Creating Effective and Realistic Privacy Policies

2.75 General CLE Credits | WSBA AV CLE Activity ID#417775

Numerous data breaches have raised the public awareness of the vulnerability of personal data and the importance of understanding and limiting certain types of information. A privacy policy is your companies' promise to employees, customers, and visitors on how their personal information will be handled. A privacy policy can be as simple as a few line notice on a website to a multipage, highly "legalese" document. This training will focus on both aspects by looking at policy development, writing, and maintenance. By the end of this training you will have important tools that, as part of an overall information and security plan, can significantly reduce your client’s exposure.

Overview

Recorded:  12/09/2015
Credits:  2.75 General CLE | WSBA AV CLE Activity ID#417775
Length: 2 hours, 54 minutes

Featured Speakers:
Jeff Brennan, Phil Lee, David Ray

Whether you are writing a single privacy policy or evaluating your client's exiting policy(ies), this training will help provide you with timely tools.

A privacy policy is your companies' promise to employees, customers, and visitors on how their personal information will be handled. A privacy policy can be as simple as a few line notice on a website to a multipage, highly "legalese" document. Numerous data breaches have raised the public awareness of the vulnerability of personal data and the importance of understanding and limiting certain types of information. A privacy policy will not fix a data breach but, developed as part of an overall information and security plan, it can help prepare the entities you represent to understand the implications of the data being managed and limit some types of exposure.

A privacy policy should do two things very clearly: build trust and meet legal requirements. This training will focus on both aspects by looking at policy development, writing, and maintenance:

  • Development: we'll look at the importance of understanding what personal data is going to be collected, why it is being collected, and its present and future uses.
  • Writing: we'll look at key components including data collection, usage, rationale, retention, maintenance, and security. We'll discuss the rapidly changing environment in State and Federal Laws and foreign jurisdiction law and its potential impact.
  • Maintenance: we'll discuss keeping the policy relevant and the importance of ongoing policy review and training.

Agenda

8:30 a.m. Registration and Coffee Service

9:00 a.m. Developing a Privacy Policy: What personal data is going to be collected, why it is being collected, and its present and future uses.

9:45 a.m. Writing a Privacy Policy
Key components will be examined including: data collection, usage, rationale, retention, maintenance, and security. The rapidly changing environment in State and Federal Laws and foreign jurisdiction law and its potential impact will also be discussed.

10:45 a.m. BREAK

11:00 a.m. Maintenance: Keeping a Privacy Policy Relevant and the Importance of Ongoing Policy Review and Training.

12:00 p.m. Evaluation and Adjourn

Presenters:
Jeff Brennan (CIPP/US, CIPP/E) serves as General Counsel and Chief Privacy Officer for Finsphere Corporation.

Phil Lee (CIPP/E, CIPM) is Partner and Head of US Office at Fieldfisher, a European law firm with headquarters in London with Phil running its Silicon Valley office.

David Ray is a Director of Information Governance at Huron Consulting Group.

Presenters

Jeff Brennan (CIPP/US, CIPP/E) serves as General Counsel and Chief Privacy Officer for Finsphere Corporation, a leader in mobile identity-authentication services. Finsphere, which is headquartered in Bellevue, provides services to global corporations including VISA and Vodafone. Jeff has a broad background in data privacy as it relates to business-to-business and consumer segments. On a national basis, Jeff currently serves as Vice-Chair of the Identity Ecosystem Steering Group' Privacy Committee. Jeff holds Certified Information Privacy Professional credentials for both the U.S. and Europe (CIPP/US, CIPP/E) from the International Association of Privacy Professionals.

Phil Lee (CIPP/E, CIPM) is Partner and Head of US Office at Fieldfisher, a European law firm with headquarters in London. Phil runs its Silicon Valley office, from which he and his team provide European legal advice to US businesses on their time zone. Phil specializes in all aspects of international data protection regulation - including global data governance, international data exports, security incident management and regulatory outreach. Phil is both on the Education Advisory Board and also a member of the Privacy Faculty for the International Association of Privacy Professionals, and runs Fieldfisher's Privacy blog at http://privacylawblog.fieldfisher.com.

David Ray is a Director of Information Governance at Huron Consulting Group and is located in Seattle. David is a technologist turned attorney with over 20 years of experience across both information technology and information governance. David holds Certified Information Privacy Professional credentials for both Technologist and Manager (CIPT, CIPM) from the International Association of Privacy Professionals, and is a member of the Washington State Bar Association. David is a frequent panelist and speaker at International Association of Privacy Professionals' events where he focuses on holistic solutions to information challenges.

Pricing

General Registration  - $85.00

SU School of Law Alumni  - $75.00