Managing Your Record Retention Policy Safely
|
|
- Hilary Neal
- 5 years ago
- Views:
Transcription
1 Managing Your Record Retention Policy Safely
2 Client and counsel have a duty to preserve materials with potential evidentiary value. The preceding discussion told us about the duties of lawyers and clients when dealing with data, paper or electronic, in proceedings: criminal, civil or administrative.
3 Duty to Preserve When does the duty to preserve materials with evidentiary matter attach? Concerning attachment, consider the concept of a trigger point: A point in time where the client, and/or the lawyer, knows enough to reasonably anticipate a proceeding involving the client where the client must preserve relevant data.
4 When might a trigger point occur? When the client hears of investigators in the field. When whistle blower reports appear in the press. When agencies begin private or informal inquiries, When the client receives an agency investigative demand, a Grand Jury subpoena or an indictment. When the client is served with a summons and a civil complaint or a criminal summons and indictment.
5 At all these points and others, the duty to preserve evidentiary matter applies. Let us consider the client s opportunities and obligations at four points in time: before proceedings threaten, when proceedings are imminent, when formal proceedings begin and after the data request arrives:
6 Before Proceedings Threaten Be alert for any event that triggers client s preservation obligations Offer the client a record management education Identify key client IT personnel Identify key client line managers Implement client s record management plan Evaluate client s document destruction and retention practices, back-up protocols, tape rotation and recycling schedules, etc. Encourage regular client audit of discovery compliance and practices Anticipate an eventual client discovery obligation
7 Here are some major elements of the client s record management plan:
8 Main Reason for Improper Destruction Poorly designed record retention programs Record retention program not administered properly Record retention program no audited properly
9 When Should Record Destruction Be Suspended? The record retention policy must contain specific directions about when and to what degree the record retention program should be suspended All compliance with the record retention policy should be documented Regular auditing of the record retention policy will assure that records are actually being destroyed/retained pursuant to the policy
10 Process for Destroying Records A record retention policy should provide specific guidance on the process for destroying records. Including the time of file reviews A description of circumstances in which records can be discarded or shredded Identification of individuals who have authority and responsibility for destroying records
11 Procedures for Destroying Records Notice of intent to destroy Monitor transfer of records Monitor destruction of records
12 Anticipatory Obstruction If you know that a subpoena will be coming, you may violate the obstruction of justice statute
13 Solution for Avoiding Problems The record retention program must be routinely followed, not just when there is a problem Non-destruct memoranda should be sent to employees if an investigation is anticipated Create a record retention policy at a neutral time where possible Manage and audit the record retention policy to insure compliance is to be done regularly (e.g. issue periodic reminders) The Arthur Andersen jury foreman stated that the shredding showed that AA had not trained its people very well
14 18 U.S.C. Section Sarbanes- Oxley Whoever knowingly destroys or conceals a document with intent to impede an investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States may be imprisoned up to 20 years.
15 When Proceedings Are Imminent Alert client IT and records management persons about document preservation obligations to identify and preserve potentially relevant data Alert company management to distribute an internal non-destruct memorandum Determine the need for forensic discovery assistance Consider an exchange of data preservation notices where possible
16 Government Requests Information Identify documents and data to be produced Select a records custodian Develop a process for producing documents Produce the responsive documents Preserve and assert attorney-client/work product privileges Avoid improper destruction
17 Benefits of a Legal Freeze Preservation of key facts necessary to advise the company Prevent obstruction of justice allegations
18 Implement a Legal Freeze Send a non-destruct memorandum Formally communicate with all employees that have relevant documents
19 Contents of a Non-Destruct Memorandum Clearly identify the types of documents to be preserved Have the memorandum come from high-level officials Identify all recorded information, such as electronic data Identify a person who employees can contact with questions
20 Select a Records Custodian to Gather Requested Records Send memorandum to records custodian documenting her/his tasks Non-Lawyer No knowledge of facts
21 Tasks of the Records Custodian Identify all departments, offices and employees with potentially responsive documents Identify former employees who may possess responsive documents Consult with IT personnel to develop a search protocol for responsive computer data Segregate all documents produced so that they can be identified by source Keep all documents in a locked room with limited access Bates label all documents with control numbers Copy and produce copies rather than originals where possible
