Day One: 9:00 a.m. - 5:00 p.m.
Morning Session: 9:00 a.m. - 12:45 p.m.
9:00 Welcome and Opening Remarks
Francoise Gilbert, Thomas J. Smedinghoff
9:15 Legislative and Regulatory Trends in U.S. Privacy and Security Law
- Are we starting on a new direction for privacy and security regulation?
- Key federal legislative and regulatory developments
- Federal policy and enforcement initiatives
- Key state legislative and regulatory developments
- Self-regulation vs. government regulation: Where are we headed?
Thomas J. Smedinghoff, Holly K. Towle
10:15 Health Privacy and Security: HIPAA Applies to Everyone Now!
- HIPAA and HITECH Act overview
- Understanding the primary HITECH changes and their application beyond covered entities
- Evaluating the biggest risk areas for covered entities and business associates
- Assessing what's still to come
- Updates on enforcement and investigations
- Health care privacy and the impact on health care reform
Jean Marie R. Pechette, Hilary M. Wandall
11:15
Networking Break
11:30
Information Security Breaches: The Saga Continues
- Identifying an incident
- Undertaking the initial response
- Conducting a forensic investigation
- Coordinating with law enforcement
- Implementing an incident response plan
- Coordinating notification to affected individuals
- Setting up the call center and identity restoration service
- Preparing website materials
- Managing state attorneys general and federal agencies
- Managing the press
- Handling litigation risks
Keith G. Chval, Michael Deer, Jeanette Fitzgerald, Amy E. Yates
12:45
Lunch Break
Afternoon Session: 1:45 p.m. - 5:00 p.m.
1:45
The Rise of Privacy Litigation - New Causes of Action, New Legal Theories
- Survey of claims related to marketing, unfair competition, misuse of data, security breach
- Liability and damage issues
- Statutes with private right of action
- Unsolicited fax and junk email cases
- Behavioral advertising, zombie cookies, and tracking cases
- Social networking and social gaming litigation
- Apps, mobile, texting and location issues
- How to successfully defend privacy class action suits
Ian C. Ballon, James G. Snell
2:45
Networking Break
3:00
Ethics and Risk Management for Privacy Professionals
- Ethical challenges in e-discovery
- Rules of the road for lawyer use of social media
- Protecting the attorney-client privilege in the digital domain
- Data security concerns for law firms and law departments
- Special ethics concerns for privacy lawyers
Merri A. Baldwin, Kathryn J. Fritz
4:00
Being a Chief Privacy Officer - Greater Challenges, Smaller Budget
- How to integrate privacy compliance and best practices
- How to measure success
- The many layers of the training program
- How to address privacy challenges in an ailing economy
Peter M. Lefkowitz, Jeff Rohlmeier, Jacob Springer
5:00
Adjourn
DAY TWO: 9:00 A.M. - 4:45 P.M.
Morning Session: 9:00 a.m. - 12:15 p.m.
9:00
Global Issues - Privacy and Data Protection in a Global Environment
- Data Protection 2.0 in the European Union; the overhaul of the EU Data Protection Regime; recent developments
- Creating and managing a multi jurisdictional privacy program for a B2C company
- How to respond to a security breach in a global environment
- Risks and pitfall in conducting an employee investigation in a global organization
Francoise Gilbert, Lynn A. Goldstein, Christine E. Lyon, Michael A. Stoker
11:00 Networking Break
11:15 Clouds Without Borders - How to Ensure Privacy and Security in the Cloud
- Jurisdictional uncertainties
- Regulatory compliance concerns in borderless clouds
- Best practices in selecting services providers
- Poking holes in your vendor’s privacy and security policies
- Negotiating effective contractual protections for privacy and data security
Francoise Gilbert (Moderator), Geff Brown, Rebecca S. Eisner, Nikita Reva
12:15 Lunch Break
Afternoon Session: 1:30 p.m. - 4:45 p.m.
