Potomac Forum The Forum of Choice for Government & Industry Training Since 1982

The Forum of Choice for Government & Industry Training Since 1982

Postponed Until After the Inauguration: Information Privacy in Government: Meeting the Challenges Facing the Current Landscape

Practical Solutions for Achieving Agency Information Privacy Goals, Objectives, Legislation and Regulation

Tuesday, November 1, 2016

**This workshop has been postponed to a later date, the new date will be announced soon, please check back or email info@potomacforum.org for details.

 

Government Only:
Workshop is limited to government employees only to permit candid discussion of internal control topics.
Industry and press are not invited to register for this educational workshop.

 

Keynote Speaker:

Glenn E. Sklar
Acting Executive Director

Office of Privacy and Disclosure
Office of the General Counsel

Social Security Administration

 

Guest Speakers:

Barbara A. Stance

Chief Privacy Officer

Federal Aviation Administration

 

Jonathan Alboum

CIO

USDA

 

Timothy Ruland

CISO

Census

 

Daniel Steinberg

Privacy Coordinator

FDA

 

Instructors:

Elizabeth Tribelli

Booz Allen Hamilton

 

Howard Gill

Booz Allen Hamilton

 

Peter Gunter, MHA

Booz Allen Hamilton

 

Robin Kandel

Booz Allen Hamilton

 

Stan Lowe
Booz Allen Hamilton

 

Thank you to Booz Allen Hamilton for volunteering to provide expertise, instruction, and course leadership for this workshop.

 

Tuesday, November 1, 2016

Meeting Location: 
Willard InterContinental Hotel

Willard Intercontinental Hotel
1401 Pennsylvania Avenue N.W.
Washington 20004
United States

Metro Center (Red, Orange, Blue Lines). Use the exit marked “12th & F Sts” to exit onto F St., then continue straight two blocks and cross 14th St.

Overview: 

Rapid advancements in technology are driving complexity to effectively secure personal information. Expert instructors and government guest speakers will discuss today’s greatest privacy challenges and their solutions. This Potomac Forum Training Workshop will provide a roadmap for defining what privacy is, why it is important, challenges faced and solutions. These solutions will help ensure compliance with the ever-changing regulatory environment.

This practical “how to” workshop will be useful to all government executives, managers, staff who have responsibilities for, or oversight of, information privacy.  The workshop is limited to government employees only to encourage candid discussion among the participants and government guest speakers.


 

What You Will Learn: 

  • Current privacy challenges and how to address them
  • What DoD is doing to face privacy challenges
  • How mobile health technology is changing the privacy landscape
  • Why privacy and security is making it into the executive suite
  • Lessons learned for effectively implementing an agency privacy program
Why You Should Attend: 

  • Increasing attention on privacy by IGs, GAO, Congress and non-profit advocacy organizations
  • Ensuring protection of privacy information held by government agencies
  • Learn how to identify privacy issues and how to successfully address challenges
  • Agencies need to “fine tune” their privacy programs based upon the current “privacy” issues and lessons learned from other organizations
Who Should Attend: 

This workshop is limited to government employees only to permit candid discussion

  • General Counsel and Staff
  • Chief Information Officers and Staff
  • Chief Security Officers and Staff
  • Privacy Officers and Staff
  • Privacy Analysts
  • Inspector Generals and Staff
  • Congressional Liaisons
  • Communications Staff
  • Leadership with privacy oversight responsibilities
Format: 

Instructor presentations, discussions and federal executive guest speakers.

