View Brochure - International Association of Privacy Professionals

privacyassociation.org

View Brochure - International Association of Privacy Professionals

The

PRACTICAL PRIVACY

Series

Government

U S

December 10, 2008

Privacy in Government:

Managing the Challenges

Washington, DC

Don’t miss the IAPP

Privacy Dinner on

Tuesday, December 9

A

Made possible by our

Platinum Sponsor:

www.privacyassociation.org


The

PRACTICAL PRIVACY

Series

Register Now

www.privacyassociation.org

IAPP Privacy Dinner

Tuesday, December 9

Keynote Speaker:

William E. Kovacic, Chairman,

Federal Trade Commission

Join us for the third annual IAPP

Privacy Dinner in Washington, DC

on Tuesday, December 9 from 6 – 9 p.m. This dinner,

planned to coincide with the IAPP Practical Privacy Series,

will bring together the top privacy professionals, regulators

and experts in the field. The winner of the 2008 IAPP/

Deloitte & Touche Privacy Vanguard Award will be

announced at the event. The beautiful and historic Willard

Hotel will serve as the venue for this special event. Only

150 seats are available, so reserve your spot early. Go to

www.privacyassociation.org to register or for more information.

Individual $250

Government $75

Table of 8 $2,000

Sponsored by:

Event Registration Information

Government $195

IAPP Member $345

Non-member $495

IAPP Privacy Certification

Certification training and examinations will be held at

this event. For more detailed information please visit

www.privacyassociation.org.

Method of Payment

Make payment by check, money order, Master-

Card, Visa or American Express. A $20 fee will

be charged for any returned checks. Credit card

information must be provided to secure your

registration if check/money order is not included

with registration form. If payment is not received

seven days prior to an event the credit card

payment will be processed.

Refunds and Cancellations

Registration fees are not refundable but are

transferable to a person in the same company.

Program subject to change. No refunds are

given for no-shows or cancellations. Executed

registration form, online registration and e-mail

confirmation constitute binding agreement

between two parties.

Tax Deductibility

Expenses of training, including registration fee,

travel, lodging and meals, incurred to maintain

or improve skills in your profession may be

tax deductible. Consult your tax advisor. IAPP

Federal Tax ID 23-3048008.

CPE

(Continuing Privacy Education)

The IAPP will recognize up to five credit hours

of continuing privacy education (CPE) for eligible

IAPP-certified professionals (CIPP, CIPP/G,

CIPP/C and CIPP/IT credential holders) who

attend the Practical Privacy Series.

To be eligible for CPE credits, you must be

privacy-certified by the IAPP in advance of the

conference.

Location

The George Washington University, Cafritz

Conference Center at the Marvin Center, 800

21st Street, N.W., Washington, DC 20052

Getting There

The Cafritz Conference Center is located on

the third floor of the Marvin Center at The

George Washington University. The Marvin

Center is centrally located on 21st Street between

H and I Streets and within easy walking distance of

the Foggy Bottom-GWU Metro station. For

more information on using the Metro, visit

www.wmata.com. If driving, the entrance to the

Marvin Center Garage is on H Street between

21st and 22nd Streets.

Program development and support provided by:

Rebecca J. Richards, CIPP/G

Director Privacy Compliance,

Department of Homeland

Security

Marc Groman, CIPP

Chief Privacy Officer, Federal

Trade Commission


Privacy in Government:

Managing the Challenges

Wednesday, December 10

George Washington University

Marvin Center, Cafritz Conference Center

800 21st Street, N.W., Washington, DC 20052

Sessions 8 a.m. – 5 p.m.

Session 1: The Artificial Divide

Between Privacy and Security

Daniel Steinberg, CIPP, Associate, Healthcare Privacy Lead,

Booz Allen Hamilton

Many privacy professionals have noted that privacy and security

must be aligned in order to achieve consistency, efficiency and interoperability.

Nevertheless, the regulatory frameworks, distinct areas

of interest and implementation approaches of each discipline have

continued to contribute to a misconception that privacy and security

are tangentially related. Join in a discussion of their shared

areas of interest and the possibility of closer coordination between

privacy and security professionals.