1:30 Understanding the Current Online Behavioral Advertising Landscape
- The business case for behavioral advertising
- How behavioral advertising works
- Emerging legislation and regulation in the U.S. and EU
- Current industry self-regulatory efforts
- Enforcement trends
- Super cookies: The next frontier
Liisa M. Thomas
2:30 Networking Break
2:45 Privacy and Security Enforcement Agenda: The Regulator’s Perspective
- What privacy and security practices are currently in regulators' sights?
- The changing focus of regulator priorities
- Practical insights businesses can gain from recent privacy and security enforcement actions
- When under a regulator’s scrutiny, what can you do to show yourself in the best possible light?
- Breach notification as a trigger for regulatory scrutiny
- What regulators wish companies knew about privacy and security
Ruth Hill Bro (Moderator), Sara Cable, Esther Chavez, Christopher N. Olsen
3:45 Trend Lines in Privacy and Cybersecurity Law and Policy: Converging or Diverging?
- Are legislative and administrative policies for data privacy and data security complementary, or are they in conflict?
- Has the recent wave of data security laws (such as state breach notification laws) enhanced consumer privacy?
- What does the increasing focus on national cybersecurity portend for U.S. data privacy law and policy in general in the coming years?
- What are the collective effects on privacy of government surveillance and private sector “dataveillance”
- How have EU-style approaches to privacy as a fundamental right been affected by government and private sector initiatives on cybersecurity?
Martin Abrams
4:45 Adjourn
Co-Chair(s)
Speaker(s)
Martin Abrams ~ President, Center for Information Policy Leadership, Hunton & Williams
Ruth Hill Bro ~ 2008-2009 Chair, ABA Section of Science & Technology Law,
Geff Brown ~ Assistant General Counsel, Microsoft Corporation
Sara Cable ~ Assistant Attorney General, Consumer Protection Division, Office of Attorney General Martha Coakley
D. Esther Chavez ~ Senior Assistant Attorney General, Consumer Protection Division, Office of the Texas Attorney General
Christopher N. Olsen ~ Assistant Director, Division of Privacy and Identity Protection, Federal Trade Commission
Nikita Reva ~ Project Manager, Global Information Security, MARS Information Services
Jacob Springer ~ Division Counsel, Legal Regulatory & Compliance, Abbott Laboratories
Amy E. Yates ~ Global Lead Counsel for Data Security and Data Privacy/Chief Privacy Officer, Avanade Inc.
Program Attorney(s)
Chicago Seminar Location
University of Chicago Gleacher Center, 450 N. Cityfront Plaza Drive, Chicago, Il 60611. (312) 464-8787.
Chicago Hotel Accommodations
Intercontinental Hotel Chicago, 505 North Michigan Avenue, Chicago, IL 60611. 800-628-2112. Please contact directly in order to receive the preferred rate. When calling, please mention PLI and the name of the program you are attending.
Sheraton Chicago Hotel & Towers, 301 E. North Water Street, Chicago, IL 60611. (312) 464-1000.
PLI's live programs are approved in all states that require mandatory continuing legal education for attorneys, except Arizona. Please be sure to check with your state for details.
Please check the CLE Calculator above each product description for CLE information specific to your state.
Special Note: In New York, newly admitted attorneys may receive CLE credit only for attendance at "transitional" programs during their first two years of admission to the Bar. Non-traditional course formats such as on-demand web programs or recorded items, are not acceptable for CLE credit. Experienced attorneys may choose to attend and receive CLE credit for either a transitional course or for one geared to experienced attorneys. All product types, including on-demand web programs and recorded items, are approved for experienced attorneys.
Please note: The State Bar of Arizona does not approve or accredit CLE activities for the Mandatory Continuing Legal Education requirement.
If you have already received credit for attending some or the entire program, please be aware that state administrators do not permit you to accrue additional credit for repeat viewing even if an additional credit certificate is subsequently issued.
Credit will be granted only to the individual on record as the purchaser unless alternative arrangements (prearranged groupcast) are made in advance.