As risk management intensifies and Washington considers all manner of new regulatory requirements, the wisdom behind establishing and operating a compliance committee continues to get stronger. For many companies—typically larger organizations or those in highly regulated industries—the compliance committee is alive and well, overseeing traditional, existing compliance obligations. “The question is how well equipped those […]
Data Privacy
Posted inInternal Controls
Scoping Out an Audit of Privacy Programs
Any corporation of any size today must worry about privacy and information security. Protecting sensitive information has always made good sense, but most developed nations now have laws that restrict some uses of at least some types of data. European countries have regulated personal data protection since the mid-1990s. Canada’s Personal Information Protection and Electronic […]
Posted inData Privacy
Coping With Recovery Act’s HIPAA Requirements
The challenge of HIPAA compliance is about to go viral. Thanks to the American Recovery and Reinvestment Act, signed into law in February, many more companies—including law firms, accounting firms, and other businesses that might assume to be arm’s length from the healthcare industry—now face stronger federal regulations around the security of personal health information. […]
Posted inData Privacy
Recovery Act: Big Compliance Changes, Coming Fast
The economic recovery bill signed into law last month promised all manner of stimulus and reforms to get America working again. And sure enough, compliance officers now have lots to do. Formally known as the American Recovery and Reinvestment Act, the law imposes a slew of new compliance obligations—many taking effect right away, even though […]
Posted inData Privacy
More Rules on EU Data Privacy, but Will They Help?
New guidance on shipping sensitive electronic data across borders may not be all that much help to global companies grappling with various nations’ compliance regimes, experts say. Differing attitudes in the United States and Europe about data privacy have vexed large companies for several years, as they try to manage their obligations here for discovery […]
Posted inEurope
Europe’s Private Equity Funds Fight Tougher Regulation
Europe’s private equity industry has offered to follow a new set of professional standards, including a corporate governance code, in an effort to fend off the prospect of tougher regulation from the European Commission. But the European Venture Capital Association’s proposed reforms are still based on a self-regulatory approach. It wants to create its own […]
Posted inData Privacy
Roundtable Discusses Supply Chain Risks
On Jan. 27, 2009, Compliance Week and Integrity Interactive presented an editorial roundtable focusing on supply chain risks—both inside and outside of the organization. The discussion, which took place at The Harvard Club in New York, involved more than 20 compliance and legal professionals, who provided insights into today’s largest supply chain risks (think peanut […]
Posted inData Privacy
Heads Up: Mass. Eases & Delays Data Security Regs Again
Welcome news for companies that maintain personal information of Massachusetts residents: The state’s Office of Consumer Affairs and Business Regulation has once again eased and delayed new identity theft regulations that require companies to encrypt personal information stored on portable devices or transmitted wirelessly or on public networks. The latest delay, announced Feb. 12, gives […]
Posted inAccounting & Auditing
Offshored External Audits Expose Regulatory Issues
Big 4 audit firms are quietly offshoring portions of the external audit work for publicly held companies, raising a bevy of questions about whether the work is visible to the companies themselves, their investors, and even regulators. Brian Daugherty, assistant professor at the University of Wisconsin, says he first learned of the effort in 2007 […]
Posted inData Privacy
Security Control Threats in Tight IT Budgets
For all the improvements companies have made to their IT security and control systems in the last five years, one menace still looms large these days: that layoffs will wreck the compliance system you’ve carefully crafted. The most significant threats to a company have always lurked within its own walls. Now, as job security diminishes […]