22 Records Custodian Sends Memorandum to Employees Paraphrase the specific language of the subpoena so that the employees can identify relevant records Instruct employees to thoroughly search all files and computer records within their possession, custody or control in a non-destructive way Instruct employees to identify documents that may contain attorney-client privileged information Identify a specific date for the employees to produce relevant documents
23 Send Questionnaires to Employees Have each employee identify the types and categories of responsive documents in their possession or that they are aware of Have each employee identify responsive documents that are off site Have each employee complete a questionnaire to develop a strategy and information
24 Benefits of Questionnaires They identify persons who have knowledge of particular transactions They can reduce costs by eliminating persons who do not have relevant information
25 Contents of the Questionnaire Questions should require a yes or no answer The questions should ask whether employees have knowledge of particular transactions Whether the employee participated in the transaction Whether the employee has documents that could be relevant to the subpoena
26 When Formal Proceedings Begin Prepare to discuss e-discovery issues during any pre-discovery, pretrial or prehearing conference In federal civil proceedings for FRCP Rule 26(a) e-data disclosures Prepare to discuss e-discovery issues at the FRCP Rule 26(f) conference Determine if you will propound e-discovery requests to the opposing party(s) Schedule a FRCP Rule 30(b)(6) deposition Ensure document requests include electronic data Ensure document requests focus on specific custodians, time periods, and key issues Determine choice of document production format
27 Reviewing Records Collected from Employees Identify objective factors that all team members can use for selection, such as information sent to a particular person or within a particular time period
28 Analyze the data request After the Data Request Arrives Identify relevant locations and custodians of information Gather responsive information efficiently and defensibly Review materials for relevance and privilege or other potential objections to disclosure Produce required information in an appropriate format, on appropriate media
29 Record Review Segregate and classify documents Preassembled documents (e.g. minutes of meetings) Employee files (e.g. and memoranda) Raw corporate data (e.g. receipts, checks and bank statements) Third party documents
30 The Attorney-Client Privilege: Maintaining Confidentiality The attorney-client privilege prevents an attorney from disclosing information to anyone other than his client if the Information is privileged.
31 Attorney-Client Privilege Defined Communications made in confidence Between a person who is or is about to become a client To a lawyer For the purpose of obtaining legal advice or assistance
32 Attorney-Client Privilege Log Identify all privileged documents Compile a privilege list The privilege list will contain date, document and subject All documents will be bates labeled
33 Kroll Ontrack s Top Ten Data Collection Pitfalls At this point it is appropriate to consider: Kroll Ontrack s Top Ten Data Collection Pitfalls
34 No. 1: Failing to Have a Data Collection Plan A data collection plan should include: Relevant information sought Potential data locations and key players Internal and external contact information Procedural guidelines Documented chain of custody instructions An inventory of forensic tools A summary of anticipated business continuity issues and resolution plans
35 No. 2: Failing to Prioritize the Data You must thoroughly define the scope of data collection by identifying and prioritizing the following: Who? List of custodians/key players Why? Computer forensics or electronic discovery What? Workstation, NWS, department share, server , local When? Current and/or historical data How? Corporate IT, law firm, 3 rd party
36 No. 3: Neglecting to Conduct Thorough Interviews You must sit down with IT and thoroughly interview them.
37 No. 4: Ignoring Key Data Locations & Important File Types Consider more than or word documents. You may choose different collections for different groups. Potential sources of relevant data may include: Workstations File share and network share Archival tapes systems attachments Hosted Other physical locations
38 No. 5: Having IT Perform on Onsite Collection An IT person should not perform an onsite collection if it: May raise conflict of interest concerns May lack requisite training and skills May lack tools and equipment to handle the job May be unable to handle the additional workload
39 No. 6: Do-It-Yourself Data Collection Untrained individuals should not attempt to perform data collection.
40 No. 7: Dangerous Desk-side Collection Dangerous desk-side collection practices: Forwarding to a central box for collection Directing employees to print relevant documents themselves
41 No. 8: Failing to Mirror Image vs. Imaging Excessively A mirror image is necessary when conducting an investigative and detailed analysis. A mirror image is not necessary when data is accessed but not analyzed.
