SLIDE 1
Information Security
Risk Management
Stephen Vono - Principal
Notification Laws
- Definition of ‘PII’
- Compliance
www.mcgowanprofessional.com
Risk Management Stephen Vono - Principal Notification Laws - - PowerPoint PPT Presentation
Risk Management Stephen Vono - Principal Notification Laws - - PowerPoint PPT Presentation
Information Security Risk Management Stephen Vono - Principal Notification Laws Definition of PII Compliance www.mcgowanprofessional.com Information Security Liability Paper Files Wi-Fi Networks Servers Portable
SLIDE 2
SLIDE 3
Information Security Liability
www.mcgowanprofessional.com
- Paper Files
- Wi-Fi Networks
- Servers
- Portable Media
SLIDE 4
www.mcgowanprofessional.com
First Party Liability vs. Third Party Liability
Accountant/Owner
First Party Third Party
Client Information Non-client Information Client Information
SLIDE 5
Insurance Policy Response
www.mcgowanprofessional.com
Third Party = Professional Liability Policy First Party = Information Security Liability Policy
SLIDE 6
Insurance Policy Gaps
www.mcgowanprofessional.com
- Professional Liability = Limited First Party
coverage, fraud exclusion
- Employee Dishonesty = Employee fraud and
theft of client funds (not client information)
- Information Security Liability Policy =
First Party coverage AND unauthorized use of confidential information
SLIDE 7
Information Security Liability Policy
ü1 Intentional Acts ü2 Suit from non - professional ü3 respond to loss of information ü4 Media/PR ü5 Call Center/Resources
www.mcgowanprofessional.com
SLIDE 8
Best Practices Policies
üNotification Letter üWISP üPortal Usage Policy üMobile Media Usage Policy üTechnical Safeguards
www.mcgowanprofessional.com
SLIDE 9
Thank you!
www.naplia.com Stephen Vono stevev@naplia.com
www.mcgowanprofessional.com