Boston Professional Events List

Data Privacy: Protecting Your Organization, Customers & Employees - ISG231

Apr 24, 2017 - 07:00 AM - Apr 26, 05:00 PM
Hilton Boston Back Bay 40 Dalton Street Boston, MA United States 02115 ,

MA ,
ZIP: 02115
Phone: (508) 879-7999

2017 Course Dates Coming Soon

Identity theft, security breaches, and other data privacy issues have taken over the headlines.  Companies of all shapes and sizes process Personally Identifiable Information (PII) and other sensitive data, be it for internal employees or external customers and partners. Certain data may be more valuable to hackers, but all industries are at risk of data breaches—retail, education, government, manufacturing, and health care companies all manage prized information.  A data breach is costly—according to the Ponemon Institute’s 2014 Cost of Data Breach Study: Global Analysis, the average organizational cost of a breach was $3.5 million USD, up 15% from the previous year—so it behooves an organization to understand its threats, its risk posture, its weaknesses, and its processes around data protection and privacy.

This three day course will help attendees understand the myriad and ever-changing data privacy laws and regulations, both U.S.-based and international. We will look at state-by-state comparisons, the role State Attorney Generals play in privacy protection, and touch on which industries and countries have particular rules that must be adhered to.

This seminar will focus on controls, not theory. The instructor will identify the many controls—some that may be present, others that are new—that will allow attendees to meet privacy objectives. You will discover how less popular processes, such as a privacy impact assessments, can be leveraged alongside more traditional processes like risk analysis, employee awareness, and data encryption to obtain proper due care and due diligence. You will explore identity management, data surveillance, and other forms of monitoring as a way to ensure data privacy.

Privacy considerations as they relate to data warehouses, onshore and offshore outsourcing, and cloud computing will be addressed. We will take a special look at mobile device data privacy and the complications that arise when enterprise data is comingled with personal data. Mobile computing presents new challenges, and attendees will talk about tools and techniques that can be applied to ensure test data is valid, meaningful, and protected by implementing a data obfuscation solution.
By completing this course, you will learn how to build a successful privacy office from the ground up. This process includes forming a committee charter and an incident response team that is at-the-ready when data privacy issues arise.

Prequisites: Fundamentals of Information Security (ISG101)​ ​or have equivalent experience
Advance Preparation: None
Learning Level: Intermediate
Field: Specialized Knowledge and Applications
Delivery Method: Group-Live

Who Should Attend

Information Security Managers and Practitioners; Data Privacy Officers or Administrators; Data Security Specialists, and Security Administrators; Application Programmers and Test Analysts; IT Auditors, Audit Managers and External Auditors


What You Will Learn:

1. Definitions
• privacy terminology
• Personally Identifiable Information (PII)
• Protected Health Information (PHI)
• private information: customers, constituents, educators, employees and business partners
• what does privacy mean to you?

2. Legal Requirements
• current and future US privacy legislation
• state legislation
• attorney generals and FTC involvement
• around the world
• sectorial legislation

3. Privacy and Information Security Strategies and Objectives
• privacy and information security strategies and how they converge
• roles and responsibilities of the Chief Privacy Officer and the Privacy Office (committee charter offered)
• privacy policy (privacy policy template offered)
• setting up and activation of incident response team

4. Privacy Strategy Tools
• Privacy Impact Assessment (PIA) defined
• PIA model (offered in soft copy for immediate use)
• risk analysis: (tool offered in soft copy for immediate use)

5. Tools to Achieve Legal and Regulatory Compliance
• technical controls: cryptography, malware prevention, authentication, etc.
• administrative control: awareness, data inventory (tools offered for immediate use), etc.

6. Privacy and Data Outside the Security Perimeter
• cloud computing
• outsourcing
• mobile computing, including smartphone

7. Data Anonymity and Obfuscation
• processes and procedures for successful test data

8. Identity Theft
• how your corporate program can help individuals

9. Future Issues in Data Privacy and Identity Theft

Event Categories
Keywords: fun, analysis, applications, assessment , Fun , government , Health , implement, learn, Learning


Events Calendar

26 27 28 29 30 31 1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 1 2 3 4 5 6

Tag Cloud

Event Location


VIP Life Time Subscription to our Newsletters!