42 No. 9: Ignoring Alternative Names Relying on one version of a name for data collection may cause you to miss crucial data. You may have data collection issues with a person s names or ID numbers.
43 No. 10: Failing to Maintain Proper Chain of Custody What media was received Who authorized its removal Who the users were.
44 ANY QUESTIONS? Bob Webb Frost Brown Todd LLC 400 West Market Street 32 nd Floor Louisville, KY (502) Ken Tuggle Frost Brown Todd LLC 400 West Market Street 32 nd Floor Louisville, KY (502)
Preservation, Retrieval & Production. Electronic Evidence: Tips, Tactics & Technology. Issues
Electronic Evidence: Preservation, Retrieval & Production Issues Tips, Tactics & Technology April 19, 2004 Discussion Outline 21 st Century Discovery E-Evidence Uncovered Preservation / Spoliation Computer
More informationChecklist for Rule 16(c) Pretrial Conference for Computer-Based Discovery
Checklist for Rule 16(c) Pretrial Conference for Computer-Based Discovery To aid and advance the ability for a litigation to successfully employ computer-based discovery, Rule 16(c) of the Federal Rules
More information3/13/2018. Legal Hold Notices, the Duty to Preserve, and Electronically Stored Information ( ESI ) What is Electronically Stored Information ( ESI )?
Legal Hold Notices, the Duty to Preserve, and Electronically Stored Information ( ESI ) What Every In-House Attorney Needs to Know Presented by Mike Seitz, Attorney at Spencer Fane LLP March 14, 2018 What
More informationDevelopment of your Company s Record Information System and Disaster Preparedness. The National Emergency Management Summit
Development of your Company s Record Information System and Disaster Preparedness The National Emergency Management Summit Thomas D. Anthony Frost Brown Todd LLC Attorneys at Law 201 E. Fifth Street Cincinnati,
More informationRecords Management and Retention
Records Management and Retention Category: Governance Number: Audience: University employees and Board members Last Revised: January 29, 2017 Owner: Secretary to the Board Approved by: Board of Governors
More informationPolicy Summary: This guidance outlines ACAOM s policy and procedures for managing documents. Table of Contents
Policy Title: Approved By: ACAOM Commissioners History: Policy Implementation Date: 28 October 2016 Last Updated: Related Policies: ACAOM -Records Retention Schedule References: Responsible Official: ACAOM
More informationFederal Rules of Civil Procedure IT Obligations For
Federal Rules of Civil Procedure IT Obligations For Email Message Logic is a business unit of Data Storage Corporation. 212-564-4922 www.messagelogic.net or www.datastoragecorp.com 2013 Data Storage Corporation,
More informationCellular Site Simulator Usage and Privacy
Policy 609 Cellular Site Simulator Usage and Privacy 609.1 PURPOSE AND SCOPE The purpose of this policy is to set guidelines and requirements pertaining to cellular site simulator technology usage and
More informationCARROLL COUNTY PUBLIC SCHOOLS ADMINISTRATIVE REGULATIONS BOARD POLICY EHB: DATA/RECORDS RETENTION. I. Purpose
CARROLL COUNTY PUBLIC SCHOOLS ADMINISTRATIVE REGULATIONS BOARD POLICY EHB: DATA/RECORDS RETENTION I. Purpose To provide guidance to schools and administrative offices regarding the maintenance, retention,
More informationRecords Retention Policy
June 21, 2017 Table of Contents 1 Introduction...3 1.1 Purpose...3 1.2 Scope...3 1.3 Review Cycle...3 1.4 Document Owner...3 1.5 Definitions...3 2 Policy...4 2.1 Records and Record Storage...4 2.2 Applicable
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationSUBJECT: Effective Date: Policy Number: Florida Public Records Act: Scope and
SUBJECT: Effective Date: Policy Number: Florida Public Records Act: Scope and 2-100.4 1/14/2014 Compliance Supersedes: Page Of 2-100.3 1 6 Responsible Authority: Vice President and General Counsel DATE
More informationPOLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6
POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6 North Gem School District No. 149 establishes the following guidelines to provide administrative direction pertaining to the retention
More informationAshford Board of Education Ashford, Connecticut POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION
