Law Seminars International Presents

An Advanced One-Day Workshop on

Data Security

June 28, 2004
Renaissance Seattle Hotel in Seattle, WA
Order      Download PDF Brochure

Who Should Order Homestudy

Attorneys, software developers, technology executives, risk managers and anyone else involved with technology security and liability management

Why Order

"Computer security has become a crucial legal and a technical issue for many organizations.It will only become more important with new regulatory security mandates, emerging civill liability theories and national security concerns.There are legal strategies and actions which can and should be taken to manage security compliance and risks, but too few lawyers and executives even recognize the problems. This program will expose some of the security risks and compliance issues, then offer strategies and tactics for their management. This is an opportunity to understand the legal liabilities arising from security issues, policies and procedures - beyond the bits and bytes." ~ Program Co-Chairs: John R. Christiansen, Esq. and Susan K. Koeppen, Esq.

What You Will Learn

Security litigation update - when information security is legally sufficient - case study on HIPAA compliance and incident response (including reconciling HIPAA ans SB 1386 obligations) - law and ethics of electronic discovery - avoiding security perils in information services outsourcing - Sarbanes-Oxley as the stealth information security law - time and content authentication and auditable digital data.

Agenda

Monday, June 28, 2004
8:00 am Registration and Continental Breakfast
8:30 am Security Litigation Update
  Lessons from the first round of security litigation; update on the status of and prospects for the revived Generally Accepted Information Security Principles (GAISP).
  John R. Christiansen, Esq.
 Christiansen IT Law / Seattle, WA
  Susan K. Koeppen, Esq.
 Microsoft Corporation / Redmond, WA
9:15 am Defining What a Business Must Do To Ensure Its Information Security is "Legally Sufficient"
  Update on development and current issues in security management and implementation
  Raymond A. Pompon, Network Security Consultant
 Conjungi Networks / Seattle, WA
  Checklist and practical tips for ensuring the legal sufficiency of security programs and safeguards
  Thomas J. Smedinghoff, Esq.
 Baker & McKenzie / Chicago, IL
10:15 am Break
10:30 am Case Study: HIPAA Compliance and Incident Response
  Reconciling HIPAA and SB 1386 security obligations
  Mark C. Gary, Esq.
 Bennett, Bigelow & Leedom / Seattle, WA
  Role-based access as a compliance strategy
  Christopher Apgar, CISSP, Principal
 Apgar & Associates / Portland, OR
  Legal obligations for network incident response and potential liabilities
  Albert P. Barsocchini, Esq., Director of Professional Services NW
 Guidance Software / Emeryville, CA
12:00 pm Lunch (On your own)
1:15 pm The Law and Ethics of Electronic Discovery
  Kenneth Einar Himma, Esq., Ph.D.
 University of Washington Department of Philosophy / Seattle, WA
  David Roers, Project Manager
 Electronic Evidence Discovery / Kirkland, WA
2:15 pm Identifying and Avoiding Security Perils in Information Services Outsourcing
  Emily Q. Freeman, VP- Western Region & Executive Director of Consulting
 AIG eBusiness Risk Solutions / San Francisco, CA
  Francoise Gilbert, Esq.
 IT Law Group / Palo Alto, CA
3:15 pm Break
3:30 pm The Stealth Information Security Law: Sarbanes-Oxley
  Michael P. Wilson, Senior Manager
 PricewaterhouseCooper LLP / San Francisco, CA
4:00 pm Time and Content Authentication, and Auditable Digital Data: The Emerging Liability Minefield
  Joseph M. Burton, Esq.
 Duane Morris LLP / San Francisco, CA
  Hoyt Kesterson, Security Consultant
 Vademecum / Glendale, AZ
  Charles Merrill, Esq.
 McCarter & English, LLP / Newark, NJ
  Bruce H. Nearon, CPA, Director of IT Security Auditing
 J.H. Cohn, LLP / Parsippany, NJ
  Steve W. Teppler, Esq, Chairman and Founder
 TimeCertain, LLC / Sarasota, FL
5:30 pm End of Day

Cancellation

There is a $25 cancellation fee for Course Materials orders and $50 for Homestudy orders

Continuing Education Credits

Law Seminars International self-certifies CLE credits for Washington, California, and Alaska. For other locations, we automatically seek CLE credit approval for the state in which a seminar is held. On request, we will apply for credits from other bar associations or the accrediting bodies for other professions. The current credits status for this program is WA CLE 7.25 inc 1 eth. (#121934) | CA MCLE 7.25 inc 1 eth. | NY CLE 8.5 inc 1 eth (non-transitional)

Cost

Our complete Homestudy Course, consisting of a VHS or DVD recording and the written course materials, is available for $605. The course materials alone are available for $100. We will ship your homestudy order via UPS ground within two weeks after the seminar or the date we receive payment (which ever is later).
Order Homestudy

Faculty Bios

John R. Christiansen, Program Co-Chair, is a member of the PricewaterhouseCoopers LLP healthcare practice, primarily focused on IT-oriented regulatory compliance and risk management for healthcare payers and providers, to support the implementation and management of security solutions suited to their particular needs. His practice emphasizes information system acquisition and management, protected information sharing and management policies and procedures, security and privacy compliance, strategic partnering, contract and policy development, and identification and authentication solutions.

