Compliance

Overheard talking about e-prescribing

As with any business-to-business supply chain, if you administer electronic data interchange without standards, it doesn’t work. Ted Kremer, as quoted in Lack of health information exchange standards slowing adoption

Today’s WhatIs.com Word of the Day is e-prescribing incentive program.

Overheard - Credit CARD Act

“While companies can’t hike your rates on existing balances unless you’re 60 days late with a payment, they can raise rates on future purchases any time and for any (or no) reason. They do have to tell you this, but they’ll probably send it in an envelope that looks like junk mail in the hopes you’ll throw it out.” Lauren Bowne, as quoted in Beware: Loopholes in the Credit CARD Act you need to know about

Today’s WhatIs.com Word of the Day is Credit CARD Act.

Martha White provides a great overview of the Credit CARD Act’s “gotchas” in her interview with Lauren Bowne.

While the CARD Act has limits on the severity of penalty fees you can be charged, there’s no rule against card companies making up as many new fees as they can conjure and charging whatever they like for them.

Overheard - IFRS

While U.S. GAAP could conceivably become the de facto global standard, it seems more likely that IFRS will hold that distinction. More countries and markets use IFRS, it has been developed with an international view from the start, and it has the structures in place to obtain global input and acceptance. Scott Taub IFRS & U.S. GAAP: Where Do We Stand?

Today’s WhatIs.com Word of the day is International Financial Reporting Standards (IFRS).

Overheard - clean desk policy

I was accompanied by a Senior Director, who attempting to find a machine with which to demo a new product, chanced upon a staff member’s desk where some documents had been left in full view. He picked them up and said he would lock them in his own office, so that the staffer wasn’t fined. Apparently, company policy at the time was to enforce the clean desk policy through an automatic payroll deduction. :-O David J. Anderson, Clean Desk Policies

Today’s WhatIs.com Word of the Day is clean desk policy.

Overheard - data archiving

“Technically, archiving applications used for compliance should apply policies to files, move files based on those policies and keep audit information on files.  Also, the file content should be indexed to make it searchable and be written to specific media depending on regulatory specifics.” Shane O’Neill, Choosing a compliance archiving tool

Today’s WhatIs.com Word of the Day is data archiving.

Overheard - FACTA Red Flags Rule

Compliance with the Red Flag rules must take a risk-based approach. Organizations are not given a specific set of items to implement; there is no detailed checklist. Compliance is principle-based focused on the outcome — avoiding identity theft — and not on specific requirements. Michael Rasmussen, Red Flag Rules compliance demands a risk-based approach

Today’s WhatIs.com Word of the Day is Red Flags Rule.

Overheard - Enterprise document management

Compliance is a hamster wheel of pain. Are we in compliance? -> Hire Consultant -> The Consultant Says No -> Scurry and spend -> Repeat. Alex Hutton, The Cult Of Compliance

Today’s WhatIs.com Word of the Day is enterprise document management.

Overheard - Bank Secrecy Act

FinCEN is now seeking to engage smaller to moderate size depository institutions who are working to implement the four pillars of theBank Secrecy Act regulatory regime: (1) policies, procedures and internal controls; (2) designation of a compliance officer; (3) ongoing training; and (4) independent testing. Bryan Cave Law Firm, October 2009 Client Alerts

Today’s WhatIs.com Word of the Day is Bank Secrecy Act.

Overheard - Shared Assessments Program

“One of the big issues everyone faced, especially on the service provider side was the inconsistency in the level of questions and controls clients looked at. This sets the standard and a baseline so everyone is looking at pretty much the same types of controls…You remove inconsistency and raise the overall bar of information security.” Charlie Miller, as quoted in Shared Assessments aims to ease third-party security evaluations

Today’s WhatIs.com Word of the Day is Shared Assessments Program.

Overheard - FISMA and ICE

“The new FISMA requirements call for government agencies and DoD contractors to comply with a set of prioritized controls that reflect their ability to detect and stop cyberattacks.” Alexander B. Howard, ICE Act would restructure cybersecurity rule, create White House post

Today’s WhatIs.com Word of the Day is FISMA.