Implications of the SEC Cybersecurity Disclosure Rule
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
Privacy Issues from Third-Party Website Tags
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Managing Social Media Risk
Compliance Lessons from Dating in Your 50s
Managing Compliance Risk for Human Trafficking and Modern Slavery
Common Scenarios Triggering False Claims Act Violations, Part 3: Claims and Investigations
False Claims Act Insights - The Art and Science of Corporate Compliance in Managing FCA Risk
Preparing for a Government Healthcare Audit
Episode 318 -- LRN's Recent Study Underscores Importance of Ethical Culture and Values-Based Leadership
Understanding the HHS OIG’s General Compliance Program Guidance
Climate Risk, the emerging risk
What's Going on with FCPA?
Compliance, Project Management, and Process Improvement
Leaning in on AI in Compliance Programs
PODCAST: Williams Mullen's Gavels & Gowns - Title IX Regulations - Changes on the Horizon
Episode 312 -- Eddie Green, CEO SnippetSentry, on Communications Preservation Risks
Behavioral Health Compliance
Learning Objectives: - It's crucial to be aware of the areas where technology and AI are present in healthcare, and equally important not to overlook your EHR. A comprehensive understanding is key - Acquiring knowledge...more
Last month, I wrote a blog post on the tone at the top, exemplified in the Star Trek, the Original Series episode, Devil in the Dark. Based on the response, some passionate Star Trek fans are out there. I decided to write a...more
Learning Objectives: - Determine when a Privacy Incident Response Plan is needed - Identify the key steps and roles needed in a Privacy Incident Response Plan - Examine and bridge gaps in your org’s readiness to...more
Learning Objectives: Demonstrate an understanding of the key findings from NAVEX's 2023 Hotline Incident Management Benchmark Report, with a focus on healthcare, the implications of third-party reporting and the impact of...more
Learning Objectives: - Overview of current US privacy/cybersecurity laws and regulation - Current cyber threats: overview of recent trends in cyberattacks and risk areas for healthcare providers - Incident Response: how...more
The DOJ has signaled that CEO and CCO certifications will become a staple of all corporate settlement agreements. Critics worry CEOs and CCOs face undue personal liability and argue it will dissuade CCOs from accepting the...more
Effective hotline incident management is one of the most important activities an organization can do to show their workforce that input is valued and issues of misconduct will be addressed. Strong incident management programs...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
This year, NAVEX Global’s annual Incident Management Benchmark Report delivered a remarkable finding: For the first time in the history of the study, the median number of internal reports declined from 1.4 reports per 100...more
This week, NAVEX Global released its 2021 Incident Management Benchmark Report. The analysis, which tracked and analyzed corporate compliance trends based on data from more than 1.3 million global incident management reports...more
Navigating COVID-19 (and beyond) requires organizational resiliency, flexibility, and innovation when returning to a new standard in business operations. HR and risk professionals need to understand how to overcome the legal,...more
A cyber breach can have serious legal, financial, and reputational consequences for a company, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
The Justice Department “listens and learns” from companies and compliance practitioners. As part of every enforcement action, DOJ prosecutors review and assess compliance programs in accordance with the standards explained...more
Our Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational opportunities for...more
Mark Lanterman, Chief Technology Officer of Computer Forensic Services lives technology at its most terrifying, helping organizations manage the risks of the IT we all use constantly. Recently he authored an article...more
Prepare your organization to respond to the ever-increasing emphasis on healthcare compliance issues by enforcement authorities. Hear first-hand from government officials about regulatory changes, expectations, and key...more
Chief compliance officers know the importance of trust, not just as a foundation of a global company’s compliance program, but in the context of knowing what company employees are doing out in the field. CCOs will always say...more
We are excited to release our third annual BakerHostetler Data Security Incident Response Report. This report analyzes the more than 450 data security incidents we led clients through in 2016. Companies continued to...more
One collection of terms I hear a lot is “tools, processes and people.” All three need to be successfully deployed to make a compliance program run properly while also creating an organizational culture that supports...more
Compliance programs are required to create and manage case investigation systems to handle potential misconduct, investigate allegations of wrongdoing and then dispense discipline. Lessons learned from these investigations...more