Trust In The Cloud RSVP
CSA Legal Information Center Seminar
TRUST IN THE CLOUD
How are you Protecting Customer Data?
Wednesday, February 26, 2014 – 8:15am to 12:00pm
PLI Conference Center 685 Market Street, San Francisco, CA 94103
Business is based on trust. In the cloud, to deserve the trust of its customers and others, a company must be able to demonstrate that it protects the privacy and security of the data in its custody. It must communicate clearly and specifically the nature and extent of the measures taken to protect data, and show how they meet the existing legal and regulatory requirements, standards, best practices and benchmarks. Customers, on the other end, need tools to evaluate and compare different offerings so that they can decide which one deserves their trust and their business.
This interactive program will provide:
- Legal and regulatory backgrounds
- A survey of methods, standards and certifications available to evaluate and measure compliance
- Examples of frameworks adopted by market leaders
8:15 – 8:45am
Registration & Networking
8:45 – 9:00am
Welcome & Introduction, Dave Cullinane, Chairman of the Board, CSA
9:00 – 9:45am
Legal and Regulatory Background Francoise Gilbert, Managing Director, IT Law Group
- The duty of accountability; Legal sources
- Legal, contractual, and other requirements to ensure the protection of information
- Legal risks, litigation, enforcement actions
9:45 – 10:30am
Panel: Tools for Evaluating and Measuring Data Handling Practices
Daniele Catteddu, Managing Director EMEA, CSA; John Di Maria, ISO Product Manager, British Standards Institution; Becky Swain, Cloud Assurance Director, PricewaterhouseCoopers LLP
- Cloud Controls Matrix; CAIQ
- STAR Registry; STAR Certification
- Privacy Level Agreement
- Developing standards
10:30 – 10:45am
10:45 – 12:00pm
Case Studies: How Leading Companies Build Trust
Vincent Campitelli, Vice President IT Risk Management, McKesson Corporation
Shelbi Rombout, Cybersecurity Partnership Executive, US Bank
Cloud Customer Case Studies
- Efforts to investigate potential vendors and due diligence to monitor activities during contract performance
- Contractual provisions
- Monitoring and redress
Peter McGoff, Senior VP, General Counsel and Corporate Secretary, Box
Peter Reid, Chief Privacy Officer, Hewlett Packard
Cloud Provider Case Studies:
- How the company helps its customers address their obligation of accountability
- How the company meets its own obligation of accountability
- Programs and methods used to provide potential purchasers with adequate information
This exclusive event is free. Please feel free to forward this invitation to interested colleagues.
This program is eligible for 3.0 hours of CLE general credit.
This program is provided by the IT Law Group, an approved Multiple Activity Provider (#15599) and is eligible for 3.0 hours of MCLE general credit (No ethics, No elimination of bias, No substance abuse). If you have attended this program and signed the Official Record of Attendance for California MCLE your Certificate of Attendance will be available upon request. For CLE information, please email:[email protected].
Seating will be limited, register today to ensure your spot! You will receive a confirmation email shortly.