Ashford Board of Education Ashford, Connecticut Series 2000 Administration POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION I. POLICY The Board of Education (the Board ) complies with all
More informationCommunity Unit School District No. 1. School Board
Community Unit School District No. 1 2:250-AP2 School Board Administrative Procedure - Protocols for Record Preservation and Development of Retention Schedules Legal Citations Each legal requirement in
More informationVersion Date Author Revision(s)/Edit(s) V3.0 12/8/2010 Marland Webb V4.0 03/18/15 Marland Webb Update procedures and links
Records Management Policy Property/Name Document Type Issuing Department Policy Number Version Number 4 Value Policy Law/Records Management NA Issue Date 12/08/2010 Effective Date 12/08/2010 Last Amend
More informationTHE SEDONA CONFERENCE JUMPSTART OUTLINE :
Ariana J. Tadler, Kevin F. Brady, and Karin Scholz Jenson* THE SEDONA CONFERENCE JUMPSTART OUTLINE : Questions to Ask Your Client & Your Adversary to Prepare for Preservation, Rule 26 Obligations, Court
More informationUTAH VALLEY UNIVERSITY Policies and Procedures
Page 1 of 5 POLICY TITLE Section Subsection Responsible Office Private Sensitive Information Facilities, Operations, and Information Technology Information Technology Office of the Vice President of Information
More informationScientific Working Group on Digital Evidence
SWGDE Best Practices for Digital & Multimedia Evidence Video Acquisition from The version of this document is in draft form and is being provided for comment by all interested parties for a minimum period
More informationScientific Working Group on Digital Evidence
SWGDE Best Practices for Digital & Multimedia Evidence Video Acquisition from Disclaimer: As a condition to the use of this document and the information contained therein, the SWGDE requests notification
More informationOffice of Inspector General Office of Professional Practice Services
Office of Inspector General Office of Professional Practice Services Executive Summary In accordance with the Department of Education s fiscal year 2017-18 audit plan, the Office of Inspector General (OIG)
More informationFlorida Supervisor of Elections Conference May 22, 2018 Patricia R. Gleason Special Counsel for Open Government Attorney General Pam Bondi
Public Records Act: Social media retention issues Florida Supervisor of Elections Conference May 22, 2018 Patricia R. Gleason Special Counsel for Open Government Attorney General Pam Bondi Scope of Public
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationSnap Inc. Law Enforcement Guide
Snap Inc. Law Enforcement Guide Last Updated: April 27, 2018 Download the most recent version at: https://www.snapchat.com/lawenforcement Mailing Address: Custodian of Records Snap Inc. 63 Market Street
More informationBYOD (Bring Your Own Device): Employee-owned Technology in the Workplace
BYOD (Bring Your Own Device): Employee-owned Technology in the Workplace MCHRMA Spring Conference April 4, 2014 PRESENTED BY: Sonya Guggemos MCIT Staff Counsel for Risk Control sguggemos@mcit.org The information
More informationManagement: A Guide For Harvard Administrators
E-mail Management: A Guide For Harvard Administrators E-mail is information transmitted or exchanged between a sender and a recipient by way of a system of connected computers. Although e-mail is considered
More informationRed Flags/Identity Theft Prevention Policy: Purpose
Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and
More information2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY
2016 SC REGIONAL HOUSING AUTHORITY NO. 3 S EIV SECURITY POLICY Purpose: The purpose of this policy is to provide instruction and information to staff, auditors, consultants, contractors and tenants on
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationInformation Security Incident Response Plan
Information Security Incident Response Plan Purpose It is the objective of the university to maintain secure systems and data. In order to comply with federal, state, and local law and contractual obligations,
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 9001 Lead Auditor www.pecb.com The objective of the PECB Certified ISO 9001 Lead Auditor examination is to ensure that the candidate possesses
More informationA full list of SaltWire Network Inc. publications is available by visiting saltwire.com.
