Ms. Michael Redmond will be discussing how to implement Information /Cyber Security, Business Continuity, Privacy (NYS Shield Law) Programs and NIST Privacy Framework.
Do you have great procedures in place to mitigate and deal with a Breach, Malware, Ransomware and more? Are you willing to risk your business reputation on those procedures?
The tool to curb it is efficient Information/Cyber Security Program that helps protect your data from being attacked and also a Business Continuity Programs that allows your organization to respond with speed and agility in a disaster, while empowering businesses to maintain continuous operations.
The NYS SHIELD Act requires employers in possession of New York residents' private information to "develop, implement, and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information."
Critically, the SHIELD Act specifically states that it does not confer a private right of action but rather provides for enforcement by the state's attorney general.
The SHIELD Act's data security requirements take effect on March 21, 2020.
The SHIELD Act does not mandate specific safeguards, but instead provides that a business will "be deemed to be in compliance with" this standard if it implements a "data security program" that includes all of the elements enumerated in the SHIELD Act.
Compliance is required from any employer who falls under the act's definition of a business, small or large, and who possesses computerized data of New York residents. Come to learn about the key elements and what you need to do to be compliant.
SHIELD is indicative of new requirements in information and data protection with both enforcement and consequences clearly outlined. It is a true step away from ambiguous language and protection when it comes to data protection. Although the majority of states have some data privacy laws, they are deliberately vague, which allows companies to skirt around the laws.
Presenter: Ms. Michael Redmond, PhD, MBA, PMP, MBCP, FBCI, ISO
Michael C. Redmond is a Director and Strategic Consultant and Auditor for EFPR Group's Information Technology and Governance, Risk, and Compliance division. She is also a recognized International IT Consultant, Auditor, Speaker, Author, and Trainer.
Her consulting and auditing experiences includes Cyber/Information Security, Business Continuity, Disaster Recovery, Risk Management and ISO for clients in the Healthcare, Insurance, Financial and Manufacturing sectors. She has held executive management positions at Deloitte, KPMG, Chubb Services and Redmond Worldwide.