18th Annual Compliance & Ethics Institute 2019
Gaylord National, National Harbor, MD, United StatesPrivacy & Data Security Track
Saturday, September 14
-
08:30 AM - 12:00 PMSCCE's Annual Volunteer Project In additon to networking with your peers and listening to expert speakers, attending an SCCE Compliance & Ethics Institute gives you the opportunity to help a local area charity. Registration is free for this event and provides you with a volunteer t-shirt, lunch and transportation to and from the project location. It's a great way to start the CEI with fellow conference attendees, speakers, and SCCE board members.Networking 098
Sunday, September 15
-
08:44 AM - 12:00 PMPre Conference Morning Session100
-
08:45 AM - 10:15 AMBreakout Sessions#P06P6: Cyber Security Due Diligence: Will You Be the One to Save Your Company & CEO From Disaster? Charles Shugg, Partner | Chief Operating Officer, Sylint Group, Inc
- Discuss the importance and criteria for cyber security due diligence and how it affects corporate or organizational reputation damage, judicial punishment and senior executive careers
- Review case studies that highlight the lack of "reasonable" corporate cyber security due diligence regarding processes, assets and incident response actions
- Provide best practice guidance to improve senior executive awareness, reduce corporate risk and increase the likelihood of C-Staff career survival following a cyber security breach
IT 106 -
10:15 AM - 10:30 AMNetworking Break SundayNetworking
-
10:30 AM - 12:00 PMBreakout Sessions#P14P14: GDPR Compliance Post-Mortems: Lessons Learned from Facebook, Uber, and Others Scott Giordano, V.P., Corporate Privacy, and General Counsel, Spirion
- In the nearly 18 months since the EU GDPR was brought into force, several well-known companies have been penalized by EU data protection authorities for misuse and loss of personal data.
- In this session, we will review these post-mortems, determine what went wrong, and discuss the implications for complying with the GDPR and other multinational data protection regulations going forward.
- We will also examine recent European Data Protection Board (EDPB) opinions and discuss how they affect overall compliance strategy
IT 205 -
12:00 PM - 01:30 PMSunday Lunch (On Your Own). Braindates Time Need Ideas for lunch? Check in with the registration desk to find where to go to grab a quick bite or to mingle with old friends or new peers.Networking
-
01:00 PM - 04:45 PMPre Conference Afternoon Session200
-
01:30 PM - 03:00 PMBreakout Sessions#P22P22: Move the Needle - Active Agent Approach to Cybersecurity and Data Protection Compliance Brian Novack, Lead Compliance Analyst, AT&T Wireless Oleg Vasilyev, Director - Technology, Chief Compliance Office, AT&T
- Core products and processes at each company are dependent on IT. Active threats continue to evolve and drain resources. This limits a company's ability to reinvest, develop products, expand offerings to drive the next wave of growth, or to remain viable.
- To help, compliance must become an active partner supporting all facets of a company to establish the expectation for compliance, plan for compliance upfront, and drive compliance through strategic resource investment that is balanced with the risk.
- We will discuss an approach to help move companies towards active compliance, enabling each of us to build a solid foundation on which to reduce the threat opportunity and most importantly: Move the Needle.
IT 213 -
03:00 PM - 03:15 PMNetworking BreakNetworking
-
03:15 PM - 04:45 PMBreakout Sessions#P30P30: Software License Compliance & Vendor Management: Why It's Mission-Critical To Reputation & Cybersecurity, 10 Reasons It's Hard (& Getting Harder), & 10 Action Tips For You & Your Team Henry Jones, Owner, Law Office of Henry W Jones III & Intersect Tech.
