© 2006 IBM Corporation Privacy Matters: Safeguarding Identity, Data and Corporate Reputation Harriet P. Pearson VP Corporate Affairs & Chief Privacy Officer.

Slides:

Advertisements

Similar presentations

Safeguarding Data to Ensure Effective Data Use Paige Kowalski |Director| State Policy & Advocacy July 2014.

Advertisements

Why Audit for Transparency Lillie Coney National Committee for Voting Integrity Minneapolis, MN October 26, 2007.

Privacy A Corporate Responsibility Ronald Ross, CEO.

© 2003 IBM Corporation Preparing for Privacy Society of Internet Professionals January 19, 2004 Nigel Brown Senior Privacy.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

Security Controls – What Works

THE RIGHT TECHNOLOGY IN INVESTOR RELATIONS: WHAT TO DO ONLINE? THOMSON REUTERS Alex Ménage Head of Business Development Corporate Services Rapidly Developing.

© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.

Transparency and Integrity in Lobbying Ms. Terry Lamboo, sr. Policy Analyst Public Sector Integrity Division, OECD.

ILOAIDS Satellite Session Implementing the ILO Code Of Practice: Role of Employer International AIDS Conference Barcelona 07 July 2002.

Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.

What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

Copyright 2011 Health Administration Press

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Information Privacy Policy in Canada Presented By: Sue Wu.

21 – 22 September 2006, Kuala Lumpur Savings Banks and Foundations, contribution for a sustainable society Laurel E Grossman, Chief Executive Officer,

FSCPC1 Privacy in the workplace Chris Connolly Director Financial Services Consumer Policy Centre.

Data Privacy Day 2012 on Campus Jolynn Dellinger Program Manager, Data Privacy Day National Cyber Security Alliance.

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

Electronic Records Management: What Management Needs to Know May 2009.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.

Georgia Institute of Technology. Georgia Tech is an innovative intellectual environment with more than 900 full-time instructional faculty and more than.

The 2009 HIMSS Security Survey: Insights into the Status of Healthcare Security Implementation sponsored by Symantec Meeting of the HIT Standards Committee,

ENCRYPTION Team 2.0 Pamela Dornan, Thomas Malone, David Kotar, Nayan Thakker, and Eddie Gallon.

Lecture 7 - Session 9 Political Context. Purpose of Lecture What is government’s role in the Canadian Economy? How has that role been changing and why?

7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Researches Relating Talent Mgt Feb 5, Why PS needs talent mgt From: Deloitte(2009) The Public Sector Talent Mgt Challenge: A conversation with Ian.

Environmental Management System Definitions

Chapter Seven Entrepreneurship and SMEs in the European Union (EU)

What does the future hold? Threat Horizon 2011 Adrian Davis 2009 Workshop on Cyber Security and Global Affairs August 2009.

1 GSC: Standardization Advancing Global Communications ISACC Opening Plenary Presentation GSC-11 SOURCE:ISACC TITLE:ISACC Opening Plenary Presentation.

G:\99Q3\9220\PD\AJD2.PPT 1 Harriet P. Pearson Chief Privacy Officer IBM February 7, 2003 IBM.

IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.

Electronic Safety and Soundness in Colombia Financial Sector Policy Global Dialogue Series #19 Milton Quiroga

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. BUSINESS PLUG-IN B19 Global Information Systems.

1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.

Privacy Advisory Services … … A Best Practices, Integrated Approach Insert Firm Name Here.

Chris Apgar, CISSP President, Apgar & Associates, LLC December 12, 2007.

PRIVACY, LAW & ETHICS MBA 563. Source: eMarketing eXcellence Chaffey et al. BH Overview: Establishing trust and confidence in the online world.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

The U. S. Health Care System Challenges, Opportunities and Solutions Fifth National HIPAA Summit Clinical Data Standards and the Creation of an Interconnected,

Managing for results Day 9 Module: Management.

Local Area Agreement Strengthening delivery Improving Outcomes Jon Bright Director of Policy and Delivery Birmingham City Council.

Organizing a Privacy Program: Administrative Infrastructure and Reporting Relationships Presented by: Samuel P. Jenkins, Director Defense Privacy Office.

NACDD Hill Day: Legislative Visits What to Expect Mari T. Brick, MA Program Consultant, NACDD

1 Privacy Lessons from Other Industries Chris Zoladz, CIPP, Vice President, Information Protection Marriott International, President, International Association.

PRIVACY AND SPAM. PRIVACY Claim of individuals, groups or institutions to determine when, how and to what extent personal information is communicated.

Transitioning from Chief Audit Executive (CAE) to Chief Financial Officer (CFO) IIA/FMI Breakfast Session Carol Najm Assistant Deputy Minister, Finance.

Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.

MIS5001: Information Technology Management Ethics and Continuity Management Larry Brandolph

The Privacy Symposium August 22, 2007 ©2007. Goodwin Procter LLP The Ethics and Responsibilities of a Privacy Professional.

