Key Steps to Data Management Preparedness by Credentialing Bodies in Quasi-Governmental Roles
Track: Security, Records and Data Management
Credentialing organizations are not immune from today’s environment of persistent cyber threats and data breaches. Data breach incidents at non-profit organizations number in the thousands every year. They range from no-harm-no-foul inadvertent misuses of data by employees to crippling operational issues (i.e., ransomware, denial of service without backup data, etc.) to significant legal battles, or a combination of the above. Courts have granted exam takers standing to sue for alleged injuries arising out of the breach of personal information by hackers used for identity theft and credit card fraud. In this session, we will discuss a practical and layered approach to compliance with applicable laws and regulations, ongoing risk assessment, data minimization principles, encryption, system upgrades, staff training, data processing and IT use policies, cyber insurance, and bring-your-own-device (BYOD) exposure. Attorneys and industry professionals familiar with the needs of certification bodies will walk through recommended steps for data management preparedness.