The Information Management 360 Podcast

In this podcast, Marie Patterson and Jay Cohen discuss the changing role of Chief Compliance Officers (CCOs). New developments in compliance underscore the evolving role of CCOs, with wider responsibilities and increased influence within organizations. Topics discussed in this episode include: Evolution of Compliance Officer Role: They discuss the historical background of compliance officers and how guidelines from 1991 emphasized effective compliance programs. The Caremark case in 1996 established the duty of directors to oversee compliance risks, including information systems and red flags.Recent Changes: They delve into a recent Caremark case that extends compliance responsibilities to corporate officers, not just directors. This means the CEO and CCO now share company-wide compliance duties.DOJ's Influence: The US Department of Justice's guidance is shaping compliance expectations, emphasizing a culture of compliance, empowering officers to raise concerns, and prioritizing ethics over profit.

In this episode, Caitlin Fennessy, VP & Chief Knowledge Officer at IAPP discusses three top issues in the privacy industry: Data transfer and theThe new role of the DPO in the EU and the rules andHow AI will effect

In this episode Priya Keshav, CEO of Meru Data, discusses the effects of the explosion of privacy legislation on corporations. This episode also discusses:whether the approach to regulatory compliance can be simplified by using one set of regulations as the "golden standard"reasonable data security: how is it defined and who enforces those requirementsif the proposed federal privacy legislation will pre-empt the current state privacy laws

In this episode,Jim Merklinger, President, ACC Credentialing Institute and Bill Schiefelbein, ACC Data Steward Program Administrator discuss the new ACC Data Steward Program designed to help legal entities elevate their data security programs to combat data breaches and ransomware threats.

In this episode we review the challenges Information Managers have with managing the current US state data privacy laws and the future state privacy laws introduced into legislation this year. In this podcast we will discuss: Why there is no one data privacy set of requirements that is the "golden standard" like the GDPR or CCPA, whereby complying to one set of laws will equal compliance with all other US states' legislation. Each new set of data privacy laws has their own nuances and exemptions.The staggering amount of money organizations will spend (up to $100B per year) having to comply with multiple state requirements - including additional reiterations of existing states' data privacy laws.How the most efficient way for an organization to respond to a data subject's access request is by centralizing and syncing all the organization's data in a single repository.

In this episode, Bill Tolson, Archive360 and John Roberts, CPO of Ontario, Canada, discuss:the upcoming Canadian Privacy Laws (C27) and how they align with other country privacy regulations.how the law is split into three parts: a modernization of current Canadian laws (PIPEDA), a tribunal component, and how AI will effect the collection of datawhat will be the rights of private citizens to have their PII deleted

Our latest episode Mark Diamond, Contoural, Inc. President and CEO discusses:the importance of Information Goverance with the myriad of new data privacy regulations.the definitions of Information Goverance and Data Governance, and how each are important in an enterprisewho in the organization should own Information Governance...legal? IT? risk? finance? privacy?how will cloud adoption effect information governance processeshow most organizations can't meet the mandatated privacy requirements

Directive M-19-21 is driving Federal agencies to digitize their processes and recordkeeping and shut down their records storage facilities. While this is an enormous task, the bigger question is: where will all of this digitized data go? Just like paper records, all of the electronic records must be archived, secured, indexed, and managed per federal records management requirements. In this podcast we address the issues you need to think about that will help you successfully plan for and deal with the avalanche of electronic records.

In this episode, Cherie Givens discusses her new role as Chief Privacy Officer of North Carolina and the data privacy initiatives she has currently implemented for the state. She also discusses:* North Carolina's compliance with with HIPAA and FERPA regulations, * how data privacy should be looked at separate from data security* implementing training initiatives to support the state's data privacy goals.

Our latest episode features Jane Bambauer, a professor of law at the University of Arizona and one of the authors of the Uniform Law Commission's model privacy law, the uniform Personal Data Protection Act.

In this episode, Bill Tolson and Chris Cronin, Partner, Governance and Engineering Practice at HALOCK Security Labs try and define "reasonable data security" - a term that continually appears in every states' privacy law or proposed legislation.  But what is "reasonable data security"? Today, there is no prescriptive definition for "reasonable data security".  Chris Cronin will share what he tells his clients and the best policies and procedures for staying compliant.

Our latest episode features Steve Weissman, the "Info Gov Guy" at Holly Group. Steve and Bill discuss how the myriad of state privacy laws will drive big changes for information governance. Currently there are projected to be 15 to 20 new states with their own privacy laws by 2024 that all have different definitions, different exclusions, different rights, etc. How does an organization track these differences and maintain a high level of coherence.

The show producer has not yet provided a description for this episode.

In this episode we interview Ryan Harkins, Sr. Director of Public Policy at Microsoft. Ryan discusses the state of data privacy legislation in the US and Microsoft's role in driving the need for strong US government data privacy policies. As states no longer wait for the US to lead the initiative, businesses are left struggling to comply with a myriad of privacy policies with different specifications, definitions and penalties for non-compliance.

In our latest episode Bill Tolson, Archive360 and Andrew Ysasi, VRC, discuss how the remote and hybrid work environments have had an impact on the creation of new information governance policies and procedures.  With the rapid implementation of collaboration technologies like MS Teams and Slack to continue company productivity, Information Managers are now scrambling to try and revise those policies and procedures to comply with the myriad of state data privacy and security regulations that being proposed in over 25 different states.

