Building Towards Successful Policy Management Webinar Series

Building Towards Successful Policy Management Webinar Series

All organizations need well-managed policies and procedures. Your policies and procedures are the first line of defense against risk, and they help your organization run smoothly. Is your policy management process effective? Is it up-to-date? Now is a good time to review your policy management process. We've created a three-part webinar series to help you. 

Failure to Protect ePHI Costs Millions of Dollars

Failure to Protect ePHI Costs Millions of Dollars

Protecting ePHI or electronic Protected Health Information should be a top priority for your organization or you'll soon face huge fines from government entities. Recently, 21st Century Oncology, Inc. (21CO) agreed to pay $2.3 million to the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) and adopt a comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. 

The Comprehensive Guide to Different Forms of Malware

The Comprehensive Guide to Different Forms of Malware

To define malware, it is malicious software coded with the intent of causing harm to a user, system, or a network. Although malware is nothing new, the rate at which it continues to evolve into new invisible forms of threats should raise the alarm for many businesses. It's important that your organization's staff understands the threat that malware poses and the difference between each form of malware.

HIPAA Key Dates and Creation Timeline

HIPAA Key Dates and Creation Timeline

Since it was enacted in 1996 by the United States government, The Health Insurance Portability and Accountability Act has enforced strict penalties for organizations who fail to provide data privacy and provisions towards safeguarding medical information. More specifically, it demands that the Department of Human Services and Health in the U.S. (HHS) create regulations that protect both the security and privacy of health information.

The FTC's New Policy Enforcement Statement Updates COPPA Enforcement

The FTC's New Policy Enforcement Statement Updates COPPA Enforcement

The Federal Trade Commission (FTC) issued a policy enforcement statement on October 23rd, 2017 that provides new direction on the application of the Children's Online Privacy Protection Rule ("COPPA"). Specifically, they've updated the collection of audio voice recordings online. COPPA compliance applies to operators of online services that are either directed to children under 13 years of age or know they are collecting personal information from children under the age of 13.

The True Costs of Non-Compliance

The True Costs of Non-Compliance

Maintaining compliance on every facet of your organization isn't easy. It's especially hard for smaller organizations and start-ups who simply don't have enough revenue to be able to afford a compliance officer. However, the costs of being out of compliance can be far greater and bring more lasting consequences for companies. Below we've outlined some of the biggest costs associated with non-compliance.

GDPR Compliance Best Practices

GDPR Compliance Best Practices

The EU's General Data Protection Regulation (GDPR) is a set of consumer data privacy regulations that apply common guidelines to companies. Although the enforcement data isn't until May 2018, the regulations pose looming issues for CIOs as they could face significant fines for non-compliance.

3 Key Steps Towards NIST 800-171 Compliance

3 Key Steps Towards NIST 800-171 Compliance

Your organization has until December 31, 2017 to implement NIST SP 800-171 if you have contracts with the United States Department of Defense (DoD) or are a subcontractor to a prime contractor with DoD contracts. This requirement is stipulated in the Defense Federal Acquisition Regulation Supplement (DFARS).

5 Tips Towards Great Compliance Training

5 Tips Towards Great Compliance Training

Compliance training should be viewed within your organization as one of the most important facets of your company both in terms of legal responsibility as well as operational efficiency. But all too often, compliance training is an afterthought. In today's compliance environment it seems as though there are new regulations penned by the government on a daily basis. Yet too many organizations still cling to their simple read-and-agree policy format for their compliance training. This form of training exposes your organization to threats that could lead to massive government audits. 

The Five Main Cyber Security Activity Categories - IDPRR

The Five Main Cyber Security Activity Categories - IDPRR

When dealing with the cyber security of your organization you have to evaluate your legal environment. Are there regulations put into place that can help regulate and maintain a safe and secure work environment? Is there a set policy framework for computer security guidance that will help me assess our cyber security readiness? 

7 Steps Toward a Better Cyber Security Environment

7 Steps Toward a Better Cyber Security Environment

Regardless of the type of business, you are working within it's extremely likely that you utilize the internet in some way. Although one of the best resources in our lifetime, the internet can pose a huge threat to your organization. As a means to combat that threat, it's important that you take and implement certain precautions towards a safe and secure environment. We've taken the time to list 7 steps towards a better cyber security environment.

Cyber Security is More Important Now Than Ever Before

Cyber Security is More Important Now Than Ever Before

We live in a world of constant connection. You wake up in the morning and check your phone, link your phone to your car's Bluetooth adapter on your way to work, purchase coffee at your favorite cafe, and connect to the internet in order to do your job's daily responsibilities. From when you woke up to when you got to work you've already used four different device connections without even realizing it. What happens if these connections are forcefully disrupted?

The Five Most Vexing Regulations for Small Businesses

The Five Most Vexing Regulations for Small Businesses

If you are a small business owner, you've probably realized how complex the regulatory environment is. In fact, the Code of Federal Regulations has grown to more than 175,000 pages. Of all of the federal regulations out there, which ones are the most burdensome on small businesses? Below we've listed the five most vexing regulations for small businesses.

Elements of an Effective Corporate Compliance Program

Elements of an Effective Corporate Compliance Program

Paul McNulty and Stephen Martin of the Baker and McKenzie law firm developed what they call the "Five Essential Elements of a Corporate Compliance Program" that are based upon the best practices set out in the seven elements of corporate compliance. Below we've listed their five elements and why each of them are essential to any corporate compliance program.

Organizations Not Utilizing Compliance Software are More Likely to Face Challenges

Organizations Not Utilizing Compliance Software are More Likely to Face Challenges

Organizations who are not utilizing some form of compliance software or automation technology are more likely to face challenges, audits, and potentially bankruptcy. NAVEX Global surveyed over 1,000 different compliance employees across six different industries. The survey data highlights strategies and challenges with policy management programs and one of the biggest takeaways from the survey were the blatant differences in efficiency between the companies who utilize automated compliance software and those who do not.

Compliance Terminology and What They Mean

Compliance Terminology and What They Mean

When you are an expert in compliance you understand what all of the industry terminology and jargon mean. However, many small business owners are new to practicing compliance and, with the ever-growing importance of compliance, it's important to understand what all of the terminology means.