Enforcing Third Party Vendor Compliance

Level: Advanced
Runtime: 58 minutes
Recorded Date: December 05, 2017
Click here to share this program
Download PDF


1:30 pm - 2:30 pm
  • Evolving Regulatory Expectations
  • Structuring Vendor Contract Deliverables
  • Enforcing Third-Party Data Security Compliance
  • Pathway to Compliance
Runtime: 1 hour
Recorded: December 5, 2017


Strengthening your compliance risk strategy means full management of your third-party vendor’s activities. Now more than ever companies are being held accountable for all customer data mismanagement. Learn about structuring vendor contract deliverables (including penalties for not abiding by certain regulations) to help enforce third-party data security compliance. This panel will also discuss how to monitor vendor processes and the importance of assessing third party’s employee training.

This program was recorded as part of ALM's CyberSecure on December 5th, 2017.

Provided By



Patrice Brusko

Senior Vice President and US Chief Privacy Officer

Patrice Brusko joined TD in 2011 and has been the US Chief Privacy Officer heading the US Privacy Office since September 2015. In this capacity, Patrice leads the US Privacy program including all activities related to the development, implementation, and adherence to the company's policies and procedures, federal and state laws, and industry best practices. Providing oversight to the overall program effectiveness, she manages a team of privacy professionals and serves as a liaison to regulatory bodies for matters relating to privacy.

Prior to this role, Patrice was a Senior Privacy Relationship Manager with TD's US Privacy Office, covering the credit card businesses including acquisition due diligence. Patrice has also worked in various Financial Services marketing roles, both in-house and on the vendor side. She has lead in new product and channel development, and innovative uses of data.

Patrice maintains the Certified Information Privacy Professional (CIPP) designation Certified Information Privacy Technologist (CIPT) designation, is a graduate of the ABA School of Bank Marketing and Management, and holds a degree in Political Science and Secondary Education from Gettysburg College.

Noga Rosenthal

Chief Privacy Officer & General Counsel
NCC Media

Noga Rosenthal brings extensive experience in online advertising, legal issues and emerging technologies to Epsilon. In her role as Chief Privacy Officer, Noga oversees all privacy-related activities for Epsilon and its Conversant business, including global development, implementation, maintenance of and adherence to the organization’s policies and procedures covering the privacy of, and access to, online and offline consumer data. Her responsibilities include ensuring compliance with various self-regulatory regimes as well as domestic state and federal laws and regulations and those of foreign jurisdictions.

Noga guides and advocates on behalf of Epsilon’s internal teams, partners and clients to support industry self-regulation, responsible privacy practices, as well as consumer awareness, transparency and choice. Additionally, she monitors and helps guide the company’s global public policy efforts. 

Prior to Epsilon, Noga served as General Counsel and Vice President for Compliance and Policy for the Network Advertising Initiative (NAI), leading their compliance program and ensuring that member companies delivered on the promise of self-regulation for interest-based advertising. Previously, she held the role of Senior Vice President and General Counsel of WPP plc companies Xaxis and Media Innovation Group, LLC.

Noga sits on the Board of Directors of the NAI, the Advisory Board of the Digital Advertising Alliance, the Data Standards Committee of the Data and Marketing Association, and the Legal Affairs Council and the Public Policy Council of the Interactive Advertising Bureau. She serves as Co-Chair of the Privacy Committee of the Mobile Marketing Association and is a member of Women Leading Privacy Advisory Board of the International Association of Privacy Professional (IAPP). She has also served in the past on the IAPP’s Education Advisory Board. She is also an active member of the UK Data Protection Network, which is providing guidance on the General Data Protection Regulation.

Noga holds a Bachelor of Arts degree in English and Political Science from the Rutgers College and a J.D. from Fordham Law School.

Catherine Castaldo

Global Chief Privacy Officer
Nuance Communications

Catherine Castaldo is currently the Global Chief Privacy Officer for Nuance Communications. In this capacity, Ms. Castaldo is developing and managing privacy and data protection program operations, providing leadership on privacy and data security matters, advancing organizational change on data governance, and chairing Nuance’s Privacy & Data Protection Council and Nuance’s Policy Review Council.

Prior to joining Nuance, Ms. Castaldo was Global Chief Privacy & Data Protection Counsel at GE Capital, where among other tasks, she managed privacy and data protection program operations, provided business counseling on privacy and data security matters, and advised on global information governance. Before GE Capital, Ms. Castaldo was a senior associate at White & Case LLP where she provided global, legal support to large multi-national clients of the firm in intellectual property, internal investigations, corporate defense, and commercial litigation.

Similar Courses

Card image cap
92 minutes
#MeToo: Empowering Employees and Employers to Address Workplace Sexual Harassment & Violence
Join our expert attorneys as they discuss how employers can work to prevent and eliminate sexual harassment and violence in their workplace, and create an environment in which employees are able to respond to and report incidents without fear of retaliation. Not only is there a deep moral imperative to rectify sexual harassment in the workplace and promote an equitable work environment, but also there is significant monetary liability as a potential consequence for employers who fail to address harassment in the workplace.

American Bar Association


Add to Cart
Card image cap
77 minutes
§ 363 Sale Issues
Dive into Section 363 sales issues, including whether there are limits to “free and clear”; the GM conflict between Sections 365(h) and 363(f) (“lease-stripping”); sales free and clear of leasehold interests, restrictive covenants and override royalties; being free and clear of successorships in CBAs; selling free and clear of environmental liabilities (La Paloma, Exide); and loan-to-own strategies.

American Bankruptcy Institute


Add to Cart
Card image cap
63 minutes
2018 CA Consumer Privacy Act: The Big Tail Wagging the U.S.
In this session, two leading information governance attorneys will share why you need to and how you can be ready.



Add to Cart
Card image cap
60 minutes
2019 HIPAA Update: Enforcing Privacy & Security Standards
In this session, we will discuss the most critical issues in the HIPAA update and best practices for enforcing privacy & security standards in your company.



Add to Cart
Previous Next