Introduction Effective January 1, 2004, private sector organizations must follow a code for the protection of personal information in accordance with the Personal Information Protection and Electronic
More informationData Protection Policy
Introduction In order to; provide education, training, assessment and qualifications to its customers and clients, promote its services, maintain its own accounts and records and support and manage its
More informationCONFLICT OF INTEREST SYSTEMS
CONFLICT OF INTEREST SYSTEMS Conflicts of interest can lead to serious malpractice and ethical problems. To detect conflicts, a good conflicts checking system is essential. No lawyer can remember every
More informationAn Overview of the Gramm-Leach-Bliley (GLB) Act and the Safeguards Rule
An Overview of the Gramm-Leach-Bliley (GLB) Act and the Safeguards Rule Legal Disclaimer: This overview is not intended as legal advice and should not be taken as such. We recommend that you consult legal
More informationCOUNTY OF RIVERSIDE, CALIFORNIA BOARD OF SUPERVISORS POLICY. ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9
ELECTRONIC MEDIA AND USE POLICY A-50 1 of 9 Purpose: The purpose of this policy is to establish guidelines for proper use of all forms of electronic media. As used in this policy, electronic media includes,
More informationEmployee Security Awareness Training Program
Employee Security Awareness Training Program Date: September 15, 2015 Version: 2015 1. Scope This Employee Security Awareness Training Program is designed to educate any InComm employee, independent contractor,
More informationSubject: University Information Technology Resource Security Policy: OUTDATED
Policy 1-18 Rev. 2 Date: September 7, 2006 Back to Index Subject: University Information Technology Resource Security Policy: I. PURPOSE II. University Information Technology Resources are at risk from
More informationFarmingdale State College Records Management Training PRESENTED BY DOROTHY HUGHES INTERNAL CONTROL OFFICER AND RECORDS MANAGEMENT OFFICER
Farmingdale State College Records Management Training PRESENTED BY DOROTHY HUGHES INTERNAL CONTROL OFFICER AND RECORDS MANAGEMENT OFFICER SUNY Records Retention and Disposition Policy - 6609 Retention
More informationManaging and Electronic Records: A Transition Priority
TRANSITION Managing Email and Electronic Records: A Transition Priority NGA RESOURCES AUGUST 2018 Electronic communications tools such as email and text messaging present new challenges to the governor-elect
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationDepartment of Veterans Affairs VA DIRECTIVE April 17, 2006 WEB PAGE PRIVACY POLICY
Department of Veterans Affairs VA DIRECTIVE 6502.3 Washington, DC 20420 Transmittal Sheet WEB PAGE PRIVACY POLICY 1. REASON FOR ISSUE: To establish policy for the Department of Veterans Affairs (VA) for
More informationData Preservation Checklists
Data Preservation Checklists At the G8 meeting of Justice and Interior Ministers in Moscow in October 1999, the Ministers recognized that law enforcement authorities conducting criminal investigations
More informationPutting It All Together:
Putting It All Together: The Interplay of Privacy & Security Regina Verde, MS, MBA, CHC Chief Corporate Compliance & Privacy Officer University of Virginia Health System 2017 ISPRO Conference October 24,
More informationThe Legal Health Record and E-Discovery: Where You Need to Be
The Legal Health Record and E-Discovery: Where You Need to Be Webinar June 9, 2009 Practical Tools for Seminar Learning Copyright 2009 American Health Information Management Association. All rights reserved.
More informationElectronic Discovery in Employment Cases: What Every Employer Needs to Know. Presented By: Shannon Cohorst Johnson
Electronic Discovery in Employment Cases: What Every Employer Needs to Know Presented By: Shannon Cohorst Johnson Understand e-discovery and the latest tactics by claimants and counsel Understand your
More information8/28/2017. What Is a Federal Record? What is Records Management?
