Managing Privacy Compliance

Enforcing sound practices, reducing vulnerabilities and mitigating risks
Date: November 19 & 20, 2013
Location: Vancouver
See Full Description: Download PDF

Highlights

Best practices for designing and implementing a privacy compliance program

The latest federal and provincial regulatory developments and enforcement priorities relating to privacy

How to prepare a privacy impact assessment

Strategies for minimizing the damage to reputation in the event of a breach

Legal risks associated with employee surveillance and monitoring

Minimizing privacy exposure in outsourcing relationships

International privacy laws and their impact on business practices

Privacy practices to prevent ID theft

Faculty

FACULTY
COURSE LEADERS
Eve C. Munro, Miller Thomson LLP
Eve Munro is a Partner at Miller Thomson LLP. She practices in the areas of IP law, licensing, IT and privacy law and has an extensive background in business and commercial law. She has over 30 years of experience in acquiring, protecting, exploiting and enforcing IP rights and in managing privacy law compliance programs.
Lorene A. Novakowski, Fasken Martineau Dumoulin LLP
Lorene Novakowski is a Partner at in the Labour, Employment and Human Rights Groups at Fasken Martineau Dumoulin LLP. She leads the firm's regional Privacy Practice Group and is a member of the firm's national Practice Group on Privacy and Information Protection.
CO-LECTURERS
Ryan Berger, Bull, Housser & Tupper LLP
Ryan Berger is a Partner at Bull, Housser & Tupper LLP. He is the firm’s Privacy Officer, Chair of the Privacy Compliance Practice and member of the Cloud Computing Group.
Sarah Bonner, BC Assessment
Sarah Bonner is the Senior Information and Privacy Analyst at BC Assessment, where she supports their information disclosure and protection of privacy program through the development and delivery of policies, standards and systems.
Robert J. C. Deane, Borden Ladner Gervais LLP
Robert Deane, Partner, Borden Ladner Gervais LLP, is National Leader of the Firm's International Trade and Arbitration Group, as well as Vancouver Regional Leader of the Privacy & Access to Information Group and the Advertising, Marketing & Sponsorship Law Group.
Tamara L. Hunter, Davis LLP
Tamara Hunter is a Partner at Davis LLP. She is a member of the firm's Litigation Department and practises in the areas of administrative law, professional regulation law, freedom of information and privacy law and commercial litigation.
Martin P.J. Kratz, Q.C., Bennett Jones LLP
Martin Kratz, QC, is a Partner at Bennett Jones LLP. His practice is focused around IP and technology law, which includes substantive patent, copyright and trademark matters.
Drew McArthur, The McArthur Consulting Group
Drew McArthur is Principal with The McArthur Consulting Group. He was formerly VP Corporate Affairs and Chief Compliance Officer for TELUS Communications, accountable for the development and implementation of TELUS’ privacy policy.
Larry Munn, Clark Wilson LLP
Larry Munn is a Partner at Clark Wilson LLP and Chair of the Privacy Law Group. His practice focuses on administrative and regulatory issues and complex litigation.
Melinda Russell, Coast Capital Savings
Melinda Russell is the Senior Privacy Specialist for Coast Capital Savings. She has worked in the Financial Industry for 17 years prior to her career in Privacy.

Program

COURSE PROGRAM
Latest Developments in Privacy Law
In order to put into place an effective program to avoid exposure to liability and damage to corporate reputation, a thorough understanding of the current state of the law is required. This session will review privacy law in British Columbia and Canada, focusing on the latest regulatory developments and enforcement priorities.

Recent findings by the Federal Privacy Commissioner

PIPEDA and provincial privacy regime overview: current state of the law

Latest federal and provincial regulatory developments

Enforcement priorities relating to privacy: enforcement and penalties

Recent case law and the latest guidelines

Designing and Implementing a Privacy Compliance Program
This session will provide an overview of what goes into creating and implementing a privacy compliance program that addresses business processes, systems and applications changes, training and education and other infrastructure and support requirements.

