HOUSTON ASIS CHAPTER MINUTES
August 28, 2002
The Chapter held a luncheon meeting at the Renaissance Hotel. Chairman Mike Mason CPP presided. Approximately 45 members attended (final count not available).
Opening and Pledge of Allegiance: Mike Mason
Business Activities:
Treasurer’s report: Mike Crocker CPP provided the report in Bob’s absence.
CPP Review: Mike Crocker distributed a flyer announcing a “crash course” on August 31 and September 7 for those planning to take the CPP Exam at the National Convention. UofHD generously provided the classroom space.
Golf Tournament: $7,000 was donated from the profits of the Golf Tournament to the UofHD Criminal Justice Scholarship Fund. Thank you to all the individuals and corporations who made that possible.
Annual Seminar: Richard Hill announced a net profit of $7500 from the seminar. Half will go to the University for training programs and half will go to our Chapter. Dr. Beth Pells (UofHD) gave thanks for these contributions. She hopes by fall 2003 to be able to offer a graduate degree in Security Management, instead of Criminal Justice with an emphasis on management.
Training opportunities:
· Richard Hill was asked to provide a course on homeland security for law enforcement. He is currently formatting three classes (6 hrs each); Chemical Plants, Oil Refineries and Sport & Entertainment venues. The course will be focused toward LE, but it also addresses how LE can work with private security to work as a team. Classes will be free to LE; with a nominal charge of $10 for private security (lunch is included). Times and locations will be announced.
· The Texas Gulf Coast Crime Prevention Association is hosting its 9th annual regional training conference on October 17-18 at the Jimmy Burke Activity Center in Deer Park. The conference is open to LE, private security personnel and citizens with an interest in crime prevention. The conference registration fee includes all training, lunches and refreshments. One day: $30 ($35 after 10/5); both days $50 ($55 after Oct 5). It provides 16 hrs of training credit for TCLEOSE, TCOPS or ASIS. Topics include crime scene biohazard cleanup, outlaw motorcycle gangs, WMD, Domestic Terrorism and Crime prevention through environment design. For further information contact Officer Jon Matherne (Pearland PD) at jmatherne@ci.pearland.tx.us
Speaker: Dan Swartwood, Data Privacy Officer for Hewlett Packard.
Dan leads HP’s efforts in integrating sound privacy principles into all aspects of the business that involve customer and partner personal information. He is also responsible for all IT privacy compliance for the company. Prior to his current position, Dan was the head of Compaq’s Privacy Office for two years and was the Compaq Information Security Manager for five years. Dan has been a member of ASIS since 1991. He is the co-author of the 1992, 1995, 1997, 1999 and 2002 nation-wide ASIS International proprietary information loss surveys. He holds a Master of Science degree in Strategic Intelligence from the Defense Intelligence College.
Anyone who deals with consumers or has a global web presence must address privacy issues. There is increasing legislation, particularly directed at healthcare and financial institutions that contain criminal penalties for failure to comply.
$26 billion in e-commerce revenue can be lost due to lack of trust by consumers. Marketing tends to share too much of private information. Federal law enforcement is doubling its effort and increasing regulations to re-evaluate privacy initiatives and activities. Are companies complying with their own privacy statements and policies? One company exposed 628 email addresses in error and is now under a bi-annual audit for their security and privacy statements for the next 20 years.
70% of consumers will not buy from a company they do not “trust”; whereas 80% will provide personal information to a company they do trust to protect their information. Privacy = trust and trust = revenue. If a customer opts-out, $8-100K of potential revenue of lifetime value per customer can be lost. The telemarketing industry has lost consumer trust resulting in anti-telemarketing legislation (opt-out programs).
What are some of the security challenges?
· Organizations are dispersed
· Lack of implementation of security planning, standards and resources.
· Always “on”
· Customers and suppliers have access to internal systems
· Time-to-market pressure
· Rapid deployment of new technology
What are some of HP’s strategies?
· Balance benefits and risk
· Implement the best practices
· Awareness and training
· Advocate a holistic approach.
What are privacy fundamentals?
· Provide notice
· Allow a choice to participate in onward transfer (sharing information)
· Access and accuracy
· Security in transfer
· Oversight
What is HP’s philosophy?
· Give the customer control over their own data
· Put the customer in the lead to determine their relationship with the company
· Implement Standards of Business Conduct with a privacy rulebook
· Have web-based training programs
· Have a web developer checklist
· Templates in the call center
· Contract templates
· Email standards
· Compliance reviews
What are the greatest risks to privacy?
· Employee base and partners with frequent turnover
· Employees who are not trained in privacy rules
· Lack of audit and supervision
· Problems in the storage, not the transmission, of information: employee theft of information
· Over 700 conflicting privacy laws which make it difficult to do business effectively
In summary, a good privacy protocol enables business growth and fosters customer trust. It is not just a compliance issue. Privacy of information practices must be ethically grounded as they are the right of every individual. Look for the yellow lock or HTTPS before you give out your personal information.
Mr. Swartwood was presented a plaque in appreciation of his time and expertise.
The next meeting will be held on September 25 at the Renaissance Hotel. Please refer to the local web page for future details.