Thoughts on 2015 Events

Thoughts on 2015 Events

For the CGOC, the last half of 2015 was a busy one. With the change in leadership, we hit the ground running with three well-attended regional events in Minneapolis, San Francisco, and London. Although many of the session titles were similar, each region had a different take on the topics.

Minneapolis, MN — September 16th

Since we had never had a CGOC meeting in Minneapolis, we were not sure what to expect in terms of interest and caliber of speakers. Our host, the Dorsey Firm, had better foresight as to the level of interest and set up the event in their conference room with a capacity for 110. As an economic powerhouse region, the twin cities are home to an inordinate number of Fortune 50FullSizeRender-20 companies. The impressive line-up of speakers from Ameriprise, Best Buy, Mayo Clinic, US Bank, United Health and Xcel Energy created the buzz needed to fill the room.

The speakers addressed issues as wide-ranging as how to use analytics for business efficiency from seasoned practitioners to updates on FCPA enforcement from two former SEC regulators. The diversity of the attendees kept the meeting from being too focused on any one industry. One example is that usually there is consensus on the benefits of data deletion with regard to reducing the cost of eDiscovery and risk of data breaches, however, a lone voice of dissent made the powerful point that sometimes the intrinsic value can sometimes override the concern: “the cure for cancer is in our data.”

San Francisco, CA — September 24th

The epicenter of innovation did not disappoint. The Bay Area sets the barometer for the future of business and the discussions at this meeting did much to highlight this fact. From large heavily regulated companies such as Chevron and Visa to relatively new, less regulated companies such as Uber and Box, the issues of concern could be seen as falling into a Venn diagram.

FullSizeRender-3The old and the new guard are dealing with many of the same challenges with regard to litigation and data security, the rapidly growing (mostly technology) companies are under pressure to comply with laws and regulations in a manner that has the least impact on infrastructure expansion. Large established companies can afford to have a multi-year information governance or data privacy initiative. Newer companies do not have that luxury yet. Their in-house counsel and privacy officers are under the gun to grasp all the nuances of what it takes to be compliant and implement a solution quickly.

A unique aspect of an event in San Francisco is the heavy interest in understanding how to do business with China. Fascinating sessions on the FCPA and data security shed light on many of the issues specific to the region, punctuated with first-hand observations. However, it wasn’t all war stories and warnings, the members benefited from insight and practical steps in implementing an FCPA compliance program and reducing cyber intrusion risks. Due to the number of questions and extended conversations, most of the networking happened after the event at Gibson Dunn’s beautiful reception room overlooking the Oakland Bay Bridge.

London, UK –December 11th

For London, the program had more emphasis on data privacy as related to cross-border data transfers. With the newly issued final ruling from the Court of Justice of the European Union on Schrems v. DPC, there was much to decipher and discuss. Our first session set the tone for the day with an all-star panel of experts on this topic. It was clear from this session, that for the legal community, the ruling was foreseeable. Many months prior, corporations and law firms had already drafted and began the arduous process of circulating binding corporate rules to each country’s Data Protection Authority. Although very few have completed the entire process, all signs point to a more rapid adoption rate now that the choices have narrowed.

As with the other meetings, Information security was a topic of great interest. It was established that Data Privacy and Information Security are intimately related and that the key to maintaining privacy and reducing the risk of a breach is to secure the pertinent data. The data security session also included an overview of the US Department of Justice’s cybercrime networks and their interaction with companies in both proactive and reactive situations. During an interactive exercise, the panelists walked the audience through key issues in data security and incident response planning.

Not surprisingly, the overall theme of each event was that good information governance solves a myriad of problems. That wasn’t unique. What made each event distinctive was that attendees were able to walk away feeling empowered to make changes in their organizations with the knowledge and connections that they gained that day.

 

Share With A Friend: