          ·   Government initiatives
  health records, phone monitoring, text messaging, email,                 ·   Notification requirements in the event of a breach
  social media and internet use in the workplace                           ·   Implementation of effective authentication practices and processes
                                                                           ·   Challenges facing consumers today
MAINTAINING PRIVACY COMPLIANCE
WHEN OUTSOURCING

Companies continue to outsource a wide variety of functions to third-
party service providers, thus exposing themselves to privacy risks
                                                                           WORKSHOP
pertaining to shared information. What can be done to mitigate privacy
concerns when outsourcing? This session will focus on best practices       THE FIVE CRITICAL STEPS FOR AVOIDING A
for managing privacy issue and safeguarding information when entering      PRIVACY BREACH
into outsourcing relationships with third parties.
                                                                           This workshop session will focus on cost-effective strategies that
·   Minimizing privacy exposure in outsourcing relationships               should be implemented to avoid the five biggest mistakes that lead
·   Best practices for remote information security                         to privacy and security breaches. The session will lead participants
·   Evaluating third party compliance                                      through the key components of an effective privacy management
·   Unique vulnerabilities of remote data                                  program. The cost of a breach can devastate a company, so proactive
·   Addressing data privacy and security protection in                     efforts to avoid a breach pay off. Lessons learned from recent breaches
    outsourcing service agreements                                         will be reviewed, and participants will have the opportunity to discuss
                                                                           their experiences and challenges when managing privacy responsibili-
                                                                           ties internally.

                                                                           ·   Building internal accountability
                                                                           ·   Developing effective policies and procedures
                                                                           ·   Implementing critical personal information safeguards
                                                                           ·   Introducing an effective privacy training program
                                                                           ·   Monitoring compliance
MULTIMEDIA PRESENTATIONS
Register for Managing Privacy Compliance and we will give you free of charge a CD-ROM comprising the following virtual presentations from
recent Federated Press courses and conferences. Presented in their entirety with complete audio and accompanying PowerPoint slides totaling
520 minutes of expert learning, these presentations are an added bonus to this year’s course. Bear in mind that these presenters are not
necessarily those that you will see and hear at this year’s course.



Privacy Assessments and Audits                                  Third-party access & disclosure                                  Taking a Swipe at Credit Card Fraud
Michael Power,                                                  Erfa Alani,                                                      Brenda Lo,
Ontario Smart Systems for Health Agency                         IBM Business Consulting Services                                 Deloitte & Touche LLP
Time: 42 Slides: 14                                             Time: 34 Slides: 13                                              Time: 71 Slides: 11

The Role of The Privacy Officer                                 Privilege and Privacy Issues                                     Meeting the Challenges of
Anne Lavigne,                                                   in E-Discovery                                                   Consent & Compliance
Ottawa General Hospital                                         Susan Nickle,                                                    Judy Farrell,
Time: 35                                                        Wortzman Nickle Professional Corporation                         London Health Sciences Centre and
                                                                Time: 60 Slides: 28                                              St Joseph’s Health Care London
Overview of Privacy Law in Canada                                                                                                Time: 47 Slides: 24
Wendy Gross,                                                    Carrying Out Your IT Disaster Plan
McCarthy Tétrault LLP                                           Akhil Bhandari,                                                  Access privacy issues relevant to EDRM
Time: 77 Slides: 43                                             CCL Industries Inc.                                              Kris Klein,
                                                                Time: 39 Slides: 10                                              Law Office of Kris Klein
Online Privacy & Security:
Protecting corporate data                                       Compliance When Outsourcing:
J. Fraser Mann,                                                 New Rules & Risks
Miller Thomson LLP                                              Barry Rowland,
Time: 40 Slides: 31                                             Ernst & Young LLP
                                                                Time: 35 Slides: 17


                                                                                                        Audio/Video segments clickable slide by slide
                                                                                                        Papers and overheads also included
                                                                                                        Print any of the material for your own use




                                                                                                                                          PROCEEDINGS CD - ROM

Registration: To reserve your place, call Federated Press toll-free at 1-800-363-0722. In         Cancellation: Please note that non-attendance at the course does not entitle the registrant
Toronto, call (416) 665-6868 or fax to (416) 665-7733. Then mail your payment along with the      to a refund. In the event that a registrant becomes unable to attend following the deadline for
registration form. Places are limited. Your reservation will be confirmed before the course.      cancellation, a substitute attendee may be delegated. Please notify Federated Press of any
Location: Novotel Toronto Centre Hotel, 45 The Esplanade, Toronto, Ontario, M5E 1W2               changes as soon as possible. Federated Press assumes no liability for changes in program
                                                                                                  content or speakers. A full refund of the attendance fee will be provided upon cancellation in
Cost: The attendance fee for the course is $1825 per person and covers attendance for one         writing received prior to March 9, 2010. No refunds will be issued after this date. Please note
person and the lecturers’ presentation material. The fee further includes lunch on both days,     that a 15% service charge will be held in case of a cancellation.
morning coffee on both days and refreshments during all breaks. You may purchase a Pro-
ceedings CD-ROM containing edited actual proceedings and materials from the course.               Discounts: Federated Press has special team discounts. Groups of 3 or more from the
                                                                                                  same organization receive a 10% discount. Groups of 7 or more from the same organization
Time: This course is a two-day event. Registration begins at 8:00 a.m. The morning sessions       receive a 15% discount.
start promptly at 9:00. The second day ends at 4:00 p.m.
                Payment must be received prior to March 15, 2010                                  Phone: 1-800-363-0722             Toronto: (416) 665-6868            Fax: (416) 665-7733

 TO REGISTER FOR MANAGING PRIVACY COMPLIANCE                                                                                                 REGISTRATION COSTS
  Name
                                                                                                                                             NUMBER OF PARTICIPANTS:
  Title                                                                 Department
                                                                                                                                             COURSE: $1825
  Approving Manager Name
                                                                                                                                             COURSE + PROCEEDINGS CD-ROM:
  Approving Manager Title                                                                                                                    $1825 + $125 = $ 1950

  Organization                                                                                                                               PROCEEDINGS CD-ROM: $499
  Address                                                                                                                                    NOTE: Please add 5% GST to all prices.`
  City                               Province                           Postal Code                                                          Proceedings CD-ROM will be available 60
                                                                                                                                             days after the course takes place
  Telephone                          Fax                                e-mail

  Please bill my credit card:                 o AMEX                  o VISA                    o Mastercard                                 Enclose your cheque payable to
                                                                                                                                             Federated Press in the amount of:
  #                                                                     Expiration date:            /
  Signature :

  Payment enclosed: o           Please invoice. PO Number:                                                                                   GST Reg. # R101755163
                                                                                                                                             PBN#101755163PG0001
  WHEN CALLING, PLEASE MENTION PRIORITY CODE:                   MAIL COMPLETED FORM WITH PAYMENT TO:
                                                                Federated Press P.O. Box 4005, Station “A”                                   For additional delegates please duplicate this
  MPCT1003/E                                                    Toronto, Ontario M5W 2Z8                                                     form and follow the normal registration process

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:38
posted:3/8/2011
language:English
pages:4