Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

🔓 Public Page

      
   CIECA 500 Westover Dr  #11617; Sanford,  NC  27330 

Date

Info

ANTITRUST STATEMENT

As participants in this meeting, we need to be mindful of the constraints of antitrust laws. There shall be no discussions of agreements or concerted actions that may restrain competition. This prohibition includes the exchange of information concerning individual prices, rates, coverages, market practices, claims settlement practices, or any other competitive aspect of an individual company’s operation. Each participant is obligated to speak up immediately for the purpose of preventing any discussion falling outside these bounds.

Agenda

  • Welcome/Introductions

  • Antitrust

  • Introductions to Information Privacy Adhoc Ad-Hoc Committee Chairs

  • Define Charter

  • Committee Goals

    • Steps to take to achieve those Goals

Meeting Minutes

Dropboxconnector addon plugin for confluence macro
macroHeight464
draftID22e8e560-7c6d-11eb-a06d-59eea9cdf486
macroWidth800
items[{"skyItemID":"%252FStandards%252FEmerging%2520Tech%252FMeeting%2520Docs%252F2021-03-03%252011.05%2520CIECA%2520Committee%2520Meetings.mp4","shareToken":"22c97680-7c6d-11eb-ab3d-9b134fe8da45","itemType":"file","permissions":[],"parentShareToken":"7206c3a0-7c3c-11eb-be65-a55d3e88f521","parentShareSkyItemID":"%2FStandards%2FEmerging%20Tech%2FMeeting%20Docs","description":"file / Shared by Paulette Reed"}]
  • The Antitrust statement was read and agreed upon.

  • Paul kicked off the meeting by thanking the co-chairs, Lance Vannalom, Caliber, and Steve Betley, Car-Part.com.

  • Lance Vannalom, the committee co-chair, introduced himself as the information privacy manager at Caliber.

  • Paul shared that the Executive Committee asked to create an ad-hoc committee to discuss CIECA’s role as it relates to the topic of Information Privacy.

  • The objectives are to:

    • Identify what role CIECA can realistically play in the area of information privacy, and

    • Develop recommendations for CIECA’s position on the topic.

  • The deliverables:

    • Initial recommendations for review by the Executive Committee

    • Final recommendations for review by the Board of Trustees

  • Paul shared a slide with the three elements of an Information Privacy Program:

    • Data Security-the physical and logical protection against authorization access,

    • Data Privacy-Internal policies and procedures to protect how data is used and shared (SOX / SOC 2), and

    • Data Segregation / Segmentation-Limiting what information is contained in data exports and shared outside the organization.

  • A discussion was held about CIECA’s role in all three of the above and it was suggested that Data Segregation is an area where CIECA has the potential to provide input to the industry. All agreed.

  • Paul pointed out that the concept of information privacy has evolved over the years and that there has There has been some confusion in the industry about CIECA’s role in these areas. Information included on CIECA’s website that might have been confusing or misleading to some, has since been taken down. The committee said that it might be helpful to have a statement on the website about CIECA’s position in these areas and 1) recommend companies a company contact their its IT department, and also 2) provide a link to resources for more information. Phil and Lance were going to look into this. Phil suggested that a definition needs to be more precise.

  • The committee’s charter was discussed next . and the following was noted:

    • Mission

      • Identify what role CIECA can realistically play in the area of Information Privacy

        • Develop recommendations for CIECA’s position on the topics of

          • Data Security

          • Data Privacy

          • Data Segregation / Segmentation

    • Problem Statement

      • There are misunderstandings within the industry on what role CIECA plays as it relates to Data Security, Privacy and Segregation.

        Information Privacy has evolved greatly in the last 20 years. We need to be more precise and clear in our terminology and definitions as it relates to the topics of data security, privacy and segregation.

    • Scope:

      • Must have:

        • The scope is CIECA’s position / role as it relates to Data Segregation.

        • Keep the scope narrow to what CIECA can do and not take on the broader role of education.

      • Not in scope:

        • Any security or information privacy related topics that go beyond those areas that CIECA can directly influence.

    • Operating Guidelines

      • This committee is an ad-hoc committee formed for the single purpose of address addressing the issue of data segmentation.

      • This is not intended to be a permanent committee.

😁 Great Kickoff Meeting Everyone and thank you for your participation and support. Have a Great Week!

Up Next

  • Antitrust Agreement and Meeting minutes acceptance

Action items

  •  Send a reoccurring invite out to committee
  •  Paul to work with co-chairs Steve and Lance to develop a first draft of a position Jira LegacyshowSummaryfalseserverSystem JIRAserverIdabac5479-c181-36c9-a80c-f646fa715b9akeyhttps://cieca.atlassian.net/browse/OPS-173
  •  Lance & Phil to research good generic industry resources for Data Security & Information Privacy

Decisions

Participants

Participants in the meetings are noted for your information.  If you have questions on the committee’s activities, please contact a recent attendee. https://cieca.atlassian.net/wiki/pages/resumedraft.action?draftId=738263165