10th Managing Privacy Compliance

Enforcing sound practices, reducing vulnerabilities and mitigating risks
Date: November 4 & 5, 2014
Location: Vancouver
See Full Description: Download PDF

Highlights

Best practices for designing and implementing a privacy compliance program

The latest federal and provincial regulatory developments and enforcement priorities relating to privacy

How to prepare a privacy impact assessment

Strategies for minimizing the damage to reputation in the event of a breach

Legal risks associated with employee surveillance and monitoring

Minimizing privacy exposure in outsourcing relationships

International privacy laws and their impact on business practices

Privacy practices to prevent ID theft

Faculty

FACULTY
COURSE LEADERS
Eleni Kassaris, Blake Cassels & Graydon LLP (Vancouver)
Eleni Kassaris is a Partner at Blake, Cassels & Graydon LLP. She advises clients on all aspects of labour and employment law and has extensive experience with privacy matters arising in the workplace.
D. Lawrence Munn, Clark Wilson LLP
Larry Munn is a Partner at Clark Wilson LLP and Chair of the Privacy Law Group. His practice focuses on administrative and regulatory issues and complex litigation.
CO-LECTURERS
Ryan Berger, Bull Housser & Tupper LLP
Ryan Berger is a Partner at Bull, Housser & Tupper LLP. He advises clients on alternate dispute resolution methods and seeks creative methods to resolve disputes cost effectively. He represents clients in matters before all levels of court as well as numerous administrative tribunals.
Marija V. Bicanic, Shell Canada Limited
Marija V. Bicanic is Privacy Officer & Senior Legal Counsel, Corporate at Shell Canada Limited.
Sarah Bonner, BC Assessment
Sarah Bonner is Manager, Information Access & Privacy, Legal Services at BC Assessment. She initiates, investigates and analyzes proposed and current practices in order to evaluate statutory compliance and identify opportunities for improvement.
Janina M. Kon, Streamline Counsel
Janina M. Kon is Principal & Founder at Streamline Counsel.
Martin P.J. Kratz, Q.C., Bennett Jones LLP
Martin P.J. Kratz is a Partner at Bennett Jones LLP. His practice is focused on intellectual property and technology law, which includes substantive patent, copyright and trademark matters as well as matters of intellectual property transactions.
Sara A. Levine, Alliance Lex Law Corporation
Sara A. Levine is Associate Counsel at Alliance Lex Law Corporation.
Jo-Anne Morefield, Peoples Trust Company
Jo-Anne Morefield is Director of Human Resources at Peoples Trust Company. She has over fifteen years of human resources and business leadership experience. She is involved in privacy issues and training for the organization.
Melinda Russell, Coast Capital Savings
Melinda Russell is Senior Privacy Specialist at Coast Capital Savings. Her responsibilities include creating policy and procedures, risk and impact assessments, access requests and resolving complaints.
Chike Unaegbunam, ATB Financial
Chike Unaegbunam is Director, Privacy Compliance at ATB Financial.
Sze-Mei Yeung, Richards Buell Sutton LLP
Sze-Mei Yeung is a Partner at Richards Buell Sutton LLP. Her practice focuses on Intellectual property law, including anti-spam compliance and privacy issues.

Program

COURSE PROGRAM
Latest Developments in Privacy Law
In order to put into place an effective program to avoid exposure to liability and damage to corporate reputation, a thorough understanding of the current state of the law is required. This session will review privacy law in BC and Canada, focusing on the latest regulatory developments and enforcement priorities.

Recent findings by the Federal Privacy Commissioner

PIPEDA and provincial privacy regime overview: current state of the law

Latest federal and provincial regulatory developments

Enforcement priorities relating to privacy: enforcement and penalties

Recent case law and the latest guidelines

Designing and Implementing a Privacy Compliance Program
This session will provide an overview of what goes into creating and implementing a privacy compliance program that addresses business processes, systems and applications changes, training and education and other infrastructure and support requirements.

Elements of an effective privacy compliance program

Utilizing a systematic and structured approach to privacy compliance

Supporting privacy policy with a governance framework, procedures and ongoing plan to monitor effectiveness

Auditing your information handling practices

Addressing all aspects of collection, use, disclosure, retention and destruction of personal information

Conducting Privacy Impact Assessments
Developing a privacy impact assessment framework is one of the most important steps in implementing a successful privacy compliance program. A sound PIA framework will ensure that organizations comply with their privacy protection responsibilities and identify and address privacy protection issues. This session will examine the role that PIAs play.