Ramona Branch Oliver US Department of Labor What Is a Federal Record? Records include all books, papers, maps, photographs, machine-readable materials, or other documentary materials, regardless of physical
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationRecords Retention Training
Records Retention Training Purpose LSUHSC-NO must comply with state and federal records retention requirements in order to provide appropriate access to state information to the public and to limit the
More informationRECORD RETENTION POLICY
RECORD RETENTION POLICY I. Purpose It is the purpose of this policy to establish a consistent record retention policy for (the Organization ). II. Policy The Organization shall retain records for the period
More informationWHEATON COLLEGE RETENTION POLICY May 16, 2013
WHEATON COLLEGE E-MAIL RETENTION POLICY May 16, 2013 I. PURPOSE Electronic mail (e-mail) has become a ubiquitous service that greatly enhances communication, both internally within the Wheaton community
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO 22000 Lead Auditor www.pecb.com The objective of the Certified ISO 22000 Lead Auditor examination is to ensure that the candidate has
More informationCare Recruitment Matters Limited Privacy Notice
Care Recruitment Matters Limited Privacy Notice Care Recruitment Matters Limited (CRM) is a specialist recruitment agency, sourcing permanent candidates for companies focused in the Health and Social Care
More informationInternet, , and Computer Usage Policy
Important disclaimer: The policy available on this page is only an example and is furnished merely as an illustration of its category. It is not meant to be taken and used without consultation with a licensed
More informationEXAM PREPARATION GUIDE
When Recognition Matters EXAM PREPARATION GUIDE PECB Certified ISO/IEC 20000 Lead Auditor www.pecb.com The objective of the Certified ISO/IEC 20000 Lead Auditor examination is to ensure that the candidate
More informationPreservation of Electronic Records for Litigation University Operations - Administrative
Preservation of Electronic Records for Litigation University Operations - Administrative EWU Policy 201-02 Effective: December 2, 2008 Authority: Board of Trustees Proponent: University President Summary:
More informationComputer Forensics US-CERT
Computer Forensics US-CERT Overview This paper will discuss the need for computer forensics to be practiced in an effective and legal way, outline basic technical issues, and point to references for further
More informationCAET Privacy Policy August
CAET Privacy Policy August 2017-08-21 Privacy Policy - Protection of Personal Information Policy Statement The Canadian Association for Enterostomal Therapy (CAET) controls the collection, use and disclosure
More informationUT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES
ACCESS MANAGEMENT Policy UT Health San Antonio shall adopt access management processes to ensure that access to Information Resources is restricted to authorized users with minimal access rights necessary
More informationE-DISCOVERY. The process in which electronic data is sought, located, secured, using it as evidence in a civil or criminal legal case.
E-DISCOVERY The process in which electronic data is sought, located, secured, and analyzed with the intent of using it as evidence in a civil or criminal legal case. I. Guidance Regarding the Amended Federal
More informationDisaster Preparedness + Cloud Computing. Jack Newton CEO + Founder Clio
Disaster Preparedness + Cloud Computing Jack Newton CEO + Founder Clio WHAT IS A DISASTER? Disasters Disruption of business functions and processes. Disasters to Others Clients undergo disasters for which
More informationNEWTON COUNTY OPEN RECORDS ACT POLICY
NEWTON COUNTY OPEN RECORDS ACT POLICY As a public entity, Newton County is subject to the Open Records Act, O. C. G.A. 50-18- 70 et seq. Newton County is committed to conducting its business in a manner
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationChecklist: Credit Union Information Security and Privacy Policies
Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC
More informationFinFit will request and collect information in order to determine whether you qualify for FinFit Loans*.
FinFit Web Privacy Policy General: This Privacy Policy ( Policy ) describes the ways FinFit, LLC ( FinFit, we, us) collects, stores, uses and protects information we receive from you or that you may provide
More informationCircling the Wagons. How to Implement an Effective Litigation Hold. Copyright 2006 IE Discovery, Inc. All rights reserved.
