Tag: Data Privacy

Categories
FCPA Compliance Report

FCPA Compliance Report: Jonathan Armstrong on Sweeping Changes in The UK Government: Insights on Compliance

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox welcome Jonathan Armstrong to discuss the seismic shift in the UK’s political landscape following the election last week.

The election was literally one for the ages. It led to a significant Labor victory over the Conservatives. They delve into the implications for compliance and governance in both the UK and globally. Topics include the new government’s proactive approach, anticipated shifts in bribery enforcement, and fiscal policies.

They also explore potential changes in AI regulation, employment law, data protection, and international relations, especially concerning Russia and China. The conversation highlights Labor’s balanced strategy, aiming for sensible, centrist policies while addressing key issues like corruption, AI, and data privacy.

Highlights in this Episode:

  • An election result for the ages
  • Impact on Bribery and Corruption Enforcement
  • Trade Sanctions, Russian Oligarch’s and Forced Labor
  • AI and Beyond
  • Data Privacy and Data Protection
  • Labor and Employment Rights

 Resources:

Jonathan Armstrong on LinkedIn

UK General Election 2024 – What Might This Mean for Compliance?

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Impact of Data Privacy

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In today’s episode, we explore the importance of privacy in data-driven compliance and the challenges and tradeoffs involved in implementing effective compliance strategies.

 

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
From the Editor's Desk

From The Editor’s Desk – January and February 2024 in Compliance Week

Welcome to From the Editor’s Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week, unpack some of the top stories that have appeared in Compliance Week over the past month, look at the top compliance stories upcoming for the next month, talk about some sports and generally try to solve the world’s problems.

Tom Fox and Kyle Brasseur are back. In this episode, they look at the Department of Justice’s role in shaping corporate compliance practices through its enforcement actions, setting the tone for companies to voluntarily self-disclose and cooperate. Tom believes that the DOJ is making a concerted effort to highlight what companies are doing right in enforcement actions, particularly in relation to remedial efforts and cooperation. He sees the DOJ’s settlement documents as a clear communication of what they expect from companies going forward. Kyle emphasizes the importance of focusing on the positive aspects of enforcement actions and learning from what companies are doing right to prevent similar situations in the future. He mentions the use of data analytics and the retention of off-channel communications as examples of new expectations from the DOJ. Join Tom Fox and Kyle Brasseur on this episode of From the Editor’s Desk as they delve deeper into the topic of DOJ enforcement actions and corporate compliance practices.

Highlights Include:

  • SAP Enforcement Action
  • CNIL and Amazon’s Excessive Employee Surveillance Violation
  • Exploring Best Practices in Know Your Customer and Anti-Money Laundering Compliance
  • Highlighting Compliance Success in Financial Services
  • Insights from DOJ Enforcement Actions Roundtable
  • Bill Belichick
  • NFL Playoffs
Categories
Daily Compliance News

Daily Compliance News: January 25, 2024 – The Big Brother Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Menendez says search warrants are unconstitutional.  (Roll Call)
  • Wayne LaPierre claims he’s too sick to go to trial. (Business Insider)
  • More bad news for Boeing. (WaPo)
  • Big Brother arrives at the workplace. (BBC)

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program Through Data Analytics: Day 10 – The Impact of Privacy Regulations on Compliance

What is the impact of privacy regulations on data-driven compliance? Every CCO must be aware of the importance of privacy in data-driven compliance and the challenges and tradeoffs involved in implementing effective compliance strategies. A key mandate is for CCOs and compliance professionals to have a compliance program that provides visibility into their data. This emphasizes the importance of having efficient and effective compliance solutions in place or as I have previously noted CCOs must have access to their compliance data literally at their fingertips.

This is one of the drivers for key trends shaping compliance technology in 2025 and beyond. The RegTech market is growing rapidly, and there is increased regulatory focus on cryptocurrency activities, ESG, and information security and cybersecurity. These trends indicate the evolving landscape of compliance and the need for organizations to stay updated and adapt their compliance strategies accordingly. By embracing connected compliance and leveraging technology, organizations can navigate the complex regulatory landscape and ensure compliance with privacy regulations while driving business efficiency.

 Three key takeaways:

  1. CCOs and compliance professionals must have a compliance program that provides visibility into their data.
  2. ESG regulations affect not only regulated industries but also any company holding private customer data or involved in large supply chains.
  3. By embracing connected compliance and leveraging technology, organizations can navigate the complex regulatory landscape and ensure compliance with privacy regulations while driving business efficiency.

For more on KonaAI, click here.