Support the organization’s business objectives

Implement practical techniques and formats for PIA templates

Address privacy concepts during an initiative’s early developmental stage

Research, prepare and write a PIA

Develop principles, frameworks and systems for responsible privacy protection

Employee Information and Workplace Privacy Issues
Privacy at the workplace remains an important issue. This session will address how to remain privacy compliant in the collection, use and disclosure of employee information in addition to other emerging workplace privacy issues.

Legal risks associated with employee surveillance and monitoring

Impact of emerging technology

Conducting compliant pre-employment screening

Social media use in the workplace and privacy

Compliant information gathering to investigate employee misconduct

Maintaining Privacy Compliance When Outsourcing
Companies continue to outsource a wide variety of functions to third-party service providers, exposing themselves to privacy risks pertaining to shared information. This session will focus on best practices for managing privacy issue and safeguarding information when entering into outsourcing relationships with third parties.

Minimizing privacy exposure in outsourcing relationships

Best practices for remote information security

Evaluating third party compliance: third party audits

Addressing privacy and security in outsourcing service agreements

Ensuring Compliance with International Privacy Laws
Companies of all sizes are now engaging in global business and, in so doing, they must ensure that they are complying with all applicable international privacy and data protection regulations. This session will look at how to achieve global privacy compliance.

Overview of international privacy laws and their impact on business practices

Ensuring compliance in matters of cross-border data flow

Privacy and Compliance in Cloud Computing
As more data is stored in the cloud, our traditional notions of data ownership and control are being strained. This workshop will examine data ownership and the increasingly rigorous contracts and due diligence practices needed to address these concerns.

Addressing data ownership and access before the data is stored

Data breach readiness

Liability for data breaches

Fundamentals For Privacy Training To Build Accountability
A key aspect of managing privacy compliance and avoiding a breach is to ensure employees are adequately trained on privacy best practices. This discussion details how to develop an effective privacy training program and raise privacy awareness.

• How training fits in to a privacy accountability framework

• What should be included in a complete privacy training program

• Using an effective training format to engage your audience

• New hires and retraining: making mandatory privacy training work

Social Media Privacy Risks
This discussion will examine the privacy opportunities and risks in social media and appropriate measures to minimize exposure to liability related to personal data collection, use, disclosure and maintenance. The following topics will be discussed:

Recent developments in the area of privacy impacting social media

Emerging issues on breaches of privacy and confidentiality

Privacy issues regarding Facebook, Twitter and other popular sites

Risks of misuse of personal data shared online

Securing personal information on social media sites

Impact of Canadian Anti-Spam Legislation on Privacy Laws
The Canadian Anti-Spam Legislation (CASL) establishes obligations for sending commercial electronic messages as well as the installation of computer programs, and prohibits the unauthorized alteration of transmission data. This session will explore the impact of the Canadian Anti-Spam Legislation on privacy laws.

Compliance practices that address process-related aspects of e-marketing campaigns

New consent obligations and related exceptions

Prohibitions on alteration of transmission data in electronic messages

Consequences of non-compliance

Amendments to Canadian privacy laws and related impacts

Privacy Implications of Workplace Drug and Alcohol Testing
There is no legislative regime in Canada that governs drug and alcohol testing in the workplace, making the implementation of testing subject to significant challenges, as it touches on human rights, labour and privacy law. This session will examine the privacy implications of workplace drug and alcohol testing and the restrictive approach taken in Canadian jurisdictions.

