IT and the Law: Dealing with Privacy and Compliance

• Dr. Anil Makhija
  Chair, Finance and Associate Dean for Executive Education
  The Ohio State University Fisher College of Business

• Mr. Thornton A. May
  Nation's Leading IT Futurist

• Dr. Larry Ponemon
  Chairman & Founder, Ponemon Institute
  Board Member, The Privacy Council, Inc.

What's really driving today's privacy efforts? Is it disclosure laws, public opinion, opportunities for business process improvement, all of the above? Here, a broad view of the leading issues that are behind today's privacy and compliance momentum will be discussed.

Understanding The Law

It begins by knowing the rules. What are the facts and hidden nuances concerning specific regulatory vehicles like SOX, HIPAA, and others? What must you be careful to understand, and what must you be careful to avoid? A panel of experts sheds light on these important issues

• Dr. Richard Dietrich (Department Chair, The Ohio State University Fisher College of Business)
• Mr. Tom Skoog (Partner, KPMG)

Break

Evaluating The Risks, a Panel Moderated by Mr. Thornton May
Knowing then leads to assessing, as well as convincing. How do you assess your level of risk in your organizations, and how do you then plan and prioritize the attack? In addition to mitigating risk from the outside, how do you keep an eye on your employees……the enemy within? How do you also muster internal executive and cultural support for what may be a resulting massive (and costly) change? Top tier CIOs share their perspectives.

• Ms. Kathleen Ojala (Privacy Officer, Ohio State University Health System)
• Mr. John Rombough (Control Division, Canadian Imperial Bank of Commerce)
• Mr. David Bauer (Former CSO/CPO, Merrill-Lynch)
• Mr. Matthew T. Furton (Partner, Lord Bissell & Brook, LLP)

Mining Value From The Auditor Relationship, as Moderated by
Ms. Anne McCrory ** (Editor-In-Chief, CIO Decisions )
One of your best allies in helping to plan and execute game changing strategies related to privacy, compliance and regulation is your internal audits team. Yet, their abilities and contributions are often overlooked. Here, several top industry professionals turn state’s evidence on how senior IT and other corporate leaders be successful in this valuable relationship-building experience.

• Dr. Richard Dietrich
• Mr. Bruce Moulton (VP of Info Security Business Strategy, Symantec)
  (Former CISO, Fidelity Investments)
• Mr. Kirk M. Herath (Chief Privacy Officer, Nationwide Enterprise)
• Ms. Sandra R. Hughes (Global Privacy Executive, Procter & Gamble Company)

Lunch Break, including Keynote Speaker #2 (12:30pm – 1:15pm)

• Mr. David Bauer ( CTO, Asurion Corporation; Former Chief Security Officer and Privacy Officer
  Merrill-Lynch Company, Inc. )

CTO/CISO Roundtable Panel, as Moderated by
Ms. Anne McCrory (Editor-In-Chief, CIO Decisions )
So, how are you responding the call (and possibly the mandate) for immediate action? On which issues are you spending most of your time; e.g., two-factor authentication, wireless security, spyware, others? How are you preparing for the new requirements for electronic discovery? Listen as senior technology and security officers describe how they are moving forward.

• Mr. Dan Vermeire (CTO, Huntington National Bank)
• Ms. Kathy Starkoff (CTO, Limited Brands)
• Mr. Mark Bregman (CTO, Symantec)

What Yet Lies Ahead?
What’s on the horizon regarding leading regulatory issues involving information security and privacy, as well as expected legislative reaction to those issues? While it might appear to some that a seemingly endless amount of money and time will be necessary in responding these mandates, how do you really determine, “How Much Is Really Enough?” What is the mood in our legislatures in that regard?

• Mr. Kenneth P. Mortensen, Esq. ( Acting Chief of Staff, Privacy Office, U.S. Department of Homeland Security)

Untangling a Twisted Pair: CIOs and Lawyers – The New Alliance

• Mr. Thornton A. May

Most CIOs admit that the legal stuff is the third rail of IT leadership. While this wasn’t always the case, new and more complex issues have entered the picture,…any one of which has the potential of being career-destroying. What is the current state of the collision between the legal and IT worlds?

Session Summary and Wrap-Up

• Mr. Thornton May

Adjournment and “ Decompression Session ”