In our latest episode Michael Sampson, Senior Analyst, Osterman Industry Research discusses the recently published Zero Trust white paper. This podcast will cover the differences in infrastructure security and data security which have been brought to the forefront over the last several years due to the rise in cyber attacks, ransomware and the newer more dangerous extortion wear variants. In this episode we also discuss the effects that COVID-19 has had on much of the remove workforce with less secure technology capabilities than in-person offices.

Our latest episode features Utah State Senator Kirk Cullimore, author of the Utah ConsumerPrivacy Act. This discussion focuses on Utah's current consumer privacy and security legislation. The state of Utah is the fourth state to pass a consumer privacy bill into law, following California, Virginia, and Colorado. Sen. Kirk Cullimore discusses the drivers for today's privacy legislation and discusses the future of privacy legislation from the Federal Government.

Our latest episode features Tara Taubman-Bassirian, consultant and owner of DATARAINBOW. In this episode we will discuss:* the latest updates on the EU data Privacy and GDPR regulations and the recently updated privacy shield laws* how the EU considers personally identifiable information (PII), and the capacity to control the data associated with it, as a human right; and * how the current regulations are generating fines much larger than previously assessed.

In our latest episode, Bill Tolson and special guest Kevin Thomas, New York State Senator, discuss the state of consumer privacy and security legislation. Kevin is the author of the New York Privacy Act and been working on this act for the last four year. Prior to introducing the bill, Kevin continually saw reports of personal data being manipulated and often used against consumers. This became the driving force behind his interest in privacy and security legislation.

In our latest episode, Bill Tolson and special guest David Stauss, Partner at the Husch Blackwell law firm discuss privacy legislation and the lack of federal activity. David is the co-chair of the firm’s data privacy and cyber security practice. David states that the lack of federal activity is the common driving factor as to why certain state legislators are introducing privacy bills in their states.

In our latest episode, Bill Tolson and special guests Virginia State Senator David Marsden, discuss the state of consumer privacy and security legislation both in the state of Virginia and nationally. Virginia is the third state to pass a consumer privacy protection bill into law. Bill and David go into detail about the bill, how it started, the provisions it includes and what this could mean for Federal data privacy legislation.

In our latest episode, Bill Tolson and special guests Jim Banach, Architect, Security and Compliance, Microsoft 365 Center of Excellence discuss the impact of privacy regulations on business. During this podcast, Bill and Jim discuss current, new and changing data privacy laws and environments and how companies can comply with these new policies.

In our latest episode, Bill Tolson and special guests Rep. Steve Elkins, Representative (DFL) District: 49B Minnesota House of Representatives discuss consumer privacy legislation. Steve is the co-author of the Minnesota Consumer Data Privacy Act bill. During this podcast, Bill and Steve take a deep dive into the details of the bill and Rep. Steve Elkins views on consumer privacy in general.

In our latest episode, Bill Tolson and special guests Leigh Isaacs, Director, Information Governance for DLA Piper LLP discuss information management trends for law firms. Law firms like most companies weren’t prepared for some of the changes caused by the pandemic specifically related to collaboration software to keep employee communications going while employees were remote. Bill and Leigh dive deep into this topic and more in episode 16.

In our latest episode, Bill Tolson and special guests John Mancini, President of Content Results LLC, and long-time past president of AIIM discuss the transition from records management to information management. With the massive increase in data within organizations as well as the new privacy laws both state and country driven, organizations have additional responsibilities with securing personal information as well as knowing exactly what personal information they hold. Bill and John dive deep into this and more in episode 15.

In our latest episode, Bill Tolson and special guests Mike Salvarezza, Vice President of Content Development, MER discuss the changing information governance environment in the age of Covid-19. The episode explores how collaboration tools such as Microsoft Teams have challenged information governance professionals. In order to be successful today, information governance professionals must take a holistic view of all these challenges (privacy, cyber security, data security, training, data management, etc.)

In our latest episode, Bill Tolson and special guest Jason Stearns, Past President of ARMA, discuss how to manage the growing amount of information flowing into and out of enterprises today – both paper and electronic. The episode also explores the issues resulting from a lack of corporate focus on information management within an organization - including defensible disposition.

In our latest episode, Bill Tolson and special guests Tyson Marx, Senior Associate at Ward & Berry and Chelsea Padgett, Associate at Ward & Berry discuss the details of President Biden’s Executive Order on Cybersecurity. The executive order is specifically for the federal government and their agencies. The three main points of the order include improving communication between agencies and contractors with respect to cybersecurity incidents, modernizing technology and improving accountability.

In our latest episode, Bill Tolson and Jason Bero, Privacy, Risk and Compliance Officer at Microsoft discuss long-term archiving for regulatory compliance. This episode dives deep into government requirements for storing data, how to archive important data for the long-term as well as ensure that retrieval of the data is easy as well as a discussion around the tools used today and potentially in the future.

In this episode our guest Jodi Daniels from Red Clover Advisors discusses the differences between the California Consumer Privacy Act (CCPA) and the California Public Records Act (CPRA). Which one supersedes the other? In this podcast you will learn: 1. What steps your organization needs to take in order to be compliant with these regulations, 2. How building a privacy organization is not longer a "nice to have" but a necessary requirement3. What to include in your privacy policies that will expose your organization to the least amount of risk