Case law: recent Supreme Court of Canada rulings

Drug testing vs. impairment testing

Potential testing options

The "balancing of interests" approach

Dangerous workplaces and the "risk-based" approach

Multimedia Presentations

MULTIMEDIA PRESENTATION
Latest developments in privacy law
Daniel Bourque
Xerox Canada Ltd.
Privacy breach guidelines & practices
Patrick D. Flaherty
Torys LLP
Privacy practices to prevent ID theft
Fazila Nurani
PrivaTech Consulting
Conducting privacy impact assessments
Ilone M. Harrison
Ministry of Government Services
Employee and workplace privacy issues
Scott T. Williams
Hicks Morley Hamilton Stewart Storie LLP
Designing and implementing a privacy compliance program
David M.W. Young
McMillan LLP
Privacy and confidentiality in cloud computing
Howard Simkevitz
Simkevitz Law
Mobile E-commerce security & privacy
Timothy M. Banks
Fraser Milner Casgrain LLP
E-Commerce & online privacy issues
Matthew D. Peters
McCarthy Tétrault LLP
Designing & implementing privacy policies and practices
Eileen Vanderburgh
Alexander Holburn Beaudin & Lang LLP
Addressing increasing social media privacy concerns
Tamara L. Hunter
Davis LLP
Privacy breach guidelines & practices
D. Lawrence Munn
Clark Wilson LLP
Protecting privacy when data is used in testing & training
Jesslyn Dymond
Symcor Inc.
Privacy in the cloud
Howard Simkevitz
Bell Canada
Privacy & social media
Chuck (Shachaf) Ben-Tzur
Atom InfoSec
Designing privacy protection into computer systems
George C. Eyre
Law For Information Technology
Compliance when outsourcing
Alan Gahtan
Gahtan Law Office
Addressing increasing online privacy concerns
Chris Robertson
The Hospital for Sick Children
Ensuring privacy/confidentiality during the investigation
Qian Mou
McCarthy Tétrault LLP
Privacy risks: Privacy infringements and security breaches
Alan M. Gahtan
Gahtan Law Office
Privacy infringements and security breaches
Elena V. Reshetnikova
Accenture
Solving the privacy paradox: How to protect personal information while building client relationships
Claudiu Popa
Informatica Corporation
Protecting privilege, confidentiality and privacy during e-discovery
Dennis W. Brown, Q.C.
Ministry of the Attorney General (Ontario)
Addressing data ownership, privacy, security and compliance concerns
Dr. Chika B. Onwuekwe
Trican Well Service Ltd.
Access to medical information: privacy considerations & legal compliance
Michael Sherrard
Sherrard Kuzz LLP

Participants

Alliance Lex Law Corporation

ATB Financial

BC Assessment

Bennett Jones LLP

Blake Cassels & Graydon LLP (Vancouver)

Bull Housser & Tupper LLP

Clark Wilson LLP

Coast Capital Savings

Peoples Trust Company

Richards Buell Sutton LLP

Shell Canada Limited

Streamline Counsel

Capital Cost Savings

Who should attend

Vice Presidents, Directors & Managers responsible for: Privacy Compliance, Security, Internal Audit, IT & IS; General Counsels,Corporate & In-House Counsel, Lawyers,Consultants

Price

Price list:-
  • Course: $1975
  • Course and Proceedings : $2150
  • Proceedings Only: $599
Order Now>>

View PDF

Additional Information

REGISTRATION:
To reserve your place, call Federated Press toll-free at 1-800-363-0722. In Toronto, call (416) 665-6868 or fax to (416) 665-7733. Then mail your payment along with the registration form. Places are limited. Your reservation will be confirmed before the event.
LOCATION:
Four Seasons Hotel, 791 West Georgia Street, Vancouver, BC, V6C 2T4, 604-689-9333
CONDITIONS:
Registration covers attendance for one person, the supplementary course material as described in this document, lunch, morning coffee and refreshments during breaks are provided for registered duration. The proceedings of the event will be captured on audio or video. Multimedia proceedings with all slides and handouts can be purchased separately on a CD-ROM which will also include the event material.
TIME:
Registration begins at 8:00 a.m. The morning sessions start promptly at 9:00.
CANCELLATION:
Please note that non-attendance at the event does not entitle the registrant to a refund. In the event that a registrant becomes unable to attend following the deadline for cancellation, a substitute attendee may be delegated. Please notify Federated Press of any changes as soon as possible. Federated Press assumes no liability for changes in program content or speakers. A full refund of the attendance fee will be provided upon cancellation in writing received 13 days prior to event date. No refunds will be issued after this date. Please note that a 15% service charge will be held in case of a cancellation.
DISCOUNT:
Federated Press has special team discounts. Groups of 3 or more from the same organization receive 15%. For larger groups please call Sandra Frattolillo at 1-800-363-0722, ext. 223 to get more information.
PAYMENT:
Payment must be received seven days prior to the event date.