Susan K. Koeppen, Program Co-Chair is a Corporate Attorney for Microsoft Corporation in the Regulatory Affairs and Public Policy Section. She specializes in legal issues surrounding e-commerce, including privacy, security, cybercrime, electronic contracts, and encryption, providing legal advice to software and website developers on these issues.

Chris Apgar, independent consultant and former HIPAA Compliance Officer for Providence Health Plans in Oregon and SW Washington, is a nationally recognized data security, privacy, transaction & code sets & HIPAA expert. He is a member of the HIPAA Compliance Insider Advisory Board, the Security Compliance Insider Advisory Board, the URAC Privacy Advisory Committee, and chairs the Oregon HIPAA Forum Transaction & Code Set subcommittee.

Albert P. Barsocchini, the Director of Professional Services NW for Guidance Software, Inc., is an attorney and recognized expert in computer law, electronic discovery and computer forensics. He has consulted with law firms and corporate clients on electronic data productions, electronic records retention policies, incident response, and electronic risk control.

Joseph M. Burton concentrates his practice at Duane Morris LLP in complex civil, criminal and appellate litigation. He is nationally recognized in the emerging field of Information Security Law where he advises and represents individuals and corporations regarding their rights and responsibilities in maintaining the security of digital information. His practice includes trade secret, trademark and patent litigation with an emphasis in cybercrime and cybersecurity matters.

Emily Q. Freeman is the Vice President, Western Region and Executive Director of Consulting, AIG eBusiness Risk Solutions. She has been a principal drafter of cyberspace insurance products and senior consultant for e-business risk management. She participates as the lead facilitator for risk analysis workshops for major corporations with infrastructure and commerce applications utilizing computer networks and the Internet.

Mark C. Gary, of Bennett Bigelow & Leedom, P.S., represents hospitals, health provider organizations, and businesses in transactional, business formation, real estate, and general corporate matters. He also represents health plans in the regulatory arena and has expertise in information systems and software contracting.

Françoise Gilbert, a partner with the IT Law Group, focuses on significant technology, privacy and e-commerce transactions and counseling. Her clients include Fortune 100 corporations, as well as start-up developers of innovative software products or services.

Ken Himma received his Ph.D. from the University of Washington and is a lecturer in the Information School and the Philosophy Department. He also has adjunct appointments in the Comparative Religion Department and in the University of Washington School of Law. His specialties are legal philosophy, philosophy of religion, applied ethics, information ethics, computer ethics, and other philosophical issues arising in connection with information and information technologies.

Hoyt Kesterson is a consultant specializing in securing electronic commerce and distributed systems. He has chaired the international committee responsible for defining X.500, including X.509, since 1986. He participates in the ABA’s work on legal aspects of digital signatures in electronic commerce.

Charles Merrill is a partner in the Newark office of east coast regional law firm McCarter & English, LLP, concentrating his practice in information technology law — particularly legal issues of information security, privacy and e-commerce. His practice encompasses representation of clients in a variety of industries, including health care, vendors of information security products, online securities brokerage, and the legal business itself.

Bruce H. Nearon is the Director of IT Security Auditing for J.H. Cohn LLP. He oversees the firm’s IT and application control audits of the AICPA, and directs the firm’s IT audit procedures for over 100 financial statement audits. He is also directly responsible for the Aon Insurance Company IT WebTrust On-line Privacy attestation engagement.

Raymond A. Pompon is the Network Security Consultant for Conjungi Networks where he focuses on the design and implementation of Internet solutions utilizing a variety of advanced security technologies and real-world organizational procedures. He also works closely with members of the federal law enforcement community to assist in protecting our National Infrastructure and bringing Internet criminals to justice.

David S. Roers is a Project Manager with Seattle's Electronic Evidence Discovery, Inc., providing electronic evidence discovery services to some of the world's largest law firms and corporations. Prior to joining EED, he practiced law for several years in Tacoma. In addition to his experience with law office technology and electronic discovery, he's also an Oracle Certified Professional (DBA track) and a Microsoft Certified Professional (SQL Server).

Thomas J. Smedinghoff, of counsel in the Chicago office of Baker & McKenzie, a recognized leader in developing the law of e-business, author of the Illinois Electronic Commerce Security Act, and a U.S. delegate to the UN Commission addressing international e-business issues, serves as e-commerce counsel for companies, government agencies, and trade associations throughout the world. His practice includes a special emphasis on electronic transactions, digital signatures/PKI, and related security and privacy issues.

Steven W. Teppler is an inventor, attorney, as well as the Chairman and founder of TimeCertain, LLC. He founded TimeCertain in 1999 after having confronted first-hand the challenges posed by challenge prone-digital data content. He is a litigator, a member of the Information Security Committee of the American Bar Association, a co-author of a soon to be published American Bar Association sponsored treatise on Digital Evidence, and a member of the ANSI X9F4 committee, which is drafting trusted timestamping guidelines for the financial industry.

Michael P. Wilson is a Senior Manager in the San Francisco based PricewaterhouseCoopers LLP Information Security and Privacy Practice. He has 14 years experience working with prominent organizations to address their information security and technology risk management issues. In recent years he has assisted his clients with the key strategic issues associated with Information Security Planning, for example, outsource analysis, information security program establishment, information security effectiveness and performance monitoring, risk management and regulatory compliance.