Agenda: 

7:30AM

Registration and Continental Breakfast

 

8:30AM

Welcome and Logistics for the Day
Art Chantker, President, Potomac Forum 

 

8:45AM

Government Keynote:

Glenn E. Sklar, Acting Executive Director, Office of Privacy and Disclosure, Office of the General Counsel, Social Security Administration

9:30AM

Overview of U.S. Federal Privacy

 

Speaker:

  • Elizabeth Tribelli, Booz Allen Hamilton
  • Robin Kandel, Senior Associate, Booz Allen Hamilton

 

Highlights:

  • Federal privacy landscape
  • New and pending regulation
  • Challenges faced
  • Roles of privacy and security leaders
  • Requirements of the Senior Agency Officials for Privacy (SAOPs)
  • Lessons learned
10:30AM

Refreshment Break

10:45AM

Implementing Revisions of OBM Circular A-130: Managing Information as a Strategic Resource

 

Speaker:

  • Howard Gill, Booz Allen Hamilton

 

Highlights:

  • History, purpose, and applicability of OMB A-130 and how it relates to privacy
  • Why it is important to agency privacy programs
  • Responsibilities for protecting and managing federal information resources
  • Responsibilities for protecting and managing personally identifiable information
  • Considerations for OMB A-130 revisions and strategic implementation
  • Best practices for implementation
12:00PM Hosted Working Luncheon
A discussion topic will be presented to guests during lunch session. An event instructor will be assigned to each lunch table to facilitate the discussion. A table leader will volunteer to summarize their table’s key takeaways to the entire group following lunch.
1:00PM Student Leaders report findings from group discussion
1:15PM

Privacy perspective: How the CPO, CIO and CISO work together to implement and manage an effective privacy program

 

Moderator: Stan Lowe, Booz Allen Hamilton

 

Speakers:

  • Timothy Ruland, CISO, Census
  • Jonathan Alboum, CIO, USDA
  • Barbara A. Stance, CPO, Federal Aviation Administration

 

Highlights:

  • Lessons learned from implementing an agency privacy Program
  • How to coordinate a privacy program within the agency to improve compliance
  • Agency best practices
2:30PM Refreshment Break
2:45PM

Emerging Technology: Privacy and Security Issues in the Federal Workplace

 

Speaker:

  • Peter Gunter, Booz Allen Hamilton

 

Highlights:

  • Opportunities and implications of emerging technologies in the federal workplace
  • Mobile applications
  • New electronic health records technology
  • The challenge of Health Information Exchange and virtual health records
3:45PM

Protecting personal information: What agencies need to know

 

Speaker:

  • Daniel Steinberg, Privacy Coordinator, FDA


Highlights:

  • De-identification, re-identification, and data sharing models
  • Governance and management of data de-identification
  • Approaches to de-Identifying and re-identifying structured data
  • Challenges of de-identifying unstructured data
     
4:45PM Wrap-up and Q&A
5:00PM

Workshop Adjourns

5:00PM Post Workshop Discussions with Instructors on Specific Individual Topics

Agenda Subject to Change

 

 

Registration Information: 

Government Employees: (Federal, State, or Local Government Issued ID).

Early Bird Registration Fee: $795 until October 15th

Registration Fee: $895 after October 15th

 

Team “Learn Together” Rate:

2nd  person (and all other subsequent group members) from same office receives a $200 reduction off their registration.

 

Fee includes instruction, presentations, Training Workshop Notebook, and continental breakfasts, morning and afternoon refreshments, and hosted luncheon.

 

This Workshop is Limited To Government Employees Only to Permit Candid Discussion. The Press and Industry are NOT invited to register for this workshop.

Guest Speakers: 

Jonathan Alboum

Chief Information Officer

U.S. Department of Agriculture

 

Jonathan Alboum was appointed the U.S. Department of Agriculture’s (USDA) Chief Information Officer (CIO) by Agriculture Secretary Tom Vilsack in June 2015. In this role, Alboum works with stakeholders across USDA’s 17 component agencies and throughout government to formulate Information Technology (IT) strategies and to develop policies that support IT budget formulation and execution, portfolio management, governance, IT operations and information security.

 

Prior to his appointment as CIO, Alboum held several leadership positions at the USDA and the General Services Administration (GSA). He most recently served as the Program Executive for USDA's Modernize and Innovate the Delivery of Agriculture Services (MIDAS) initiative, where he provided executive leadership for a $400+ million SAP implementation that gives farmers and ranchers the flexibility to update customer information at any Farm Service Administration (FSA) county office, enables them to more efficiently manage multiple customer records, reduces improper payments, and provides program eligibility information through a single view. Before that, Alboum served at GSA as the Associate CIO for Enterprise Governance and Planning. During his tenure at GSA, he also led the creation of GSA's consolidated IT organization and worked as the Deputy CIO for the Federal Acquisition Service. Jonathan began his Federal government career at the USDA Food and Nutrition Service (FNS), where he served as the Deputy CIO and the CIO.

