In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.

Shujinko announced the results of a survey of North American CISOs documenting the challenges facing security and compliance professionals preparing for a wave of upcoming audits. The survey, a joint effort between Shujinko and Pulse, found that calendars for security and compliance audits are largely unchanged despite COVID-19, yet the pandemic is straining teams as they work remotely.

Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.

The vast majority (80 percent) of internal auditors are facing barriers to being involved in managing fraud risk, despite almost two thirds (62 percent) saying they had seen an increase in fraud incidents over the past five years, according to a new report by Kroll, The Institute of Internal Auditors (IIA) and Internal Audit Foundation.

Oyster Consulting announced that Ed Wegener has joined the firm as a Managing Director with the Governance, Risk and Compliance team. Ed brings a deep knowledge of compliance, risk management and supervisory controls requirements and best practices for broker-dealers and alternative trading systems. 

Nonprofits Insurance Alliance (NIA) announced that Steven Salar has joined NIA as Chief Risk Officer (CRO) responsible for compliance, risk management, internal audit, employment risk consulting, loss control and member support.

Yesterday (July 1, 2020) marked the official deadline to achieve compliance of the California Consumer Privacy Act (CCPA).

Heading into 2020 no one could have predicted how a then-mysterious new coronavirus would cripple global business, as it is now. The last time a global crisis struck with such force, it was a man-made event – when the subprime mortgage crisis in 2008 caused the worst recession in U.S. history since the Great Depression. What are four different dimensions of risk enterprise security leaders need to assess right now?

What is the impact of cybersecurity compliance in this new age of accelerating regulation, pandemic-driven communications and as business processes move to the cloud?