Grading Basis: Graded
Data is exploding. Approximately 90% of the data in the world was created in the past three years. The sheer volume of data needed for the everyday operations of modern companies is staggering. When combined with the complex patchwork of overlapping, uncoordinated regulations, both domestic and international, that predate contemporary modes of data usage, properly implementing policies for data development, preservation, retention, and security emerges as an essential aspect of corporate governance in the modern era. This course examines the myriad connections implicated by this complex tapestry and how these advances have transformed most modern industries and the work of those who regulate and advise corporate entities. This class will cover many issues around data governance, focusing on the implications for U.S.-based corporations, with a particular focus on two sectors: Finance (Banking) and Healthcare (Hospitals). Topics will include data retention and discovery, cybersecurity and privacy, and regulatory compliance. The course will review existing domestic and international legal frameworks and regulations in the data retention realm (e.g., Dodd-Frank Act, Basel Accord, MiFiD II, Bank Secrecy Act, Payment Card Industry Data Security Standard, Sarbanes-Oxley, Data Retention and Investigatory Powers Act 2014), and in the cyber-security realm (e.g., FTC, HIPAA, CLEA, GLB, Tallinn Manual, DoD, FFIEC IT Handbook, Framework for Improving Critical Infrastructure Cybersecurity, the European Data Directive, the Singapore Personal Data Protection Act, Russia¿s Law on Data Protection and Law on Information). Although the subject matter of this course involves technology, no background in technology is necessary for the class.