 

Alboum joined government after working as a management consultant for both PricewaterhouseCoopers and Ventera Corporation. In these roles, he managed several large system implementations, gaining a depth and breadth of knowledge regarding how organizations use technology to transform their businesses and better serve their customers.

 

Jonathan earned a MS in the Management of Information Technology from the University of Virginia's McIntire School of Commerce and a BS in Systems Engineering from the University of Virginia's School of Engineering and Applied Science.

Tim Ruland

 

Chief IT Security Officer and CISO
US Census Bureau

 

Mr. Ruland began his career in the military where he served 13 years in the US Army.  He served in many assignments; including Thailand, Germany, Fort Ord, CA., and Ft. Meade, MD., as a Military Intelligence Analyst and Linguist (Vietnamese, Russian and Korean)  and Military Policeman.  Upon his honorable discharge from the Army he served as a Software Configuration Manager with a Defense contractor for four years.

 

Mr. Ruland began his career at the Census Bureau in 1991 when he was hired to establish a configuration management process for the 1992 Economic Census. After which he earned the position of Division Security Officer. After spending 18 months as the Division Security Officer, Configuration Manager and system administrator, Mr. Ruland moved to the ADP Security Branch. The ADP Security Branch was a small branch of seven people in the Administrative and Finance Division.  In 1998, Mr. Ruland was promoted to Branch Chief where his first action was to change the name of the organization to better reflect the more diverse role of the organization, the IT Security Branch. Mr. Ruland has been instrumental in the development of the Census Bureau IT Security Program and the office has grown to four staffs consisting of 27 employees and approximately 20 contractors in support of the enterprise IT Security Program. He has managed the Census Bureau IT Security Program through two Decennial Census operations in 2000 and 2010 and is engaged in security planning for the 2020 Decennial Census. He has begun to implement the Risk Management Framework at the Census Bureau and began by deciding to completely change the process of system security to one that embraces and fosters a risk based environment. He and his team have briefed Ron Ross on the process and at Ron’s suggestion have begun to present the Census Bureau framework methodology to other federal agencies.

 

The growth of the security staffs resulted in a reorganization establishing Mr. Ruland as the Chief Information Security Officer (CISO) reporting directly to the CIO and providing regular briefings and support to the Census senior executives as well as providing briefings to the Department of Commerce. He also successfully re-named the office to the Office of Information Security, again recognizing the changes in the scope of the mission. Mr. Ruland is a CISSP, CISM, CFCP and holds a Master’s Certificate in Project Management from George Washington University.  He has completed the Framework for FISMA Seminar Series hosted by the Potomac Forum and is a FISMA Fellow. He is currently pursuing certification as a Information System Security Engineering Professional (ISSEP) from ISC(2), and a professional certification as a Certified in Risk and Information Security Controls (CRISC) specialist through ISACA. Mr Ruland is working also working on a degree as a Paralegal. Mr. Ruland holds a Sociology Degree from the University of Maryland.

Barbara Stance

Privacy Division Program Director and Chief Privacy Officer

FAA

 

Mrs. Barbara A. Stance has 38 years of combined military, contractor and government experience. Barbara currently serves as the FAA’s Chief Privacy Officer, where she provides expertise, advisory support and oversight to ensure that privacy policy requirements are implemented across the FAA enterprise.

 

Prior to joining the FAA, Barbara held various roles at the U.S. Securities & Exchange Commission (SEC), where she served for 10 years. Barbara served as Chief Privacy Officer for 6 years where she developed and implemented a privacy program designed to sustain privacy protections and promote transparency of commission operations while achieving the SEC mission.  Barbara also served as Associate Director and Technical Advisor where she was responsible for a wide range of technical and managerial activities associated with the provisioning of Internet based systems technologies and services, including technology assessment, customer requirement analysis, training initiatives and customer liaison and support.

