Skip to main content

FTC Workshops: Business Data Security & Red Flags Rule Compliance

The Federal Trade Commission, the Center on Law and Information Policy of Fordham Law School, the New York State Consumer Protection Board, and the New York City Department of Consumer Affairs presented this workshop of two half-day sessions. Other sponsors included the New York State Office of Cyber Security and Critical Infrastructure Coordination, the Better Business Bureau Serving Metropolitan New York, and the International Association of Privacy Professionals.

Morning Session: Protecting Personal Information - Best Practices for Business

This session focused on how and why businesses can better secure personal information, implement best practices for developing an appropriate data security program, and plan for and respond to data breaches and other privacy and security problems.

Panel 1: Steps and Strategies for Developing a Data Security Plan

  • Deborah Joslyn, Senior Manager, Privacy Team, Ernst & Young LLP
  • Scott Lancaster, Director of Information Security, Starwood Hotels & Resorts Worldwide, Inc.
  • JoAnn Stonier, Global Privacy & Data Usage Officer, MasterCard Worldwide
  • Miriam Wugmeister, Morriston & Foerster

Panel 2: Preparing for and Responding to Data Breaches

  • James Jaeger, Director, Cyber Defense & Forensics, General Dynamics
  • Robert Novy, U.S. Secret Service, Electronic Crimes Task Force
  • Joel R. Reidenberg, Assoc. Chief Academic Officer & Assoc. VP for Academic Affairs, Fordham University
  • Lisa Sotto, Hunton & Williams

Afternoon Session: Minimizing the Use of Stolen Identity - The Red Flags Rule

This session featured FTC staff who provided guidance regarding the scope, structure, and requirements of the Red Flags Rule, and business people and privacy experts who provided practical advice and discuss their experiences with creating and implementing a Red Flags Program.

  • Michael Allen, Associate Counsel, Citizens Energy Group
  • Orrie Dinstein, Chief Privacy Leader & Senior IP Counsel, GE Capital
  • Laura Dishman, Privacy & AML Associate, TIAA-CREF
  • Seth Gilbertson, Assistant Counsel, State University of New York