Circling the Wagons How to Implement an Effective Litigation Hold Copyright 2006 IE Discovery, Inc. All rights reserved. Agenda Importance of Document Retention Plan Litigation Hold Best Practices Case
More informationFreedom of Information and Protection of Privacy (FOIPOP)
Freedom of Information and Protection of Privacy (FOIPOP) No.: 6700 PR1 Policy Reference: 6700 Category: FOIPOP Department Responsible: Records Management and Privacy Current Approved Date: 2008 Sep 30
More informationScientific Working Group on Digital Evidence
Disclaimer: As a condition to the use of this document and the information contained therein, the SWGDE requests notification by e-mail before or contemporaneous to the introduction of this document, or
More informationSAMPLE LITIGATION HOLD NOTICES
Business & Litigation Support ediscovery: COLORADO RULES, CASE LAW & SAMPLE LITIGATION HOLD NOTICES HTTPS://SHOLLEREDWARDS.COM/LITIGATION-AND-SUPPORT/ 1.855.649.5884 CONTENTS Litigation Trigger... 3 Scope
More informationDCU Guide to Subject Access Requests. Under Irish Data Protection Legislation
DCU Guide to Subject Access Requests Under Irish Data Protection Legislation Context Under section 4 of the Irish Data Protection Acts 1988 & 2003 an individual, on making a written request to DCU, may
More information5/6/2013. Creating and preserving records that contain adequate and proper documentation of the organization.
Jay Olin National Archives Ramona Branch Oliver Department of Labor ASAP 6 th Annual National Training Conference May 12-15, 15, 2013 What Is a Federal Record? Records include all books, papers, maps,
More informationDEFINITIONS AND REFERENCES
DEFINITIONS AND REFERENCES Definitions: Insider. Cleared contractor personnel with authorized access to any Government or contractor resource, including personnel, facilities, information, equipment, networks,
More informationFOOT LOCKER PRIVACY POLICY
Foot Locker Privacy Statement: ( Foot Locker ) is committed to upholding fundamental principles of privacy and security in our relationship with our in-store customers and visitors to our web site. Our
More informationWhistleblower Submission Form
Whistleblower Submission Form FORM C Complete this form IF you are a lawyer a whistleblower (or a group of whistleblowers) who wish to be anonymous. If you are a individual whistleblower, please complete
More informationRequirements for Forensic Photography & Imaging Certification (08/2017)
Requirements for Forensic Photography & Imaging Certification (08/2017) A. General Requirements 1. An applicant for certification must possess a high ethical and professional standing. 2. All applicants
More informationYADTEL - Privacy Information INFORMATION WE COLLECT
YADTEL - Privacy Information As a customer of Yadtel, you are entitled to know what we do with personal information about you that we receive. We consider our treatment of such information to be a part
More informationPUBLIC RECORDS. May 2016
PUBLIC RECORDS May 2016 ACCESS Florida Law creates a right of access to inspect and/or have copies of public records. WHO? This means ANYONE regardless of: Identity Reason YOU MAY NOT REQUIRE A REQUESTOR
More informationATLANTIC BROADBAND LAW ENFORCEMENT HANDBOOK
ATLANTIC BROADBAND LAW ENFORCEMENT HANDBOOK INTRODUCTION Atlantic Broadband will assist law enforcement agencies in their investigations while protecting subscriber privacy as required by law and applicable
More informationEmployee Privacy, Digital Evidence, and the CFE. Kenneth C. Citarella, M.B.A., J.D., CFE Managing Director, Investigations Guidepost Solutions LLC
Employee Privacy, Digital Evidence, and the CFE Kenneth C. Citarella, M.B.A., J.D., CFE Managing Director, Investigations Guidepost Solutions LLC The Good Old Days CFE s Aerial View 1. What Information
More informationMinnesota Government Data Practices Act and Litigation Holds In An Electronic Environment
Minnesota Government Data Practices Act and Litigation Holds In An Electronic Environment MACA-MCHRMA Fall Conference Ruttger s Bay Lake Lodge September 10, 2015 1 PRESENTED BY: Karen Clayton Ebert MCIT
More informationCASA External Peer Review Program Guidelines. Table of Contents
CASA External Peer Review Program Guidelines Table of Contents Introduction... I-1 Eligibility/Point System... I-1 How to Request a Peer Review... I-1 Peer Reviewer Qualifications... I-2 CASA Peer Review
More informationISO 27002: 2013 Audit Standard Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD ISO 27002
: 2013 Audit Standard Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationShaw Privacy Policy. 1- Our commitment to you
Privacy Policy last revised on: Sept 16, 2016 Shaw Privacy Policy If you have any questions regarding Shaw s Privacy Policy please contact: privacy@shaw.ca or use the contact information shown on any of
More informationStandard for Security of Information Technology Resources
MARSHALL UNIVERSITY INFORMATION TECHNOLOGY COUNCIL Standard ITP-44 Standard for Security of Information Technology Resources 1 General Information: Marshall University expects all individuals using information
More informationE-DISCOVERY PRESENTATION E-DISCOVERY 101: BASICS
E-DISCOVERY PRESENTATION E-DISCOVERY 101: BASICS Agenda E-discovery Legal Issues Elements of a Litigation Hold Identification and Data Mapping of ESI Preservation and Collection Early Case Assessment Processing
More informationRegulation P & GLBA Training
Regulation P & GLBA Training Overview Regulation P governs the treatment of nonpublic personal information about consumers by the financial institution. (Gramm-Leach-Bliley Act of 1999) The GLBA is composed
More informationHIPAA For Assisted Living WALA iii
Table of Contents The Wisconsin Assisted Living Association... ix Mission... ix Vision... ix Values... ix Acknowledgments... ix Who Should Use This Manual... x How to Use This Manual... x Updates and Forms...