- Non-Compliance, Now: How Traditional Purchasing & IT Processes + Vendor & Technology Changes Have Landed Nearly Every Entity In Contract Breach, Copyright Infringement, & Security & Reputation Risk
- Digital Dependency Reduction & Organizational Quality Control: Best Practices: Recommended, Rank-Ordered Action Items For Compliance Professionals To Help Purchasing, IT & Other Colleagues See & Fix Software License Compliance
- Get To Not Just Yes & Fixed, But Also Thank You: Tips For Software-Specific Change Enablement, Quantification, Persuasion, Charm, Evidence, Appreciation, Budgeting, & Career Benefits
IT 221
Monday, September 16
-
07:00 AM - 08:00 AMContinental Breakfast, Exhibitor Networking and Braindates TimeNetworking
-
08:00 AM - 08:15 AMOpening Remarks and Awards PresentationGeneral Session
-
08:15 AM - 09:15 AMGeneral Session: From Crisis to an Electric Future: Inside the Cultural Transformation of One of the Largest Companies in the World. A Disscusion. Kurt Michels, Chief Compliance Officer, Volkswagen Group Matt Kelly, Editor & CEO, Radical Compliance -Starting a transformation in the aftermath of a crisis -Behind the scenes of Volkswagen’s cultural transformation: the strategies that drove the turnaround -Using a crisis to implement change: Lessons learned for compliance professionalsGeneral Session
-
09:15 AM - 10:00 AMNetworking Break with ExhibitorsNetworking
-
10:00 AM - 11:00 AMBreakout Sessions#106106: Privacy Trends in the US and Implications for US and Global Organizations Teresa Troester-Falk, President/Founder, Blue Sky Privacy
-For the past 2 years, the GDPR has garnered the attention, resources and budget of organizations, but privacy is in the headlines almost everyday in the US and the new California Consumer Privacy Act will take effect Jan 1, 2020 as well as Nevada’s new law in October of this year -Several other States are considering similar legislation and these new US laws and increasing regulator attention will impact operations -This session will provide you with an overview of the state of play of US privacy laws and bills and provide practical insight into how organizations are handling these changes and trying to “future-proof” their operations in order to efficiently deal with any forthcoming law
IT 306 -
11:00 AM - 11:30 AMNetworking BreakNetworking
-
11:30 AM - 12:30 PMBreakout Sessions#206206: Password Techniques and Strategies to Promote a Higher Level of IT Security Frank Ruelas, Corporate Responsibility Officer, CommonSpirit Health/SJHMC
-Learn key criteria applicable to passwords that have the potential to contribute to a higher level of security with respect to the organization’s information system - Common myths and mistakes that may compromise the strength of passwords - Review and consideration of effective administrative, physical, and technical safeguards to apply to your organization’s password management policy
IT 356 -
12:30 PM - 01:15 PMNetworking Lunch & Braindates Time Starter: Spinach salad Entrée: Mustard and thyme chicken breast Dessert is served in the Exhibit HallNetworking
-
01:15 PM - 02:00 PMDessert and Networking Break with ExhibitorsNetworking
-
02:00 PM - 03:00 PMBreakout Sessions#306306: Demystifying Government Cybersecurity Compliance David Kessler, Public Sector Product Compliance Counsel, Verizon
- Understand the alphabet soup of the Federal government cyber security landscape, including FISMA, NIST, FIPS, FedRAMP, CNSSI 1253, IRS 1075, and similar requirement
- Learn techniques for encouraging compliance-by-design for Federal cyber security requirements in a commercial company
- Appreciate how compliance with Federal cybersecurity requirements can reduce a commercial company’s overall cyber security risk
IT 406 -
03:00 PM - 03:15 PMNetworking BreakNetworking
-
03:15 PM - 03:30 PMGeneral Session: DOJ Evaluation of Corporate Compliance Programs Guidance Document Matthew Miner, Deputy Assistant Attorney General, DOJ, Criminal DivisionGeneral Session
-
03:30 PM - 04:15 PMGeneral Session: Investigations and Integrity in the Spotlight Michael Horowitz, Inspector General, United States Department of Justice Adam Turteltaub, Chief Engagement & Strategy Officer, SCCE & HCCA -Keeping your investigation focused while in the spotlight -How to find the relevant facts and avoid distractions -Writing a report that provides a true conclusion to the investigation and protects the integrity of your officeGeneral Session
-
04:15 PM - 05:15 PMAuthor signing: Kirsten Liston, Creating Great Compliance Training in a Digital WorldNetworking
-
04:15 PM - 06:00 PMNetworking Reception & Braindates Time Mingle with your peers and network with the exhibitors over some delicious appetizers after your long day of learning.Networking
Tuesday, September 17
-
07:00 AM - 08:00 AMContinental Breakfast, Exhibitor Networking & Braindates TimeNetworking
-
08:00 AM - 08:15 AMOpening Remarks and Awards PresentationGeneral Session
-
08:15 AM - 09:15 AMGeneral Session: The Odebrecht Transformation - A Recovery from Compliance Scandal Olga Pontes, Coordinator of the Compliance Commission, IBDEE - INSTITUTO BRASILEIRO DE DIREITO E ETICA EMPRESARIAL Gerry Zack, CEO, SCCE & HCCA Odebrecht was central to the Operation Car Wash corruption scandal that began with the arrest in 2015 of the company’s former CEO. Since 2016, Odebrecht has been on a journey of cooperation and transformation, resulting in renewed respect for a company that had lost much of it. In this in-depth interview, hear directly from Odebrecht’s Chief Compliance Officer as she discusses: -Dealing with the initial shock and crisis -Developing a transformation plan -Implementing a new and world-class compliance functionGeneral Session
-
09:15 AM - 09:45 AMNetworking BreakNetworking
-
09:45 AM - 10:45 AMBreakout Sessions#406406: Using Automation for Compliance Management and Reporting That Will Bring a Smile to the Face of Any Prosecutor Theodore Banks, Partner, Scharf Banks Marmor LLC Heidi Rudolph, Managing Director, Morae Global Gene Stavrou, Compliance Director, Ingredion
-Technology tools to facilitate collaboration/delegation with other parts of the business (including case management systems, learning management, policy management, etc.) -Aligning & evaluating your compliance program to fit the recommendations of the Federal Sentencing Guidelines and the DOJ Evaluation of Corporate Compliance Programs tool -Using technology tools for management reporting and engagement (including risk assessment, financial management, ROI, etc.)
