Implementing Privacy by Design, Part 2: Internal Privacy and Data Security Policies

Many states have enacted laws that govern privacy and data security. In New York, for instance, there is no privacy law, but there is a data security law ("Stop Hacks and Improve Electronic Data Security (SHIELD) Act"), which outlines the data security requirements for companies that collect information about or from New York residents. These requirements are similar to the data security laws of other states. In this program, Amy B Goldsmith, Chair of Tarter Krinsky & Drogin's Privacy and Cybersecurity Group and a partner in its Intellectual Property Group, and Jessica A. Robinson, CEO of PurePoint International, a cybersecurity company, will review required internal privacy and data security policies, their implementation, education, and training of employees, and data breach strategies.

 
Learning Objectives:

1. Identify the internal policies required by New York Shield

2. Discuss the education and training requirements

3. Determine best practices for implementation of the policies

4. Review protocols for suspected or actual data breaches