Elements of an effective privacy compliance program

Utilizing a systematic and structured approach to privacy compliance

Supporting privacy policy with a governance framework, procedures and ongoing plan to monitor effectiveness

Auditing your information handling practices

Addressing all aspects of collection, use, disclosure, retention and destruction of personal information

Conducting Privacy Impact Assessments
Developing a privacy impact assessment (PIA) framework is one of the first and most important steps in implementing a successful privacy compliance program. A sound PIA framework will ensure that organizations comply with their privacy protection responsibilities and identify and address privacy protection issues. This session will examine the role that PIAs play.

Mitigate or reduce the risk of privacy incidents

Support the organization’s business objectives

Implement practical techniques and formats for PIA templates

Address privacy concepts during an initiative’s early developmental stage

Research, prepare and write a PIA

Develop principles, frameworks and systems for responsible privacy protection

Privacy Breach Guidelines & Practices
A privacy breach can have a disastrous impact on your business, as well as your company's reputation. This session will examine what your responsibilities are in the event that your organization experiences a privacy breach, as well as post-breach best practices for mitigating any damage.

Breach containment practices

Privacy breach notification requirements

Strategies for minimizing the damage to reputation in the event of a breach

Developing and implementing an action plan for managing a privacy breach

Establishing effective communication procedures

Employee Information and Workplace Privacy Issues
Privacy at the workplace is becoming a critical issue with the growing potential to monitor employees through the use of new technology, communications systems and internal reporting mechanisms. This session will address how to remain privacy compliant in the collection, use and disclosure of employee information in addition to other emerging workplace privacy issues.

Creating an employee personal information management program

Legal risks associated with employee surveillance and monitoring

Impact of emerging technology

Conducting compliant pre-employment screening

Compliant information gathering to investigate employee misconduct

Maintaining Privacy Compliance When Outsourcing
Companies continue to outsource a wide variety of functions to third-party service providers, thus exposing themselves to privacy risks pertaining to shared information. This session will focus on best practices for managing privacy issue and safeguarding information when entering into outsourcing relationships with third parties.

Minimizing privacy exposure in outsourcing relationships

Best practices for remote information security

Evaluating third party compliance: third party audits

Unique vulnerabilities of remote data

Addressing privacy and security in outsourcing service agreements

Privacy Practices to Prevent ID Theft
With the vast amount of personal information now being held by organizations, there is a growing concern in our society over the potential for identity theft and data breaches. This session will discuss how to protect your brand and customers from this growing threat.

How identity theft most commonly happens

Legal implications of ID theft

Best practices for preventing and minimizing the risk of ID theft

Notification requirements in the event of a breach

Indemnification and insurance

Ensuring Compliance with International Privacy Laws
Companies of all sizes are now engaging in global business and, in so doing, they must ensure that they are complying with all applicable international privacy and data protection regulations. This session will look at how to achieve global privacy compliance.

Overview of international privacy law and their impact on business practices

Developments in international data protection laws

Ensuring compliance across borders and multiple communication channels

Privacy and Compliance in Cloud Computing
There has been a good deal of buzz around cloud computing as businesses explore new ways of taking advantage of this technology. In order to determine if the cloud is right for you and your organization, you need to better understanding the cloud environment and its privacy implications. This presentation will help attendees make informed decisions about migrating to the cloud.