 

Prior to the SEC, Barbara worked as a Program Manager/Systems Engineer for DynCorp Information and Enterprise Technology Unit providing program management support for the Department of Treasury.  There she was involved with deployment of emerging internet messaging & networking technologies.

 

Prior to joining DynCorp, Barbara proudly served 20 years in the U.S. Navy communications field, where she was responsible for maintaining Navy communications systems onboard ships, submarines, aircraft and at shore facilities throughout the world.

 

Barbara has a B.S. in Computer/Information Management Systems, B.S. in Human Resources Management, Certificate in Entrepreneurship and certifications including, Fellow of Information Privacy (FIP), Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional/Government (CIPP/G).

Stan Lowe

Executive Advisor
Booz Allen Hamilton

 

Stan Lowe is an Executive Advisor with Booz Allen Hamilton providing strategic guidance and advice on cyber security strategies and issues facing the federal and private sectors.  He assists in the development, organization and implementation of cyber security products and offerings to drive revenue growth.  Additionally he develops strategic partnerships with vendors and service providers to bring additional value to the firms public and private sector customers as well as engaging the cyber community to educate and discuss the firms abilities, strategies and offerings in the cyber security space.  

 

Prior to joining Booz Allen Hamilton Stan served as the U.S. Department of Veterans Affairs (VA) Deputy Assistant Secretary (DAS) for Information Security and Chief Information Security Officer (CISO). Where he led information security and privacy across VA’s vast network of more than 1.8 million devices, serving more than 600,000 VA system users. The VA Office of Information Security (OIS) works to prevent and mitigate the impact of any impending threats to VA’s IT infrastructure. Oversaw the management of VA’s Information Security Officers (ISOs), Cyber Security Program, Privacy Program, incident management and response capabilities, security operations, and business continuity efforts.  
 
Prior to becoming the Deputy Assistant Secretary for OIS, Mr. Lowe was the Deputy Director of the Department of Defense (DoD)/VA Interagency Program Office (IPO). In his time working for the IPO, Mr. Lowe worked with the IPO Director to lead the DoD and VA in the development and implementation of Electronic Health Records and the Virtual Lifetime Electronic Record (VLER) Health systems, capabilities, and initiatives, which allow for full information interoperability between the departments to better serve Service members, Veterans, and other eligible beneficiaries. In concurrence with his role with the IPO, Mr. Lowe also served as the Senior Advisor to the Assistant Secretary for Information and Technology at VA.  
 
Before joining VA, Mr. Lowe served as Chief Information Officer of the Federal Trade Commission (FTC), joining as Deputy CIO for Management in 2006. Mr. Lowe’s public service record extends to the US Department of Interior in the Bureau of Land Management as Chief of the Information Security Policy and Training Branch (BLM).

Daniel Steinberg

Privacy Coordinator

Food and Drug Administration (FDA)

 

Dan Steinberg is the Food and Drug Administration's Privacy Coordinator. Under the direction of the Privacy Officer, Dan has responsibilities for the full range of privacy compliance and guidance activities at the FDA, including drafting policy and guidance, providing technical assistance, evaluating technology and processes for privacy compliance, responding to Privacy Act requests, addressing privacy incidents, and conducting privacy training and awareness events. Prior to working at the FDA, Dan was the Senior Official for Privacy at the Department of Health and Human Services' Office of the Secretary, and before that he was a privacy consultant for the firm of Booz Allen Hamilton for over nine years, supporting privacy activities at over a dozen federal agencies. He hold a JD from the Boston University School of Law and serves on the International Association of Privacy Professionals' CIPP/Government Exam Development Board.

