ISSA Privacy Special Interest Group
Privacy and Security Considerations Post-Public Health Emergency
Public health emergencies and crises such as the COVID-19 pandemic present unique security and privacy concerns for companies and other organizations. In fact, the related challenges CISOs and other security and privacy professionals have been confronted with as a result of the current COVID–19 crisis continues to rise.
For example, to facilitate a surge in “work-from-home” demand, many companies have expedited IT infrastructure expansion and cloud capability resulting in shortened security vetting and testing processes. There has also been increased stress on existing systems and, for most companies, a significant increase in cybersecurity incidents. In addition to security concerns, companies are using personal data and analytics in new, previously unforeseen ways to safeguard their workforces, customers, and business operations, which present a myriad of privacy challenges. In addition, other privacy concerns and risks arise from the collection of new data, such as temperature results and COVID-19 tests.
This webinar will examine risk considerations post-pandemic and address such questions as:
What privacy challenges should I be thinking about and preparing for post-pandemic?
Are digital health surveillance techniques in the workplace privacy infringing? Are there any unintended consequences for the workforce?
What will “business as usual” look like post COVID - 19 from a privacy perspective and how does that impact the CISO role?
Do CISOs need to take extra precautionary measures for any health data that is generated as the result of employee testing?
Speaker/s
R. Jason Cronk – Privacy Engineer, Enterprivacy Consulting Group
R. Jason Cronk is the author of Strategic Privacy by Design, one of the textbooks for the IAPP's privacy technologist certification (CIPT). He was designated in 2014 as a privacy by design ambassador by the Ontario Information and Privacy Commissioner's office and has been a leading figure in privacy by design and privacy engineering ever since. Currently he works as a consultant and trainer for a boutique firm Enterprivacy Consulting Group. He can be found tweeting @privacymaverick
Beverly R. Allen – Vice President, Deputy General Counsel, Chief Compliance and Privacy Officer, Inovalon
Beverly R. Allen is an accomplished attorney and business leader with extensive legal, business and consulting experience across multiple industries. Currently, Beverly is the Vice President, Deputy General Counsel and Chief Compliance and Privacy Officer at Inovalon, a leading healthcare data analytics and technology company, where she leads the enterprise-wide compliance, data protection, privacy, Health Insurance Portability and Accountability Act (HIPAA) and risk management functions. Beverly also provides legal advice and counsel on various business transactions, strategic initiatives and advises on numerous other contract-related matters including negotiations, disputes, claims and audits.
Prior to join Inovalon, Beverly was the Chief Integrity Officer at MedStar Washington Hospital Center in Washington, DC, a nationally recognized healthcare provider. In that capacity, she directed and led the enterprise-wide compliance, privacy, investigative and audit functions. Beverly’s previous work also includes various leadership positions with Booz Allen Hamilton and SRA International where she directed and led numerous client engagements designed to assess enterprise-wide compliance and risks associated with emerging technologies. In those roles, she was also responsible for developing and implementing privacy, information security, compliance and risk management solutions across the federal and commercial sectors. In addition, Beverly was a Senior Attorney Advisor with the U.S. Department of Education, District of Columbia Enforcement Office and served as a Senior Advisor at the Department of Homeland Security.
Beverly received her Bachelor of Arts degree from the University of Virginia, Juris Doctor from the University of North Carolina at Chapel Hill and Master of Arts degree from Georgetown University.
Janelle Hsia – Principal, Privacy SWAN Consulting
Janelle Hsia is a trusted advisor for strategic and tactical decision-making within organizations of all sizes. She focuses on privacy and security while bringing a diverse background in leadership, business, security, privacy, and technology spanning over 20 years. Her experience integrating privacy with security and technology helps companies operationalize their privacy and security requirements. She creates comprehensive and tailored data governance programs for SMBs with a global presence. Her passion is privacy and data protection training and awareness. This fall, she is teaching a class on Privacy and Technology at the University of Colorado in Boulder. She is an ISSA Privacy SIG Tri-Chair and one of our 2022 Volunteers of the Year. She is a member of the IEEE Digital Privacy Working Group and an IAPP Official Training Partner. She holds the following certifications CIPM, CIPT, CIPP/US/E, CISA, PMP, and GSLC.