Compliance Pointers | Podcast on RSS.com

Compliance Pointers

Compliance Pointers

by CompliancePoint

Business Technology

Season 4

SOC 2 Auditor Red Flags

The Delve story has put the spotlight on the quality of auditors assessing #compliance with privacy and cybersecurity frameworks. In this episode of Compliance Pointers, Carol Amick shares how to spot the red flags that your SOC 2 auditor may not be up to par. Click the link in the comments to learn about: 🕰️ 💲 Unrealistic price and speed promises 🪏 How involved your organization needs to be in the audit 🔬 Best practices for vetting auditors 🔎 How to vet your vendor’s SOC 2 reports

Analyzing the Written Consent Ruling

In a case out of Texas, the Fifth Circuit Court of Appeals held that the TCPA requires only “prior express consent,” not “prior express WRITTEN consent,” for prerecorded calls to wireless numbers. Tony Jarnigan joined Compliance Pointers to break down the ruling and its significance for the telemarketing industry. 🧑‍⚖️ The Bradford v Sovereign Pest Control – the case and ruling 🧑‍⚖️ Trends in TCPA rulings 🧑‍⚖️ How this ruling plays with Texas SB 140 🧑‍⚖️ How businesses should proceed Learn more about CompliancePoint's Marketing Compliance Services at https://www.compliancepoint.com/services/marketing-compliance/

The Intersection of AI Governance and Traditional Security Frameworks

As organizations embed AI deeper into their operations, AI governance needs to become more of a priority. How do traditional security frameworks account for AI risks and governance? Brandon Breslin joined Compliance Pointers to explore this issue. Watch the complete episode to learn about: ✅ Why PCI, #SOC 2, HITRUST, and ISO 27001 are beginning to converge around AI ✅ The growing AI accountability gap many organizations face ✅ What auditors are starting to evaluate in AI-enabled environments ✅ Practical first steps for building AI governance Learn about CompliancePoint's AI Risk Management Service here: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/ and our InfoSec Certification services here: https://www.compliancepoint.com/services/information-security/

State Privacy Laws - What Regulators are Looking For

As of January 1st of this year, there are 19 state data #privacy laws in effect. But when enforcing these laws, what are regulators focusing on? The recent #Disney #CCPA settlement and a report from the Connecticut AG give us some idea. Matt Dumiak joined Compliance Pointers to explore the violations currently in the crosshairs for enforcement, including privacy notices, breach notifications, opt-outs, allowing consumers to exercise their privacy rights, and more. Learn more about CompliancePoint's Data Privacy services at https://www.compliancepoint.com/services/privacy/

Cloud Security and Compliance Best Practices

Cloud computing has added speed and flexibility to the IT landscape, but it has also added a layer of complexity that creates additional risks of data breaches and other cybersecurity incidents. In this episode of Compliance Pointers, Alec Harrell, breaks down cloud misconfigurations that are creating unnecessary vulnerabilities for organizations. Watch the entire episode to learn: • Common cloud security mistakes, including publicly accessible storage, insufficient logging and monitoring, and weak authentication. • How these misconfigurations jeopardize #compliance with frameworks and regulations like HIPAA, PCI DSS, and ISO. • Best practices for cloud security Learn more about common cloud misconfigurations here: https://www.compliancepoint.com/cyber-security/common-cloud-misconfigurations-and-their-compliance-implications/ Learn more about CompliancePoint's cybersecurity services: https://www.compliancepoint.com/

The California Invasion of Privacy Act - Managing CIPA Risks

The #California Invasion of #Privacy Act, better known as #CIPA, is a decades-old law that has renewed relevance today with the prominence of cookies and web trackers. With the number of CIPA demand letters on the rise, Matt Dumiak breaks down what companies can actually do to reduce risk. If your organization runs a website, uses trackers, or relies on digital marketing, don’t miss this episode of Compliance Pointers. Watch the complete episode to learn: 💻 What CIPA really is—and why it’s being applied to website tracking today 💻 Why cookies, pixels, and chat tools are driving a surge in demand letters 💻 How CIPA compares to the #CCPA 💻 Common risk-mitigation strategies and the tradeoffs that come with them 💻 Why consent banners alone aren’t a silver bullet Learn more about CompliancePoint's privacy services at: https://www.compliancepoint.com/services/privacy/ and about our Cookie Management Services at: https://www.compliancepoint.com/services/privacy/cookie-management-services/

AI Risk Management That Scales with Adoption

AI adoption continues to accelerate. Can organizations’ governance and risk-management efforts keep pace? In this episode of Compliance Pointers, Brandon Breslin explores how AI is changing workforce dynamics, introducing new risks, and why frameworks like ISO 42001 are becoming essential. Watch the entire episode to learn about: ✅ The impact of accelerating AI adoption ✅ Managing AI risks ✅ Using AI to power compliance Strategies ✅ Relevance of ISO 42001 in AI governance Learn more about CompliancePoint's HITRUST certification services at: https://www.compliancepoint.com/services/healthcare/hitrust-certification/ Learn more about our AI Risk Management Services at: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/

The HITRUST AI Options

Two AI-focused options that can be incorporated into HITRUST validated assessments are now available. How do businesses know which option makes the most sense for them? We get answers in the latest episode of Compliance Pointers. Watch the complete episode to learn: 💡 The nuts and bolts of the #AI Security Assessment and Certification and AI Risk Management Assessment 💡 How the AI options work with HITRUST assessments 💡 How to determine which option is best for you #cybersecurity #artificialintelligence Learn more about CompliancePoint's HITRUST certification services at: https://www.compliancepoint.com/services/healthcare/hitrust-certification/ Learn more about our AI Risk Management Services at: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/

Ask an Attorney: What's Driving Email Compliance Litigation

Email has long been viewed as a #marketing activity with less #compliance risk, but that may be changing. In this episode of Compliance Pointers, Frank Nolan, a partner at Eversheds Sutherland, explains what’s driving an increase in email compliance litigation. Watch the complete episode to learn: 📧 How a California email law creates more risk than CAN-SPAM and is being used to fuel new class action lawsuits 📧 How Gmail ads and “converted” emails are becoming a novel litigation target 📧 Email mistakes that can land a business in trouble 📧 Best practices to reduce risk #EmailMarketing #CANSPAM Learn more about Eversheds Sutherland: https://www.eversheds-sutherland.com/en/united-states Learn more about Frank: https://www.eversheds-sutherland.com/en/united-states/people/nolan-francis Learn more about CompliancePoint's Marketing Compliance Services at: https://www.compliancepoint.com/services/marketing-compliance/

Season 3

Is ISO 42001 Right for Your Business?

ISO 42001 is the first global framework for AI management. The framework is designed to help organizations build trust, reduce risk, and align innovation with accountability. But how do you know if it’s a good fit for your organization? Brandon Breslin joined Compliance Pointers to answer that question. Watch the entire episode to learn: • How ISO 42001 compares to other AI security frameworks • The deciding factors when considering ISO 42001 certification • How to get started • Benefits of ISO 42001 certification Learn more about CompliancePoint's ISO 42001 Certification services here: https://www.compliancepoint.com/services/information-security/iso-42001-certification/

1 of 10