On Demand

Preparing and Implementing an Information Security Program

1h 36m

Created on August 24, 2020





Companies that do business in certain states or that operate in certain industries are obligated to create and implement their own information security programs (ISPs). ISPs are detailed plans that are designed to protect the confidentiality, integrity, and availability of the company's sensitive data.  Companies require legal assistance in developing their ISPs, to ensure that they comply with applicable legal, regulatory, and contractual requirements.

In this program, Michael J. Riela of Tannenbaum Helpern Syracuse & Hirschtritt LLP and Elizabeth Vandesteeg of Sugar Felsenthal Grais & Helsinger LLP will discuss the issues that comprehensive ISPs normally address, and how lawyers assist in preparing and implementing an ISP. For example, lawyers will be called upon to answer questions about what personally identifiable information is the company obligated to protect, and what types of information security practices are likely to be found to be reasonable in the event of subsequent litigation or regulatory enforcement action.

Learning Objectives:

  1. Review the laws and regulations that require companies to prepare and implement ISPs
  2. Identify the issues that must be addressed in a comprehensive ISP
  3. Analyze the lawyer's role in the preparation, implementation, and revisions of ISPs 

Gain access to this course, plus unlimited access to 1,700+ courses, with an Unlimited Subscription.

Explore Lawline Subscriptions