Key Steps to Data Management Preparedness by Credentialing Bodies in Quasi-Governmental Roles

Track: Security, Records and Data Management

Session Number: 6090
Date: Thu, Nov 21st, 2019
Time: 9:30 AM - 10:30 AM

Description:

Credentialing organizations are not immune from today’s environment of persistent cyber threats and data breaches. Data breach incidents at non-profit organizations number in the thousands every year. They range from no-harm-no-foul inadvertent misuses of data by employees to crippling operational issues (i.e., ransomware, denial of service without backup data, etc.) to significant legal battles, or a combination of the above. Courts have granted exam takers standing to sue for alleged injuries arising out of the breach of personal information by hackers used for identity theft and credit card fraud. In this session, we will discuss a practical and layered approach to compliance with applicable laws and regulations, ongoing risk assessment, data minimization principles, encryption, system upgrades, staff training, data processing and IT use policies, cyber insurance, and bring-your-own-device (BYOD) exposure. Attorneys and industry professionals familiar with the needs of certification bodies will walk through recommended steps for data management preparedness.

Session Type: Concurrent Session

Additional Presenters: One attorney with credentialing expertise; one attorney with data privacy and security expertise; one industry professional with practical perspective
Session Type: Concurrent Session

Additional Presenters: One attorney with credentialing expertise; one attorney with data privacy and security expertise; one industry professional with practical perspective