Categories
Daily Compliance News

Daily Compliance News: November 7, 2023 – The Apology Accepted Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. all from the Compliance Podcast Network. Each day we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • ICO apologizes to the ex-Nat West chief. (FT)
  • A 70-hour work week in India? (BBC)
  • Integrity in cricket. (University of Sussex)
  • Do chatbots violate anti-wiretap laws? (Reuters)
Categories
Daily Compliance News

Daily Compliance News: October 26, 2023 – The Don’t Play Games Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance related stories to start your day. Sit back, enjoy a cup of morning coffee and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Forced labor in yet another Chinese industry?  (WSJ)
  • Data privacy and Trump. (The Guardian)
  • Suspicious death shadows Austrian corruption probe. (FT)
  • Don’t play games with the SEC. (Reuters)
Categories
Corruption, Crime and Compliance

Catching Up with California and State Data Privacy Laws

California’s data privacy regulations, primarily embodied in the California Consumer Privacy Act (CCPA) and its extension through the California Privacy Rights Act (CPRA), constitute a pioneering and influential framework. These regulations, effective from 2018 and further strengthened in 2020, set a standard for data protection not only within the state but also across the national and global economy. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the nuances of the CCPA and CPRA, and the evolving data privacy landscape.

You’ll hear Michael talk about:

  • The lack of a federal data privacy law in the United States has led to a complex patchwork of state laws. Businesses are faced with the challenge of navigating these varied regulations, which contributes to compliance complexities.
  • California, through the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), is a leader in data privacy regulation in the United States, with implications for both the national and global economy. The CPRA, enacted in 2020, establishes the California Privacy Protection Agency (CPPA) to enforce the law robustly.
  • The CPRA introduces critical changes, including: 
  • Protection of employee and business-to-business personal information, which is now subject to the same privacy protections as consumer personal information. 
  • Enhanced consumer rights, such as the right to access, delete, and correct their personal information, and the right to opt out of the sale of their personal information.
  • Companies are now obligated to implement reasonable security precautions and undergo annual cybersecurity audits and risk assessments.
  • In addition to California, other states such as Virginia, Colorado, Utah, Iowa, and Connecticut have also enacted data privacy laws that echo the GDPR. Businesses must stay up-to-date on evolving compliance requirements and adapt their systems accordingly.
  • Compliance issues comprise risk assessments, impact assessments, adherence to data breach requirements, and compliance with notification standards. Companies are developing systems based on the most stringent set of laws to guarantee compliance.

 

KEY QUOTES

“We have a patchwork of laws that apply in the United States. Unfortunately, we continue to suffer from the absence of a federal data privacy and breach notification law. Congress has tried for years to broker a deal here, but it has never been able to overcome strong lobbying forces. Whether it’s high tech trial lawyers, law enforcement, or other gadflies, the public continues to suffer.” – Michael Volkov

 

“Many commentators have suggested that California’s data privacy laws and regulations are starting to look closer and closer to the EU’s GDPR regime.” – Michael Volkov

 

“To me, we’re getting into a more strict regulation. We already have, under the California Consumer Privacy Act, a requirement to have on your website: an ‘opt out’ in terms of any information that you may provide to a website, that it can’t be used by the entity for sharing or selling or whatever consumer products purposes. So keep tabs on the California events.” – Michael Volkov

 

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Data Driven Compliance

Data Driven Compliance: Rachael Ormiston on Privacy as a Business Differentiator

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

We take things in a data privacy direction today as I visit with Rachael Ormiston, Head of Privacy at Osano, whose No Penalties Pledge sets them apart in the privacy industry, offering customers assurance that they won’t face fines for non-compliance. In conversations with Tom Fox, Rachael Ormiston discusses the importance of privacy as a business differentiator and the impact of GDPR. Trust is highlighted as crucial for building a positive customer experience. Osano has developed a privacy maturity model to help companies assess their progress and prioritize compliance. Their website offers valuable resources, catering to both experts and beginners in the field. Rachael emphasizes the increasing importance of data privacy and the need for companies to prioritize it at the executive level.

Highlights Include

·      Osano’s No Penalties Pledge

·      Privacy as a Business Differentiator

·      The Importance of Privacy Compliance

·      Data Privacy and Free Resources

Resources:

Osano

 

Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Life with GDPR

Life With GDPR: WhatsApp Breach: Hospital’s GDPR Failures Exposed

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage’s banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss a data breach in a Scottish hospital during the COVID-19 pandemic.

The breach occurred when hospital staff shared patient details on WhatsApp, raising concerns about GDPR compliance. The hospital informed the ICO about the breach but chose not to notify affected patients, highlighting the need for appropriate advice and support when making such decisions. The conversation also explores communication challenges in internal investigations and the privacy and security risks of platforms like WhatsApp. It emphasizes the importance of organizations adapting to the preferences of digital native employees and conducting data protection impact assessments. The podcast also highlights the importance of effective policies, training, and proactive phishing training to prevent cyber-attacks and protect sensitive information.

 

Key Takeaways:

  • Data breach in Scottish hospital
  • The Challenges of Communication in Internal Investigations
  • Importance of Policies and Training
  • Phishing Training Effectiveness

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Connect with Tom Fox

Connect with Jonathan Armstrong