The term “sensitive personal information” is often referred to in contracts, regulatory guidance, and policy documents. What constitutes sensitive personal information, and the practical implications of that designation differ among laws, regulations, and privacy frameworks.
The program will discuss what types of personal information are considered “sensitive” under different legal regimes including the CCPA, CPRA, CPA, VCDPA, and GDPR, and explain how that designation impacts what businesses can, and cannot, do with information.
Key topics to be discussed:
How different statutes and regulations use the phrase “sensitive personal information”
What companies must do in order to collect sensitive personal information from consumers and employees
What restrictions are imposed on companies that collect sensitive personal information
What regulatory considerations should companies consider
Date / Time: January 26, 2022
2:00 pm – 3:00 pm Eastern
1:00 pm – 2:00 pm Central
12:00 pm – 1:00 pm Mountain
11:00 am – 12:00 pm Pacific
Choose a format:
Live Video Broadcast/Re-Broadcast: Watch Program "live" in real-time, must sign-in and watch program on date and time set above. May ask questions during presentation via chat box. Qualifies for "live" CLE credit.
On-Demand Video: Access CLE 24/7 via on-demand library and watch program anytime. Qualifies for self-study CLE credit. On-demand versions are made available 5 business days after the original recording date and are viewable for up to one year.
Karin E. Ross | Greenberg Traurig, LLP
Karin E. Ross focuses her practice on data privacy, cybersecurity, and technology transactions. Karin has counseled a diverse array of companies from startups to Fortune 500 companies in both local and global markets. She works closely with clients on data privacy and security compliance programs and advises on existing and emerging privacy and data protection legislation, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Gramm Leach Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA).
Her experience spans a range of industries including consumer goods, medical technology, financial services, ecommerce, and restaurants. Karin also has substantial experience in drafting and negotiating commercial and technology agreements, including data licensing agreements, cloud and software-as-a-service agreements, software license agreements, professional services agreements, and website terms and conditions.
Karin formerly served as in-house corporate counsel at a Fortune 500 health care company where she supported regulatory compliance efforts related to health care and clinical research activities. She draws upon her in-house experience to provide clients practical advice and creative solutions for meeting their compliance obligations while advancing business objectives.
David Zetoony | Greenberg Traurig, LLP
David Zetoony, Co-Chair of the firm’s U.S. Data, Privacy, and Cybersecurity Practice, focuses on helping businesses navigate data privacy and cybersecurity laws from a practical standpoint. David has helped hundreds of companies establish and maintain ongoing privacy and security programs, and he has defended corporate privacy and security practices in investigations initiated by the Federal Trade Commission, and other data privacy and security regulatory agencies around the world, as well as in class action litigation.
David receives regular recognition from clients and peers for his knowledge and experience in the fields of data privacy and security. The National Law Journal named him a “Cybersecurity and Data Privacy Trailblazer,” JD Supra recognized him four times as one of the most widely read names when it comes to data privacy, cybersecurity, or the collection and use of data, and Lexology identified him seven times as the top “legal influencer” in the area of technology, media, and telecommunications in the United States, the European Union, and in the context of cross-border transfers of information.
He is the author of the American Bar Associations primary publication on the European General Data Protection Regulation (GDPR) and is writing the American Bar Association’s primary publication on the California Consumer Privacy Act (CCPA).
I. Statutes and regulations use the phrase “sensitive personal information” | 2:00pm – 2:20pm
II. What companies must do in order to collect sensitive personal information from consumers and employees | 2:20pm – 2:35pm
III. What restrictions are imposed on companies that collect sensitive personal information | 2:35pm – 2:45pm
IV. What regulatory considerations should companies consider| 2:45pm – 3:00pm