Preparing and Implementing an Information Security Program
Created on August 24, 2020
Companies that do business in certain states or that operate in certain industries are obligated to create and implement their own information security programs (ISPs). ISPs are detailed plans that are designed to protect the confidentiality, integrity, and availability of the company's sensitive data. Companies require legal assistance in developing their ISPs, to ensure that they comply with applicable legal, regulatory, and contractual requirements.
In this program, Michael J. Riela of Tannenbaum Helpern Syracuse & Hirschtritt LLP and Elizabeth Vandesteeg of Sugar Felsenthal Grais & Helsinger LLP will discuss the issues that comprehensive ISPs normally address, and how lawyers assist in preparing and implementing an ISP. For example, lawyers will be called upon to answer questions about what personally identifiable information is the company obligated to protect, and what types of information security practices are likely to be found to be reasonable in the event of subsequent litigation or regulatory enforcement action.
- Review the laws and regulations that require companies to prepare and implement ISPs
- Identify the issues that must be addressed in a comprehensive ISP
- Analyze the lawyer's role in the preparation, implementation, and revisions of ISPs
Gain access to this course, plus unlimited access to 1,700+ courses, with an Unlimited Subscription.Explore Lawline Subscriptions