Session 2: Anatomy of a Privacy

Program

Marc Groman, CIPP, Chief Privacy Officer, Federal Trade

Commission

To be an effective doctor, it’s not enough to understand the digestive

system or the nervous system; you must understand the entire

anatomy. The same holds true for an effective CPO. In this session,

we’ll examine a privacy program from head to toe, including: data

and PII inventory; policy gap analysis and risk assessment; development

and implementation of effective, risk-based policies and

procedures; compliance with statutes and OMB Guidance; the intersection

of privacy and data security; online privacy; managing

relationships with third parties; measuring success of your program;

education and training; records management; strategic planning and

data breach response.

Session 3: The Privacy Act: Advanced

Joo Chung, CIPP/G, Counsel, Privacy and Civil Liberties Office,

Office of the Deputy Attorney General, Department of Justice and

Kirsten Moncada, CIPP/G, Senior Counsel, Privacy and Civil

Liberties Office, Office of the Deputy Attorney General, Department

of Justice

The Privacy Act was written in 1974, when filing cabinets, not laptops,

were the norm for maintaining records. With today’s more

sophisticated technology, it’s more critical than ever to carefully

consider how to draft an effective SORN, know how to avoid common

pitfalls, and understand the intricacies of drafting a routine use.

This session assumes you have basic knowledge of the Privacy Act

and the requirements under subsection (e).

Keynote Address

Leslie Harris, President and CEO,

Center for Democracy and Technology

Session 4:

Federal Web Sites:

Best Practices for

Compliance and Protecting

Privacy in a Web 2.0 World

Jonathan Cantor, CIPP/G, Executive Director, Office of Privacy

and Disclosure, Social Security Administration and Lewis Oleinick,

Chief Privacy and FOIA Officer, Defense Logistics Agency

Web sites generally present significant privacy concerns, including

compliance with the requirements of the E-Gov Act, which requires

federal agencies to have a privacy policy on their Web site, make it

machine readable (P3P), and minimize the use of persistent cookies.

Is your policy accurate for your Web site Do you work with vendors

Are you prepared to manage the new privacy concerns that

accompany the use of Web 2.0 technologies Find out how others

in federal agencies are managing their Web sites and learn how to

avoid common pitfalls and mitigate risks.

Session 5: Beyond FAR:

Implementing Privacy Safeguards in

Vendor Relationships

Sally Wallace, Associate Deputy Assistant Secretary for Privacy/

Records Management, Department of Veterans Affairs and Debbie

Kendall, CIPP/G, Manager, Strategy and Processes, U.S. Postal

Service

The success of an agency’s privacy and security practices depends on

the people who implement and follow them, including contractors.

Agencies must ensure that contractors are made subject to appropriate

and adequate legal or other safeguards to protect the privacy

and security of nonpublic information, including PII. While Federal

Acquisition Regulation (FAR) includes basic privacy provisions, it

doesn’t specifically address contractors. This session will help you

move beyond FAR to make sure your contracts have the sufficient

provisions to protect privacy.

Session 6: Spice Up Your Privacy

Training Program: Getting Employees

Engaged

Peter Pietra, CIPP, Director of Privacy Policy & Compliance,

Steven Lott, CIPP, Privacy Program Manager, Federal Deposit

Insurance Corporation and Nat Wood, Assistant Director, Consumer

& Business Education, Bureau of Consumer Protection,

Federal Trade Commission

Privacy can only be protected if your employees know what to do.

Sitting through another briefing where your agency staff tunes you

out won’t help protect your data from the next privacy incident.

Learn what different agencies are doing to keep their education and

training programs interesting.

For more program details visit www.privacyassociation.org


International Association of Privacy Professionals

170 Cider Hill Road

York, Maine 03909

PRIORITY CODE:

The

PRACTICAL PRIVACY

Series

www.privacyassociation.org

Government

December 10 Washington, DC

The Artificial Divide Between Privacy

and Security

Anatomy of a Privacy Program

The Privacy Act: Advanced

Federal Web Sites: Best Practices for

Compliance and Protecting Privacy in a

Web 2.0 World

Beyond FAR: Implementing Privacy

Safeguards in Vendor Relationships

Spice Up Your Privacy Training

Program: Getting Employees Engaged

More magazines by this user
Similar magazines