Higher Education Privacy Conference 2012

HEPC Logo PNG 01

1st Annual • 2012

The first annual Higher Education Privacy Conference (HEPC) will be held on Friday, May 4, 2012 at the George Washington University Law School in Washington, DC.

This one-day event focuses on privacy and information management in higher education. The event consists of a combination of speakers and smaller breakout discussion groups to foster interactivity and engagement. Participants have a wide array of backgrounds, from higher education information officers, security officers, privacy officers, compliance officials, and general counsel. Also attending are key individuals from industry, law firms, associations, and government regulators.

There is no registration cost associated with this conference. Participants are responsible for their own travel and lodging costs, but attendance at the event is free.

This event is invitation-only, but we welcome your reaching out to us if we haven’t invited you. If you have relevant background and experience, we’d be delighted to include you. If there are people at your institution – or elsewhere – that you think we ought to invite, please feel free to suggest their names to us.


Friday, May 4, 2012 from 8 AM to 6 PM

George Washington University Law School
2000 H Street, NW
Washington, DC 20052


Daniel J. Solove
John Marshall Harlan Research Professor of Law, George Washington University
Senior Policy Advisor, Hogan Lovells
Founder, TeachPrivacy

Tracy Mitrano
Director of IT Policy and Institute for Computer Policy and Law. Cornell University


8:00 AM – 8:30 AMBreakfastFCC
8:30 AM – 9:00 AMIntroductory Remarks by Daniel Solove and Tracy MitranoFCC
9:00 AM – 10:45 AM

Panel, Privacy and Information Management: Varying Perspectives on a Challenging Problem

There is a major challenge in higher education regarding privacy and information management issues. Silos and decentralization have made it very complicated to effectively develop and implement a comprehensive privacy and information management program. In nearly every other sector of the economy, such programs have arisen – in business, finance, health, etc. But in education, although many institutions of higher education have adopted technical measures to deal with data security, the larger topic of information management often is addressed in a fragmented and incomplete manner.

This panel, consisting of a chief privacy officer, counsel, and administrative official at an institution of higher education coupled with an individual from industry, will explore the challenge of privacy from a variety of perspectives within and outside of the higher education setting. Panelists will discuss issues such as breaking the silos among administrative units to manage privacy comprehensively, effective information management in cloud computing and “apps” mobility.

Margaret O’Donnell, Associate General Counsel for Policy and Compliance


  • Lauren Steinfeld, Senior Advisor for Privacy and Compliance, University of Pennsylvania
  • Joseph Storch, Attorney, State University of New York
  • Kent Wada, Chief Privacy Officer, UCLA
10:45 AM – 11:15 AMBreakFCC
11:15 AM – 12:30 PM

Discussion Session 1:

Social Media

This discussion session will explore how institutions of higher education are addressing the problems surrounding social media. How should schools balance free speech with civil discourse? How should schools protect against cyberbullying and harassment?


  • Patrick Feehan, Director of Privacy and Cybersecurity Compliance
  • Heidi Wachs, Chief Privacy Officer, Georgetown University
  • Tracy Mitrano, IT Policy Director, Cornell University
  • Daniel Solove, Professor, GW Law School
  • Walter Matystik, Associate Provost, Manhattan College

Stuart 402 Group A

Stuart 403 Group B

Stuart 302 Group C

12:30 PM – 1:45 PMLunchFCC
1:45 PM – 3:00PM

Discussion Session 2:

Freedom vs. Control

This discussion session will examine the tensions between the free and open culture of a school versus the benefits of exercising control and information management (limiting use of data, surveillance, network monitoring, and other restrictions). To some constituents, faculty especially, privacy means individual rights; to others, administrators especially, privacy means having control over institution information. How does one manage these tensions?


  • Stephen Lau, Systemwide Director of Information Management and Technology Policy, U.C. Office of the President
  • Joan Cheverie, Policy Specialist, EDUCAUSE
  • Tracy Mitrano, IT Policy Director, Cornell University
  • Gloria Barlow, CIO, Wilkes University
  • Dennis Devlin, Assistant Vice President, Information Security & Compliance Services, GW University

Stuart 402 Group A

Stuart 403 Group B

Stuart 302 Group C

3:00 PM – 3:30 PMBreak
3:30 PM – 4:45 PM

Discussion Session 3:

Dimensions of Privacy

Privacy cuts across so many areas of higher education: fair information practices; the protection of personal information; regulatory compliance; control over social media by both individuals and the institution; institutional policies regarding electronic communications and surveillance; the degree of autonomy that “privacy” provides for constituents of higher education: effective information management in cloud computing and “apps” mobility.


  • Sarah Morrow, CPO, Penn State University
  • William Duffy, Chief Technology Officer, Skidmore College
  • Don Spicer, Associate VP and CIO, University System of Maryland
  • Jane Rosenthal, Director of Privacy Office, University of Kansas
  • Daniel Solove, Professor, GW Law School
  • Tracy Mitrano, IT Policy Director, Cornell University

Stuart 402 Group A

Stuart 403 Group B

Stuart 302 Group C

4:45 PM – 6:00 PMReceptionFCC


Thank you to our sponsors, who have made this conference possible.

Logo TeachPrivacy PNG


Cornell Logo