More informationInternet, , Social Networking, Mobile Device, and Electronic Communication Policy
TABLE OF CONTENTS Internet, Email, Social Networking, Mobile Device, and... 2 Risks and Costs Associated with Email, Social Networking, Electronic Communication, and Mobile Devices... 2 Appropriate use
More informationWebsite ADA Compliance Made Easy: How to Respond to Legal Demand Letters or Avoid Them, Altogether.
Website ADA Compliance Made Easy: How to Respond to Legal Demand Letters or Avoid Them, Altogether. Legal Demand Letters. Solved. Background Across the country, thousands of businesses and organizations,
More informationRecords Information Management
Information Systems Sciences Records Information Management Region V Spring Conference March 26, 2015 Was I supposed to keep that 1 Where did we store that 2 Space Issues. Need storage space for a classroom
More informationALAMEDA COUNTY GRAND JURY FINAL REPORT
2014-2015 ALAMEDA COUNTY GRAND JURY FINAL REPORT ALAMEDA COUNTY BOARD OF SUPERVISORS District One District Two District Three District Four District Five Scott Haggerty, President Richard Valle Wilma Chan,
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Introduction The purpose of this document is to provide a concise policy regarding the data protection obligations of Youth Work Ireland. Youth Work Ireland is a data controller
More informationSouthington Public Schools
3543 POLICY REGARDING RETENTION OF ELECTRONIC RECORDS AND INFORMATION I.POLICY The Board of Education (the Board ) complies with all state and federal regulations regarding the retention, storage and destruction
More informationCase 1:07-cv HHK-JMF Document 67 Filed 04/24/2008 Page 1 of 9 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA
Case 1:07-cv-01707-HHK-JMF Document 67 Filed 04/24/2008 Page 1 of 9 UNITED STATES DISTRICT COURT FOR THE DISTRICT OF COLUMBIA CITIZENS FOR RESPONSIBILITY AND ETHICS IN WASHINGTON, v. Plaintiff, Civil Action
More informationCayman Islands Data Protection Law Guide Book
Cayman Islands Data Protection Law Guide Book 2017 Guide Book Cayman Islands Data Protection Law, 2017 1. Background and Overview On 27 March 2017 the Data Protection Law, 2017 (Law) was passed by the
More informationHPE DATA PRIVACY AND SECURITY
ARUBA, a Hewlett Packard Enterprise company, product services ( Services ) This Data Privacy and Security Agreement ("DPSA") Schedule governs the privacy and security of Personal Data by HPE in connection
More informationElements of a Swift (and Effective) Response to a HIPAA Security Breach
Elements of a Swift (and Effective) Response to a HIPAA Security Breach Susan E. Ziel, RN BSN MPH JD Krieg DeVault LLP Past President, The American Association of Nurse Attorneys Disclaimer The information
More informationSeven Requirements for Successfully Implementing Information Security Policies and Standards
Seven Requirements for Successfully Implementing and Standards A guide for executives Stan Stahl, Ph.D., President, Citadel Information Group Kimberly A. Pease, CISSP, Vice President, Citadel Information
More information