Data Privacy Point of Contact Orientation Session：接触定位会话数据隐私的角度.pptVIP

Data Privacy Point of Contact Orientation Session Agenda Introduction Sol Bermann Executive Order Sol Bermann Role of CIO, DPPOC Rick Shipley Ohio IT Security Policies Doug Alt Encryption Protocol Sam Orth Acquisition Tom Hart Q and A Closing Sol Bermann State of Ohio IT Security Introduction Update on Security Breach State Response/Executive Order Data Privacy Point of Contacts Executive Order 2007 -13S Improving State Agency Data Privacy and Security Which Agencies? Mandatory All Cabinet Level Agencies Voluntary Non-Cabinet Level Agencies, Boards and Commissions Chief Privacy Officer Privacy Impact Assessment Protocol by 8/29/07 Data Encryption Protocol by 8/29/07 Mandatory Agencies Security Policy Compliance Report by 8/14/07 Privacy Impact Assessment Implementation by 8/29/07 Develop plan by 11/12/07 for implementing the Encryption Protocol Appoint DPPOC by 6/22/07 Questions? Sol Bermann Chief Privacy Officer, J.D., CIPP Sol.Bermann@ (614) 995-9928 Implementation Privacy and Security Privacy Security are flipsides of a coin Privacy = policies, rules laws surrounding data usage Security = implementation of protection that enforces the policies, rules laws Role of Agency CIO Help Oversee Agency Compliance Executive Order 2007 – 013S Privacy, confidentiality, security, disclosure, and sharing of information Provide direction and oversee activities Develop and oversee the implementation of policies, principles, standards, and guidelines Role of DPPOC Help with Executive order Policy Compliance Reporting 2(c) Privacy Impact Assessment Implementation 2(e) Data Encryption Protocol Implementation Report 2(f) Advise or support departmental management on business and policy issues relating to privacy, information assurance, and security Understand the data the agency has and how the agency uses the data Sensitive data classification Work within and across business units Who Is The DPPOC ? Need people that understand the data the agency has how t