Instructors: 

Elizabeth Tribelli

Senior Associate

Booz Allen Hamilton

 

Ms. Tribelli has more than 10 years of consulting experience specializing in cybersecurity with a focus on information privacy compliance and management. She provides consulting services to more than 20 federal departments and agencies on privacy program development and assessments, legislative and regulatory compliance, and policy development, with an overarching emphasis on programmatic strategic planning. Additionally, Ms. Tribelli helps clients with incident response and breach management efforts, engages and maintains stakeholder collaboration, and develops and organizes training and awareness activities. She supported the International Association of Privacy Professionals (IAPP) as an appointee to their Certification Advisory Board where she supported ongoing development and improvement efforts to make IAPP certifications the global standard of privacy credentials. Additionally, Ms. Tribelli has served on the IAPP Education Advisory Board, which is responsible for building the education for the Global Privacy Summit and Privacy Academy conferences.

Howard A. Gill

Cybersecurity and Information Assurance Associate

Booz Allen Hamilton

 

Howard Gill is a Cybersecurity and Information Assurance Associate at Booz Allen Hamilton, with a specialty focus in privacy, risk, and governance. He has had a successful career in the auditing and security administration of complex IT initiatives with Fortune 500 companies, DoD (Army) and the Defense Health Agency. Howard possesses an acute knowledge of IT Security, Risk and Control, and IT Auditing. Howard has worked as a Security Contractor assessing complex application access security audits for critical financial processes at FreddieMac. And as a Senior Manager; developed, evaluated, and assessed complex business data security and privacy processes, key information technology controls, regulatory compliance, security and risk assessment engagements. He served as both Compliance Manager and Risk Manager with AOL, responsible for IT Risks and Compliance within AOL Technology. Howard has attained the coveted CIPP/US, CISA, CISSP, SSCP, CGEIT, MCSA, and CCNA professional certifications.

Peter Gunter, MHA

Associate

Booz Allen Hamilton

 

Peter Gunter currently leads the Emerging Technology workstream in support of the Department of Defense’s Defense Health Agency (DHA) Privacy and Civil Liberties Office. He is responsible for analyzing privacy and security regulations and advising DHA leaders on the implications with respect to Health Information Exchange, Electronic Health Records, and Mobile Technologies. Mr. Gunter has Project Management, reengineering, and HIPAA expertise with 20+ years of extensive experience with managed care and other health care organizations. He provides extensive support for the MHS GENESIS and Virtual Lifetime Electronic Record implementations, focusing on understanding the policies needed to support functional decisions. Prior to joining Booz Allen, Mr. Gunter led the development of the HIPAA product line and managed the development of the software used to assess health plan compliance with HIPAA requirements for other leading consulting firms. His clients have included CIGNA, Kaiser, several BCBS plans, and the Blue Cross Blue Shield Association.

Robin Kandel

Senior Associate

Booz Allen Hamilton

 

Ms. Kandel is an attorney with over 20 years of experience in health care privacy consulting and litigation. She achieved National and State recognition as an expert in health care privacy laws, and has provided individualized technical assistance and training to a variety of federal and state agencies, organizations, treatment programs, hospitals, courts, research programs, and institutional review boards regarding the understanding, application, and implementation of the Health Insurance Portability and Accountability Act (HIPAA) and its integration with other laws and regulations. Ms. Kandel currently serves as the Program Manager and Senior Subject Matter Expert supporting the Defense Health Agency Privacy and Civil Liberties Office, in which she leads a team in a variety of privacy and cybersecurity service offerings, including: program management; plans and policy development; requirements development for emerging technologies; development of streamlined compliance and data sharing programs; establishment, management and operation of a HIPAA Privacy Board; risk management and risk assessments; and, the development of education and training programs. Ms. Kandel also currently serves as the Program Manager for a HIPAA Privacy and Security Policy Services contract for World Trade Center Health Program within the Centers for Disease Control and Prevention.

Cancellation Policy: 

Confirmed registrations who cancel within 2 business days of the program will be subject to a $250 cancellation fee. Registrations cancelled after the program starts are subject to the full registration fee. Substitutions can be made at any time. In the event a particular training workshop is cancelled, the liability of Potomac Forum, Ltd is limited to refund of any prepaid registration fee.

  • © 2017 Potomac Forum Ltd. All Rights Reserved
    Copyright also covers all workshop agendas and descriptions
  • 2800 Eisenhower Avenue, Suite 210, Alexandria, VA 22304