Clarifying what the cloud really is

Identifying potential privacy risks associated with cloud untilization

A practical approach to managing risks associated with the cloud

Multimedia Presentations

MULTIMEDIA PRESENTATION
Designing and implementing a privacy compliance program
David Young
Lang Michener LLP
Preventing & detecting identity theft
John Russo
Equifax Canada Inc.
Privacy breach guidelines and practices
Carol Yee
BMO Financial Group
Employee and workplace privacy issues
Howard Simkevitz
Bell Canada
Maintaining privacy compliance when outsourcing
Mark J. McCans
Blake, Cassels & Graydon LLP
Implementing a comprehensive privacy program at Symcor
Della Shea
Symcor Inc.
What to expect when (not if) you get a privacy complaint
John Wunderlich
John Wunderlich & Associates
Privacy compliance and social networking
Fazila Nurani
PrivaTech Consulting
Privacy impact assessments & privacy policy and procedures
Laura Davison
Deloitte Management Services LLP
Auditing your privacy compliance program
Sharon Tai-Young
Markham Stouffville Hospital
E-Commerce technical, security & privacy issues
George C. Eyre
George C. Eyre, Law Offices
Privacy policy & practices: Best strategies from start to finish
Fariba Anderson
Ontario Lottery & Gaming Corporation (OLG)
Overview of Privacy Law in Canada
Maureen Murphy
Gowling Lafleur Henderson LLP
Privacy breach guidelines & practices
David M.W. Young
Lang Michener LLP
Privacy & social media: What employers need to know
Curtis McDonnell
vpi Inc.
Privacy practices to prevent ID theft
David M.W. Young
Lang Michener LLP
Addressing online privacy concerns
Nicole Kutlesa
Osler, Hoskin & Harcourt LLP
Privacy policy & privacy impact assessments
Tracy Ann Kosa
Ministry of Government Services
Social media in the wired unionized workplace: Privacy considerations and implications
Michael F. Horvat
Ogilvy Renault LLP
Privacy risks: Privacy infringements and security breaches
Alan M. Gahtan
Gahtan Law Office
Privacy & confidentiality in cloud computing
David B. Elder
Stikeman Elliott LLP
Liability for privacy breaches
Jill Dougherty
WeirFoulds LLP
Protecting privacy when data is used in testing & training
Della Shea
Symcor Inc.
Privacy compliance tools & methodologies
Mike Gurski
Bell Security Solutions Inc.
The evolving role of the privacy officer
Claudiu Popa
Informatica Corporation

Participants

BC Assessment

Bennett Jones LLP

Borden Ladner Gervais LLP

Bull, Housser & Tupper LLP

Clark Wilson LLP

Coast Capital Savings

Davis LLP

Fasken Martineau Dumoulin LLP

The McArthur Consulting Group

Miller Thomson LLP

Who should attend

Vice Presidents, Directors & Managers responsible for: Privacy Compliance, Security, Internal Audit, IT & IS; General Counsels,Corporate & In-House Counsel, Lawyers,Consultants

Price

Price list:-
  • Course: $1975
  • Course and CD-ROM : $2150
  • CD-ROM Only: $799
Order Now>>

View PDF

Additional Information

REGISTRATION:
To reserve your place, call Federated Press toll-free at 1-800-363-0722. In Toronto, call (416) 665-6868 or fax to (416) 665-7733. Then mail your payment along with the registration form. Places are limited. Your reservation will be confirmed before the event.
LOCATION:
Metropolitan Hotel Vancouver, 645 Howe Street, Vancouver, BC, V6C 2Y9, 604-687-1122
CONDITIONS:
Registration covers attendance for one person, the supplementary course material as described in this document, lunch, morning coffee and refreshments during breaks are provided for registered duration. The proceedings of the event will be captured on audio or video. Multimedia proceedings with all slides and handouts can be purchased separately on a CD-ROM which will also include the event material.
TIME:
Registration begins at 8:00 a.m. The morning sessions start promptly at 9:00.
CANCELLATION:
Please note that non-attendance at the event does not entitle the registrant to a refund. In the event that a registrant becomes unable to attend following the deadline for cancellation, a substitute attendee may be delegated. Please notify Federated Press of any changes as soon as possible. Federated Press assumes no liability for changes in program content or speakers. A full refund of the attendance fee will be provided upon cancellation in writing received 13 days prior to event date. No refunds will be issued after this date. Please note that a 15% service charge will be held in case of a cancellation.
DISCOUNT:
Federated Press has special team discounts. Groups of 3 or more from the same organization receive 15%. For larger groups please call Sandra Frattolillo at 1-800-363-0722, ext. 223 to get more information.
PAYMENT:
Payment must be received seven days prior to the event date.