risk management
play

Risk Management Stephen Vono - Principal Notification Laws - PowerPoint PPT Presentation

Information Security Risk Management Stephen Vono - Principal Notification Laws Definition of PII Compliance www.mcgowanprofessional.com Information Security Liability Paper Files Wi-Fi Networks Servers Portable


  1. Information Security Risk Management Stephen Vono - Principal

  2. Notification Laws • Definition of ‘PII’ • Compliance www.mcgowanprofessional.com

  3. Information Security Liability • Paper Files • Wi-Fi Networks • Servers • Portable Media www.mcgowanprofessional.com

  4. First Party Liability vs. Third Party Liability First Party Third Party Accountant/Owner Non-client Client Client Information Information Information www.mcgowanprofessional.com

  5. Insurance Policy Response First Party = Third Party = Information Security Liability Professional Liability Policy Policy www.mcgowanprofessional.com

  6. Insurance Policy Gaps • Professional Liability = Limited First Party coverage, fraud exclusion • Employee Dishonesty = Employee fraud and theft of client funds (not client information) • Information Security Liability Policy = First Party coverage AND unauthorized use of confidential information www.mcgowanprofessional.com

  7. Information Security Liability Policy ü 1 Intentional Acts ü 2 Suit from non - professional ü 3 respond to loss of information ü 4 Media/PR ü 5 Call Center/Resources www.mcgowanprofessional.com

  8. Best Practices Policies ü Notification Letter ü WISP ü Portal Usage Policy ü Mobile Media Usage Policy ü Technical Safeguards www.mcgowanprofessional.com

  9. Thank you! www.naplia.com Stephen Vono stevev@naplia.com www.mcgowanprofessional.com

Recommend


More recommend