T10: Legally Defensible Data Governance
Monday, June 5, 2023
01:30 PM - 04:45 PM
Advanced
How do you design data governance programs to withstand scrutiny by boards, courts, and regulators?
Learn how to demonstrate that important data is managed in accordance with evolving legal requirements. In this half-day class, you will learn how to address legal, regulatory, and contractual requirements with mature data practices. In addition, you will learn how to work more effectively with cross-disciplinary teams to mitigate legal risk through data process management. Most importantly, you will learn how to communicate the value of governance outcomes to senior leadership to ensure ongoing understanding and support of your programs.
By the end of this class, you will:
- Increase the confidence of directors and officers in the data that drives their business decisions.
- Establish the strategic goals that act as the "north star" for a healthy data-driven culture.
- Delegate responsibility, authority, and accountability for maintaining effective data governance controls.
- Govern the four key processes that enable enterprise management of data and data risk.
- Manage lifecycle processes that enable the collection, processing, and use of sensitive data, including personal data.
- Effectively communicate governance metrics and Key Risk Indicators to senior leadership.
- Assess enterprise privacy risk, document mitigation measures, and report findings to leadership.
- Restrict sharing of sensitive types of regulated data and proprietary information.
- Protect the use and disclosure of proprietary data, product data, customer data, and supplier data.
- Respond to inquiries and complaints from regulators, individuals, and media.
Mark Milone founded
VirtuLaw to empower complex organizations with optimized data practices. He is an attorney and data strategy leader who often advises on matters relating to data governance, cyber security, privacy (#CIPP/US, #CIPP/E), intellectual property, and technology transactions. As an attorney, he has extensive experience translating international laws into requirements that can be addressed by technical teams to mitigate risk. Leading a data strategy office has also provided him with expertise in leveraging data to achieve business outcomes. These two roles provide Mark with a unique, holistic viewpoint regarding data and data-driven organizations. In addition to his work in aerospace and defense, he has also worked in-house in financial services. He enjoys writing about the intersection of technology, law, and public policy and wrote the first comprehensive book on cyber law titled "Information Security Law: Control of Digital Assets" (Law Journal Press, 2006).