Document retention is one of those persistent issues that comes with a great deal of complexity. As Michael Kearney, Head Solution Architect, Redgrave Data explains in this podcast, organizations have to deal with a dizzying...more
ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more
here’s no General Data Protection Regulation (GDPR) in the US. Absent a comprehensive, national privacy law, states have stepped in to fill the gap.
As Adam Greene, Partner at Davis Wright Tremaine, explains in this podcast,...more
At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.”
In...more
While many of the world’s governments are struggling to determine what to do about AI, Brazil already has a track history in this area. As Maria Victoria Mota, Corporate Attorney at Viapol (a subsidiary of RPM), explains in...more
The excitement over Artificial Intelligence (AI) is often met with concerns about its negative potential. That’s especially true in healthcare where the potential gains are met by the principled and practical requirements of...more
These days, the term “blockchain” is no longer novel. Yet, many still struggle to understand what exactly it is and what implications, if any, it may have for a compliance program.
Segev Shani, Chief Compliance & Regulatory...more
The European General Data Protection Regulation (GDPR) already provides considerable requirements for compliance programs. With Brexit comes a new GDPR for the United Kingdom. Adding to the complexity, the UK GDPR also...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
4/21/2022
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Workers ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Home Offices ,
Mobile Device Management ,
Multi-Factor Authentication ,
Network Security ,
Passwords ,
Personally Identifiable Information ,
PHI ,
Phishing Scams ,
Policies and Procedures ,
Remote Working ,
Risk Management ,
Risk Mitigation ,
Telehealth ,
Videoconference
Matt Kelly, Editor & CEO of Radical Compliance makes a strong case in this podcast for a need to reassess cyber risk. It is becoming, he says, less of a technical issue and more about how companies interact with others: ...more
While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more
9/23/2021
/ Cloud Computing ,
Cloud Service Providers (CSPs) ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Risk Management ,
Third-Party Risk
Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more
7/15/2021
/ Business Associates ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
PHI ,
Physicians ,
Popular ,
Ransomware ,
Risk Mitigation
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition.
https://www.hcca-info.org/health-care-privacy-handbook
To learn what’s new in the book and in healthcare privacy...more
12/22/2020
/ Chief Compliance Officers ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
FERPA ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Plan Sponsors ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
HIPAA Security Rule ,
Medical Records ,
Patient Privacy Rights ,
PHI ,
Privacy Act of 1974
It’s a very busy time for compliance professionals overseeing businesses operating in India, reports Arpinder Singh, India & Emerging Markets Leader at EY Forensic & Integrity Services. There are a dizzying number of new...more
12/4/2020
/ Auditors ,
Board of Directors ,
Business Disruption ,
Chief Compliance Officers ,
Competition ,
Compliance ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Corporate Investigations ,
Corporate Officers ,
Corruption ,
Data Privacy ,
Data Protection ,
Ethics ,
India ,
Insider Trading ,
New Regulations ,
New Rules ,
Prevention of Corruption Act (PCA) ,
Privacy Laws ,
Ransomware ,
Remote Working ,
Reporting Requirements ,
Risk Management ,
Supply Chain ,
Whistleblowers
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019.
To...more
9/3/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personally Identifiable Information ,
Privacy Laws ,
Third-Party Risk
It’s tough complying with data privacy laws. You spend gazillions of dollars complying with GDPR, and then you have to spend a bunch more in response to the California Consumer Privacy Act (CCPA). Job done, right?
Not...more
5/7/2020
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Retention ,
Data Security ,
Data Storage ,
Data Subjects Rights ,
Personally Identifiable Information ,
Privacy Laws
When responding to COVID-19, it’s important to both scrub your hands and also scrub your data practices.
As Jonathan Armstrong, partner at Cordery Compliance explains in this podcast, organizations – and not just those based...more
Mark Lanterman, Chief Technology Officer of Computer Forensic Services lives technology at its most terrifying, helping organizations manage the risks of the IT we all use constantly.
Recently he authored an article...more
1/7/2020
/ Business Strategies ,
Chief Compliance Officers ,
Compliance ,
Crisis Management ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Technology ,
Passwords ,
Policies and Procedures ,
Public Relations ,
Risk Management ,
Risk Mitigation