Frank Lopez’s recent Compliance Week guest column, “Tips for Mitigating Whistleblower Risk,” (March 3, 2009) provided a good overview of whistleblower policy, as well as some excellent suggestions for improving the anonymous hotline reporting process overall. It also got me thinking about the importance of moving beyond the hotline, and beyond business-as-usual reporting on risk- […]
Data Privacy
Posted inEthics & Culture
Whistleblower Policy a Necessity During Weak Economy
Tips, strategies, and frustrations about how to manage compliance programs more effectively were the dominant theme at Compliance Week 2009, as corporate compliance officers everywhere voiced concerns about the increasing risks their departments must manage—with ever-tighter budgets. The bad economy is a risk in its own right, according to Cynthia Jackson, a partner in the […]
Posted inInternal Controls
Managing IT Controls for SOX Compliance
The Sarbanes-Oxley Act is considered by many to be the road to redemption for the past sins of Enron, WorldCom, and other corporate players who subverted the rules of business by using financial engineering to inflate the performance of their businesses. Advocates for SOX consider this legislation an approach to ensure corporate responsibility for financial […]
Posted inData Privacy
FTC Looks to Revise Media Advertising
The Federal Trade Commission is issuing a strong warning to advertisers: Learn how to self-regulate, or we’ll establish regulations for you. The FTC is working to update its “Guide Concerning the Use of Endorsements and Testimonials in Advertising,” which hasn’t been revised in nearly 30 years and lags far behind marketing in the Internet age. […]
Posted inBoards & Shareholders
What Drives a Successful Compliance Committee?
As risk management intensifies and Washington considers all manner of new regulatory requirements, the wisdom behind establishing and operating a compliance committee continues to get stronger. For many companies—typically larger organizations or those in highly regulated industries—the compliance committee is alive and well, overseeing traditional, existing compliance obligations. “The question is how well equipped those […]
Posted inInternal Controls
Scoping Out an Audit of Privacy Programs
Any corporation of any size today must worry about privacy and information security. Protecting sensitive information has always made good sense, but most developed nations now have laws that restrict some uses of at least some types of data. European countries have regulated personal data protection since the mid-1990s. Canada’s Personal Information Protection and Electronic […]
Posted inData Privacy
Coping With Recovery Act’s HIPAA Requirements
The challenge of HIPAA compliance is about to go viral. Thanks to the American Recovery and Reinvestment Act, signed into law in February, many more companies—including law firms, accounting firms, and other businesses that might assume to be arm’s length from the healthcare industry—now face stronger federal regulations around the security of personal health information. […]
Posted inData Privacy
Recovery Act: Big Compliance Changes, Coming Fast
The economic recovery bill signed into law last month promised all manner of stimulus and reforms to get America working again. And sure enough, compliance officers now have lots to do. Formally known as the American Recovery and Reinvestment Act, the law imposes a slew of new compliance obligations—many taking effect right away, even though […]
Posted inData Privacy
More Rules on EU Data Privacy, but Will They Help?
New guidance on shipping sensitive electronic data across borders may not be all that much help to global companies grappling with various nations’ compliance regimes, experts say. Differing attitudes in the United States and Europe about data privacy have vexed large companies for several years, as they try to manage their obligations here for discovery […]
Posted inEurope
Europe’s Private Equity Funds Fight Tougher Regulation
Europe’s private equity industry has offered to follow a new set of professional standards, including a corporate governance code, in an effort to fend off the prospect of tougher regulation from the European Commission. But the European Venture Capital Association’s proposed reforms are still based on a self-regulatory approach. It wants to create its own […]