Privacy and Personal Information. WHAT YOU WILL LEARN: What personal information is. General guidelines for the collection of personal information. Your.

Key Points for a Privacy Programme for Multinationals Steve Coope.

Corporate Accountability: Researching the Corporation Hotel Viengtai, Bangkok 4-6 November 2009.

HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.

Information Security and Privacy in HRIS

Pioneers in secure data storage devices. Users have become more accustomed to using multiple devices, are increasingly mobile, and are now used to storing.

Private Cloud Market to Global Analysis and Forecasts by Services, Applications No of Pages: 150 Publishing Date: Feb 2017 Single User PDF: US$

An Update on FERPA and Student Privacy

PRIVACY AND SECURITY (CCI410) PERTEMUAN 5 IR. NIZIRWAN ANWAR, MT

Director, Regulation and Strategy

Malcolm Crompton International Privacy: Managing Privacy in a Global Organisation – Identity, HR, Security & more IAPP TRUSTe Symposium: Privacy.

April 7, 1999 Privacy in Transition -- and What’s Next? Alan F. Westin Professor of Public Law & Government Emeritus,

Managing Privacy Risk in Your Commercial Practices

THE EUROPEAN COUNCIL.

Business can and should be a force for good in our world.

2019 Thales Global Cloud Security Study

Presentation transcript:

© 2006 IBM Corporation Privacy Matters: Safeguarding Identity, Data and Corporate Reputation Harriet P. Pearson VP Corporate Affairs & Chief Privacy Officer PAGE ONE TeleconferenceAugust 22, 2006

© 2006 IBM Corporation 2 The Challenge In a complex and changing world, simple choices—between “privacy” and “no privacy”—are not possible—at least, not usually. We must seek innovative ways of bridging between the human need to trust—to have control, a zone of privacy--and the unlocking of value in information. To do otherwise will (at the least) pose challenges to corporate reputation and freedom of action—individually and collectively

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 3 Key privacy-related developments and trends in 2006  Data risks now evident to all of us: Media, legislative and litigation attention to data breaches, lack of control individuals have  Privacy observation for public purposes: Controversy over government access to data held by private sector (from US to China)  Globalization of business processes challenges EU requirements for data transfers and access by non-EU citizens. Rise of Asia  Transformation of health care (adoption of electronic health records to emergence of information-based medicine) raises new privacy issues (beyond HIPAA)  Concerns over RFID and other new technology sparks advocacy and legislative activity to restrict/regulate

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 4 Privacy Legislation around the Globe European Union European Data Protection Directive (1995) Canada PIPEDA ( ) U.S. – Sectoral Health Sector; HIPAA (2002) Financial Sector GLB (2001) Children’s Privacy; COPPA (1999) California Privacy; (2005) Australia Privacy Amendment (Private Sector) Act 2000 (2001) New Zealand Privacy Act (1993) Japan Personal Data Protection Act (April 2005) APEC Guidelines (2004) Existing Private Sector Privacy Laws Emerging Private Sector Privacy Laws APEC Guidelines (2004)

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 5 A Simple Strategy to Protect Corporate Reputation  Understand corporate risks and invest in managing them  Be aware of how changes in business models and practices change risk profile – where are sensitive personal data and how are they managed? Risks to individual identify are now part of corporate privacy and security calculus  Prepare for the inevitable security/privacy incident  Drive adoption and readiness of privacy incident response plan. Don’t let it get out of date. Think global, not just US  Confront incidents/issues quickly—proactively if you can--but be ready for long haul to re-establish trust  Consider case studies such as Eli Lilly, Choicepoint, Veterans’ Administration, Ernst & Young  Communications plays a KEY role  All disciplines play—internal, executive, media, issues management

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 6 A Long History… IBM developed one of the first global privacy policies in businesses--in 1960s Longstanding enagement in public policy, e.g. OECD guidelines development and legislation to protect privacy, e.g. health and privacy One of the first companies to appoint CPO First company to create Privacy Research institute, focus on privacy-enabling technologies and methodologies. Early supporter and leader of industry privacy and security initiatives, e.g. TRUSTe

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 7 Technology - Reuters and “Big Blue’s ultimatum” : Keep Employees’ SSNs off the Healthcare ID cards… IBM rated among top 10 privacy leaders IBM named in US Top 10 and in Canada #1: Study conducted by Ponemon Institute and nonprofit TRUSTe identifying most trusted companies for privacy “IBM Big Blue set the standard in employee privacy in the 60’s with the first formal corporate policy” Continued Attention to Privacy Recognized… IBM is The Best Privacy Company of the Year 2003 “IBM makes Privacy a Chief Priority” “Study finds IBM top employer for workplace privacy” and

PAGE ONE Teleconference August 22, 2006 © 2006 IBM Corporation 8 Questions and Discussion