Compliance

As U.S. industry waits to see how the president’s call for new digital security law translates into actual legislation, it may be useful to look to other regulatory regimes to set reasonable expectations for establishing national standards for privacy and data protection.

While some may disagree with my point of view, I am confident most will agree that the potential for disruptive change in the marketplace makes the above task very important.

“Culture" has transformed from an ethereal, abstract word to a blunt instrument for finding fault on myriad qualitative matters affecting the organization. If there's a failure someplace, culture is blamed.

Most companies have a plan for disaster recovery of IT, real estate, and data – but what happens when you must respond to allegations of a violation of customer trust or compliance?

Insiders know that compliance officers and internal auditors, beleaguered and sometimes frustrated as they may be, hold the “keys to the kingdom” when it comes to knowledge of corporate ethical and legal lapses within their companies.

Every day, employees share sensitive information with external parties. While this may not seem like a serious threat, the export of data to the wrong person, such as someone in a foreign country or a non-US citizen, could result in serious consequences for both the employee and his/her employer.

With the expansion of large multinational corporations into developing countries, a proliferation of global regulatory enforcement actions, including anti-bribery and anti-corruption, has risen. Executives, including general counsel, compliance and risk officers, are smart to plan in advance for potential regulatory investigations.

Covered entities and business associates should supplement “out-of-the-box” privacy, security and breach training programs with specific training hypotheticals that mimic incidents that have occurred in the workforce within the previous year.

Board members of healthcare organizations are under more scrutiny than ever as a result of the unique compliance requirements in the healthcare industry, as well as increased regulatory enforcement and third-party lawsuits.

Your company’s code of conduct has an antitrust section. It seems to be a universal section. But this universality often results in complacency. Do you know how serious antitrust risk is to your company?

The Treasury Department has cracked down on the practice of inversion, so company execs who managed to pull one off before the deadline now have major integration headaches to contend with -- especially in HR.

In addition to penalties, prison terms, and the associated costs of investigation and defense, another less well-known consequence of bribery is debarment from contracting on projects funded by the World Bank.