IT 456 -
10:45 AM - 11:30 AMNetworking Break with ExhibitorsNetworking
-
11:30 AM - 12:30 PMBreakout Sessions#506506: Optimize IT Compliance Processes to Meet New Data Privacy Challenges Ralph Villanueva, IT Security and Compliance Analyst, Hilton Grand Vacations
- The audience will learn the common data privacy requirements across several legislations such as the GDPR and the California Privacy Act, and understand the interrelatedness of IT compliance and data privacy
- The speaker will demonstrate how IT compliance processes can be leveraged to meet data privacy requirements
- Audience will pick up techniques to make their organizations more data privacy compliant upon returning to the office
IT 506 -
12:30 PM - 01:30 PMNetworking Lunch, Dessert and Last Chance to Visit with Exhibitors Starter: Lyon Bakery focaccia panzaella. Entrée: Glazed short ribs. Dessert is served in the Exhibit HallNetworking
-
01:30 PM - 02:30 PMBreakout Sessions#606606: Compliant Technology - The Future is Now Stephen Majerowicz, Technical Director, Office of Compliance for Capabilities, Department of Defense
Analytics - replacing the human - tools that make our work easier can be compliant. They have to be compliant in the context of government access to data. The future of analytics - is now - the development of analytics is proceeding at breakneck speeds and compliance must keep pace. Use case - streaming analytics - to show how human-only functions are being replaced and where compliance fits into the equation.
IT 556 -
02:30 PM - 03:00 PMNetworking BreakNetworking
-
03:00 PM - 04:00 PMBreakout Sessions#706706: Automating Privacy Operations at Scale in Azure David Marcos, Chief, Privacy Strategy: Cloud & Artificial Intelligence, Microsoft
- Built on Trust: operationalizing privacy compliance for Cloud
- Data-driven continuous monitoring of privacy
- Looking to the future: laying the groundwork for ethical computation
IT 606 -
04:00 PM - 04:15 PMNetworking BreakNetworking
-
04:15 PM - 05:15 PMGeneral Session: The Limits of Trust Diana Henriques, Financial Author and Journalist , Author of Wizard of Lies -The Bernie Madoff scandal in 2008 cast new light on an age-old Challenge: Too often, our psychological and procedural defenses are set up to detect threats from the outside -How do we defend ourselves from the trusted criminal—the admired and respected high-achiever who wins our trust, and then betrays us? -Gain a better understanding of how Madoff's fraud can inform a smarter approach to keep us safe from such predators.General Session
-
05:15 PM - 05:20 PMClosing RemarksGeneral Session
Wednesday, September 18
-
08:00 AM - 11:15 AMPost Conference800
-
08:30 AM - 10:00 AMBreakout Sessions#W06W6: Managing Data and Promoting Privacy: A Deliberate Peer to Peer Experience Exchange of Ideas About How to Comply with Rapidly Changing Cybersecurity and Privacy Compliance Obligations Whittney Tom, Contractor, TechSoup Nisha Sehn, Senior Technical Program Manager, Fastly
- The TechSoup Team is back for take two due to positive feedback from their 2018 debut. We will facilitate dialogue about how companies monitor changing cybersecurity obligations and how you work across departments to protect data and enhance privacy.
- Who's responsible and accountable for data management and protection? A discussion about the intersection of business, technology, and compliance teams involvement in data management and protection. We will share successful and collaborative strategies
- Strategies to address the risks: Strategies to take a risk-based approach to map, manage, and protect data. How you can use technology as a tool to monitor and enforce data protection. A facilitated dialogue about participants' experiences.
IT 806 -
10:00 AM - 10:15 AMNetworking BreakNetworking
-
10:15 AM - 11:45 AMBreakout Sessions#W13W13: Designing a Compliance and Governance Model for Today’s Hi-Tech Business Environment Eric Brotten, Vice President, Compliance & Privacy Officer, Centene (MHS Health Wisconsin) Sarah Boswell-Healey, Senior Director, Compliance, UnitedHealth Group