[BreachExchange] An Entrepreneur's Guide to Compliance

Fri Sep 2 15:31:27 EDT 2016

http://www.foxnews.com/us/2016/08/31/entrepreneur-guide-to-compliance.html

Understanding your role in compliance and staying ahead of federal
regulations is challenging, but it’s infinitely preferable to the fines and
other costs associated with non-compliance.

Creating a culture of compliance in your organization, even if it’s just
you, isn’t something that you can deal with in the future, or assume is the
domain of only larger organizations. In the current business climate, every
organization, regardless of size, is held accountable for compliance, and
regulators are examining compliance plans and policies more closely than
ever.

As an entrepreneur, what does compliance mean to you? There are a few
things that you need to be cognizant of, and if a plan to ensure compliance
is not already in place, creating one should be one of your first
priorities.

Mitigate your compliance risk with education.

Perhaps the most important step toward maintaining compliance is remaining
informed and staying abreast of the always changing regulatory environment.
Staying in the know and taking proactive steps to stay ahead of changes is
the best way to avoid being caught unaware, and to ensure that your
planning is in line with the most current applicable regulations. Here are
some of the ways you can stay informed.

Follow industry news via social media and online publications. All new and
changing regulations are announced and discussed at length in these
sources. Staying in the loop will give you up-to-the-minute guidance and
analysis. Pay especially close attention to news about compliance
infringement cases to learn more about what not to do and what regulators
are looking for.
Subscribe to bulletins and updates from the Federal Trade Commission (FTC),
Consumer Financial Protection Bureau and other relevant organizations to
learn about changes and updates to compliance regulations.
Consult with your peers and mentors about the issues and regulations that
affect your company and activities, and seek guidance on any updates that
seem to apply.
Attend conferences and industry events related to compliance.

The bottom line is that ignorance of the rules regarding compliance is not
an excuse, and staying informed is the best way to plan and avoid sanctions.

Develop a compliance monitoring strategy.

As the saying goes, an ounce of prevention is worth a pound of cure, and
nowhere is that more true than in compliance management. Again, monitoring
your compliance protocols now is much easier, and less costly, than dealing
with an audit and fines later.

According to Forrester research, failing to properly manage risk and
maintain compliance is likely to lead to billions of dollars in corporate
losses.

Your compliance monitoring efforts should not only closely monitor all of
your startup’s messages across channels, including digital, print and sales
or contact centers to ensure they meet compliance guidelines, but you also
need to look beyond your compliance with consumer and marketing guidelines.
You must ensure that you are adhering to best practices, particularly when
collecting consumer data.

As you collect data from consumers, you are responsible for maintaining the
privacy and security of that data, which means you need to invest in an
assessment of your systems and maintain specific data access and protection
policies. One only needs to look to some of the major consumer data
breaches in recent history to understand the importance of ensuring that
any data collected for any purpose be as protected as possible.

Ideally, your business compliance management plans should allow you to
easily audit your activities and messages to ensure compliance, and easily
identify possible issues before the regulatory agencies do. It’s also your
responsibility to develop a plan for addressing [potential] violations and
remediating the problem. In the event that your company is tagged for an
investigation, having these policies and procedures in place can go a long
way toward limiting your liability and potential losses.

Investing time and money in compliance is becoming the norm in
entrepreneurship, with more companies acknowledging the risks, particularly
in light of regulators becoming more aggressive in uncovering and
addressing compliance violations. As an entrepreneur, it’s your
responsibility to know and enforce the rules, and be prepared to
demonstrate compliance in everything you do.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160902/362e7497/attachment.html>