Legal
How to Use Your FCPA Audit
May 18, 2011 Added by:Thomas Fox
In short, do not be afraid of the results and use Paul McNulty’s maxims of “what did you find” and “what did you do about it”. After you have completed the FCPA audit, what steps should you take? This post will explore some of the issues related to the evaluation and response...
Comments (0)
Testing Your FCPA Compliance Program
May 13, 2011 Added by:Thomas Fox
If there are components which need to be enhanced, you will have the opportunity to do so. If additional or supplemental training is called for; then take the opportunity to provide it. In short, do not be a afraid of the results...
Comments (0)
FTC Privacy Enforcement Update
May 11, 2011 Added by:David Navetta
With the Ceridian and Lookout settlements, the FTC wants to dispel the notion that it is focused solely on large scale, high profile privacy and information security violations affecting consumers. This is another reason to take a hard look at your company's compliance...
Comments (0)
Compliance: Know Who You Are Doing Business With
May 06, 2011 Added by:Thomas Fox
Both risk and compliance are converging. Your company should review its compliance program in these three areas to determine if any of its business relationships are on the lists set out in this article. Not only does it make business sense, but it may keep you out of regulatory scrutiny..
Comments (0)
Federal Court Affirms Damages in RockYou Data Breach
April 29, 2011 Added by:David Navetta
Beyond litigation risk, treating personal information in the same manner as property could significantly impact the current quid pro quo of the Internet and how information is collected, used and transferred. It will be interesting to follow this case through the next round of discovery...
Comments (0)
Audit Analytics in an FCPA Compliance Program
April 24, 2011 Added by:Thomas Fox
The laws of many countries vary in terms of the capture and correlation of ERP data and if such information can be transmitted outside a country. Such issues may be overcome with multiple servers or other hosting solutions, it also increases the difficulty of capturing such data...
Comments (0)
SEC Fines Executives for Privacy and Security Violations
April 21, 2011 Added by:David Navetta
Companies have to assess the adequacy of their privacy and data security practices, including understanding the privacy and data security legal requirements that could impact the company’s business, ensuring that the company’s practices are consistent with those requirements...
Comments (0)
FTC Privacy Enforcement and the Google Buzz Settlement
April 12, 2011 Added by:David Navetta
Now is the time to review your company’s privacy and information security practices, conduct an security assessment, and take steps to ensure that your company’s practices comply with the various privacy and information security requirements, including FTC guidance...
Comments (1)
Guidance on Internal Controls, Ethics, and Compliance
April 10, 2011 Added by:Thomas Fox
A benchmark of the elements of an effective compliance program is the OECD's Good Practice Guidance on Internal Controls, Ethics, and Compliance. This article lists 12 specific instructions for companies to utilize as a basis to construct an effective compliance program upon...
Comments (0)
Review of FTC's Proposed Privacy Framework - Part 1
December 17, 2010 Added by:David Navetta
In this part of our review, and in following parts, we dig into the specifics of the Report's proposed framework, with a eye to examining rationales for the various proposals as well as analysis on the potential effects going forward on practices and data policies...
Comments (0)
DOJ Guidance on FCPA Compliance Programs
November 12, 2010 Added by:Thomas Fox
The information included these collective Corporate Compliance Programs provides the FCPA compliance practitioner with the most current components that the Department of Justice believes should be included in a FCPA compliance program...
Comments (0)
Is Social Networking Disclosing Your Trade Secrets?
November 05, 2010 Added by:David Navetta
Periodically review the various use, privacy, copyright and other policies social networking sites to ensure that your employees aren't binding you to provisions you were unaware of or that may result in disclosure of confidential or trade secret information by default...
Comments (0)
Proposed Amendments to the FCPA
November 05, 2010 Added by:Thomas Fox
After his speech to the Compliance Week Annual Conference last May, Assistant Attorney General for the Criminal Division of the US Department of Justice, Lanny Breuer, took several questions from the audience. One of his more interesting responses was regarding facilitation...
Comments (0)
The Law of Privacy on Social Networks
October 20, 2010 Added by:David Navetta
Relevant information stored on social networks is generally discoverable in civil litigation. This simple proposition is largely ignored by most users of social media, and has been largely ignored by lawyers doing discovery in civil litigation...
Comments (0)
Managing Foreign Business Partners and the FCPA
October 15, 2010 Added by:Thomas Fox
The Wall Street Journal reported that the US Department of Justice was investigating allegations of possible bribery in Yemen by Schlumberger Ltd., in connect with their 2002 agreement with the Yemen government to create a national exploration data-bank for the country’s oil industry...
Comments (0)
A Cloud Computing Customer Bill of Rights
October 13, 2010 Added by:David Navetta
This document should be viewed less as a universal mandate, and more as a tool for cloud customers and providers to engage in spirited debate about the issues addressed in this Bill of Rights. This is a work in a progress and we invite you to submit your ideas on additional “rights” that we should include as well as any comments and criticisms on the current listing...
Comments (0)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers