Summary: Podcast featuring the top Compliance and Ethics thought leaders from around the globe. The Society of Corporate Compliance and Ethics and the Health Care Compliance Association will keep you up to date on enforcement trends, current events, and best practices in the compliance and ethics arena. To submit ideas and questions, please email: firstname.lastname@example.org
By Adam Turteltaub email@example.com These days compliance teams play a large role in vetting third parties, especially in high-risk countries and business areas such as sales consultants. But after the vendor is cleared and it’s time to write up the contract, compliance needs to remain involved, according to Amy McDougal, President of CLEAR Resources and Jason Meyer, President of LeadGood. As they point out in this podcast, the legal team tends to be focused on the typical legal issues, not on how to reinforce the compliance program, including extending rights to audit. What’s reasonable to expect from your vendors when it comes to compliance? They caution against being overly demanding, especially with smaller vendors. Set to the bar too high and the deal may no longer be worth it for the vendor, or they may sign on the dotted line with no intention of doing what they said they would. Also, expect some resistance from vendors with well-established programs, who likely won’t want to make changes just because their program differs from yours. And, expect to include audit rights in the agreement. They’re critical if an allegation of wrongdoing is made. Listen in to learn more about how to ensure your organization’s vendor relationships get off on the right foot and stay that way.
By Adam Turteltaub firstname.lastname@example.org For too many people LinkedIn is just a tool when looking for a new job. That’s a huge waste. The ability to connect with your peers even when you’re happy in your job and not looking elsewhere is enormous. Both SCCE and HCCA maintain a substantial presence on the site just for this purpose. LinkedIn’s Matt Ross sat down for this podcast at the 2019 SCCE Compliance & Ethics Institute (apologies for the echo in the room) to share insights into how to gain the most out of this invaluable site. Listen in to hear his recommendations including: * Have a photo and headline * The photo should show you dressed as you would be at work * Check out strangers before connecting with them * Take advantage of the content feed to both learn and make yourself known It’s a valuable conversation, even for those who think they already have LinkedIn down pat.
By Adam Turteltaub email@example.com GDPR requires businesses to be transparent, fair, and proportionate in how they collect process and store personal data. Many in compliance and the business world fear, though, that it also severely hampers the way in which business can conduct internal investigations. SCCE Vice President, Partner & Notary Public at the UK law firm Bristow’s Robert Bond, though, offers significant reassurances in this podcast. He shares that there are far too many myths about GDPR. Contrary to popular belief, GDPR does not necessarily trump other laws. It is also a myth, he reports, that employee rights under GDPR are absolute. However, that doesn’t mean an employer can do what he or she wishes. Compliance teams need to be mindful of the lawful grounds for processing data, including consent and contractual necessity. In addition, there is a need to conduct a fair assessment of whether there is a legitimate interest in conducting the investigation, one that outweighs privacy rights. Be sure also, he warns, to document your decision making in each and every case. And before you think, “Neither the company, nor the employee, are in Europe so we don’t have to worry about this,” don’t forget an increasing number of nations, and the State of California, are adopting GDPR-like laws. Listen in to learn more about how you can conduct a fair investigation, without running afoul of GDPR.
By Adam Turteltaub firstname.lastname@example.org Many companies use employee surveys to better understand the ethical health of the organization. But what about the health of the relationship with compliance? Marjorie Maier, Senior Director and Division Compliance and Privacy Officer at HMS, has found that surveys can be useful for that, too. Listen in to learn how she used regular employee surveys to understand the strengths and weaknesses of the compliance program and how she evolved her efforts to better meet the organization’s needs. It’s a journey your institution may benefit from. You’ll also gain from her advice on issues such as whether to survey the entire organization or start with just one part, how to craft questions to get more honest answers, and how to shift perceptions over time.
By Adam Turteltaub email@example.com At the 2019 SCCE Sao Paulo Regional Compliance & Ethics Conference, we were fortunate enough to be joined by Pedro Ruske Freitas, the Director of Integrity of the Comptroller General’s Office (CGU) in Brazil. The CGU is a part of Brazil’s executive branch and is, amongst other things, responsible for the government’s corruption prevention efforts. It has engaged extensively with the business community and worked very hard to support compliance efforts, even sending some of its people to the SCCE Basic Compliance & Ethics Academy in Sao Paulo to ensure it fully understood compliance and wrote appropriate regulations. In this conversation, the Director shares the enormous difference in compliance programs since the adoption of Brazil’s Clean Companies Act. He also shares the challenges he sees, including a lack of full application of compliance programs and struggles by small and medium-sized enterprises. In addition, he observes that global companies still need to ensure that they fully localize their program, with messages from both the global and local CEO and codes of conduct in Portuguese. Listen in to learn more about how to strengthen your compliance program in one of the world’s largest economies.
By Adam Turteltaub firstname.lastname@example.org When it comes to HIPAA everyone knows about the risks of disclosing Personal Health Information (PHI) improperly. Also important, but often overlooked, is the need to ensure that when patients want access to their data that they get it in a timely way and in the format that they want. Cristin Gardner, Director of Consumer Products & Markets at Life Image, warns that this is a significant risk area for healthcare providers. The regulations stipulate that entities may not require unreasonable measures of patients. Failing to meet consumer needs can be significant. As she explains in the podcast, the first settlement for a violation of the regulation came in September 2019, and it cost the hospital $85,000 for just one violation. So, why aren’t providers meeting their obligations? Part of it is due to old policies that have not caught up with the time. Many still rely on faxed and in-person requests. In addition, they are behind the times in their use of technology, still burning CDs for patients. This fails to reflect, obviously, the way data is transferred and used. In addition, it greatly slows down the sharing of critical health information. Listen in to learn more about the risk and how to help your organization start thinking differently about providing data to patients.
By Adam Turteltaub email@example.com Unconscious bias is the predisposition to believe or behave a certain way about certain groups of people. It creates both negative and positive views that are automatic and unintentional. And, these biases are highly problematic in the workplace. Debra Sabatini Hennelly, Founder and President of Resiliti, found that unconscious bias isn’t just an issue for the workforce. It can affect the compliance team as well. As she explains in this podcast, these biases stem from our brain’s need to process great amounts of information. While doing so, the mind can take short cuts that can lead to bad decision making. To avoid the pitfalls of this largely uncontrolled thinking process, we need to be consciously aware of the need to be rational and objective and have to be mindful of our own limitations. Listen in as she outlines the problem and ways to mitigate it, starting by simply slowing down to allow information to process more deliberately.
By Adam Turteltaub firstname.lastname@example.org A good investigation, no matter where you conduct it, begins with a plan, advises Elaine Khoo, Director for Compliance, Asia-Pacific Except China, for Marriott International. It will help you focus on the evidence you need to gather and people you need to interview. In this podcast, recorded during the SCCE Regional Compliance & Conference in Singapore, she offers a wealth of advice including: * Look to see who can provide you with investigation support * Know your allies and enemies * Let the interviews play against each other * The importance of respecting local culture, including that body language may differ * Always show empathy * Have a good translator on hand, who is well briefed * Respect your reporting structure * And much more Listen in to gain more, rich insights into how to make your investigation successful in Asia, and around the globe.
By Adam Turteltaub email@example.com The good news is that people trust the businesses they work for. The bad news is, they trust the businesses they work for. In a fascinating and provocative conversation, Matt Kelly of Radical Compliance shares some striking data from the Edelman Trust Barometer. The global survey reveals that 75% of people trust “my employer” to do what is right. That’s a level far higher than for any other institution, including the 54% who trust business as a whole. In addition, 74% report that “I know what is going on, I am part of the planning process, and I have a voice in key decisions; the culture is values-driven and inclusive.” All good signs but signs that carry risk. People are increasingly looking to business to solve social problems not being solved elsewhere, which could lead to new demands on compliance and ethics teams to weigh in on social issues outside the legal and regulatory scope that they have traditionally had. So, how should companies navigate this reality? Matt argues that now, more than ever CEOs need to hold managers accountable for violations, especially those that are visible and talked about. Employees have to be encouraged to speak up and supported when they do so. The compliance team needs to do a great deal of communication and outreach and encourage employees to come to them with concerns. Listen in to learn more about trust in business and how to keep it.
By Adam Turteltaub firstname.lastname@example.org Being promoted from the compliance staff to the Chief Compliance Officer (CCO) can be a great moment. But, it’s the start of a new era professionally, one that requires a new set of skills to be successful in the long run. It’s a topic that Lea Fourkiller, Managing Director at Ankura Consulting, knows well, having risen in compliance to serve as a CCO, and working as a consultant to the compliance community. In this podcast, she shares her expertise in how to not just have the leadership title, but also succeed as a leader. Listen in for her insight into: * The importance of understanding the scope of the new role, and avoiding being pulled back into doing your old job * Earning the trust and respect of senior leaders * Demonstrating your leadership skills, especially integrity * The needs to listen, stay current on laws and regulations and what is going on in the business * Thinking strategically and becoming a problem solver * Collaboration with business leaders * Developing your team It’s helpful information whether you are newly promoted to CCO or hope to be one day.
By Adam Turteltaub email@example.com There have been at least 90,000 data breaches reported under the GDPR already. That’s a big number, and Jonathan Armstrong, a partner at Cordery Compliance, thinks it’s probably on the low side. If there’s good news to the dizzying number of reported incidents, it’s that they are rich with learning for compliance professionals. In this podcast he offers valuable insights including: * Organizations need to have a plan in place before a breach * It’s highly worthwhile to not just have the plan but to also rehearse a data breach response, cognizant of the time deadlines of GDPR * Compliance must have a seat at the table and not let this just be handled as an IT issue * Organizations need to keep records to share with regulators * It’s essential to treat regulators with respect * Prudence argues for planning a response assuming your organization may have lost internet access Listen in to learn more about how to prepare your organization to prevent and respond to data breaches more effectively.
By Adam Turteltaub firstname.lastname@example.org There’s good news to report on social media, reports Kortney Nordrum, Regulatory Counsel and Chief Compliance Officer for Deluxe. Employees are starting to wake up to the risks and realize that what they share on social media has consequences. But, that doesn’t mean all is well. Risks remain for employees and their employers. As she explains in this podcast, people who are likely to make bad decisions continue to do so on social media. Despite changes in some of the National Labor Relations Board’s policies, employers are still greatly restricted in how they can respond to employee comments online. Listen in to the podcast as she discusses: * Whether or not to monitor employee activity * The importance of seeing what is being said about your company online * How to handle pre-employment social media scans appropriately Also, learn how some universities are using social media, including Twitter, to spread compliance messages and reach their people where they are. Here are some examples she recommends checking out: https://twitter.com/GopherGuardian https://twitter.com/UCDavisComply https://twitter.com/NIURules
By Adam Turteltaub email@example.com If you have a compliance and ethics program of any size, odds are good that you need a solution provider to help your program function fully. Manage the vendor search and relationship well, and if you’ve done yourself and your program a great service. Manage it badly, and you’ve created a nightmare. Jay Rosen of Affiliated Monitors knows the challenge well, having been a buyer of solutions and currently as a vendor to the compliance and ethics community. In this podcast – a preview of his session at the 2019 Compliance & Ethics Institute — he outlines how to make the vendor relationship a healthy one, beginning even before you begin a search. He advises that buyers reach out to their peers to learn what is working for them and the options in the marketplace. Once you begin the search keep tabs on how attentive the sales team is. If you’re not getting the responses you need and in a timely way then, it’s generally not a good sign. Listen in to learn more about how to make the implementation go as smoothly as possible, make the ongoing relationship a success, and when it’s time to move on.
By Adam Turteltaub firstname.lastname@example.org Compliance training is both essential to the effectiveness of every compliance and ethics program and an ongoing source of consternation: Are we doing too much or too little? Are the courses too long or too short? Are employees understanding and retaining the learning or are they just clicking through the courses? To help answer these and countless other questions, the SCCE asked Kirsten Liston, a veteran of the compliance training industry and Principal and Founder of Rethink Compliance, to write a book on the topic. The result is Creating Great Compliance Training in a Digital World. Over its 150 pages the book takes the reader through the principles of effective communication and training for adults. In this podcast Kirsten explains how the book is organized and her focus on providing practical advice on how to communicate effectively and from the perspective of the learner. She leverages thinking from fields as diverse as advertising and behavioral psychology to show what gets people to pay attention, engage with the training and take action. She also explores the importance of measuring the effectiveness of the training and the importance of figuring out what works and what doesn’t. Listen in to learn more about the book and how to think about your own training efforts. Or check out a preview of it online on COSMOS.
By Adam Turteltaub email@example.com Most every SCCE or HCCA conference has panel discussions led by a moderator. Done well, they can bring tremendous insights. Done poorly, and the audience may walk out or, even worse, doze off. Richard Bistrong is a veteran speaker and moderator. He advises that it’s important for moderators to think of themselves as supporting actors and not stars. They are there to stimulate engagement with the audience and bring out the best in the presenters. That means making sure that the conversation covers the key points, moves along deliberately and that there is ample time for questions at the end. In this podcast he also shares his advice for selecting panelists, scripting out questions, building rapport among panel members, and the role of slides: use them to support the conversation not serve as a script. Finally, he discusses the importance of the final question for every panel discussion. Listen in to benefit from his expertise. And, if you want to learn more, he recommends a recent article in The Atlantic. You can also find additional advice at the bottom of the Call for Speakers page on the SCCE and HCCA websites.