Cover Compliance Blog - News, Opinions, Tips, and More

Pushing GDPR Buttons


GDPR has been one focus of my work for over a year, and the level of interest in GDPR compliance has exploded in the last couple months. Lots of people are now scrambling to try to meet the end of May deadline, motivated often by their interactions with their business partners who are also working on compliance.

I've spent a lot of time interacting with potential clients lately where I feel like I'm successful in educating them on how big this GDPR work normally is. But the end result is usually that I convince them to either hire someone willing to do short-sighted work (and, in my opinion, waste their money AND increase their risk). Or they end up deciding not to do anything.

Hopefully, this information will be of benefit to anyone who has any kind of GDPR work to do but isn’t familiar with GDPR or maybe even formal privacy management. And hopefully, those who reach out to me about their projects will do so knowing that I’m going to tell them there’s no GDPR easy button.

Read more...

Cyber Insurance - Which Comes First? The Policy or the Policies?


This is the first in a small series on some key reasons why written policy and procedure documentation is important to your small business or medical or dental practice, no matter how small you may be.

Not many of the smallest businesses that I commonly work with have yet to purchase cyber insurance but it's becoming more popular, quickly, especially with data-intensive businesses and those facing clear and strong information protection rules such as HIPAA-regulated healthcare entities and even their business associates.

When it comes time to purchase cybersecurity insurance, odds are that you will be expected to have a defined compliance program that includes comprehensive written privacy and security policies and procedures.

Read more...

Can I Get That In Writing


It isn’t uncommon for businesses to have real rules and defined procedures that impact compliance but that are not written down. You could have a valid compliance program that is not all in writing.

I won’t be trying to convince people that they absolutely HAVE to spend money and precious time documenting businesses policies and procedures to satisfy a regulator who may have little likelihood to pay them a visit.

But there are several other reasons why small business owners should spend their money and someone’s precious time to create at least a basic set a business policies and procedures for their business or healthcare practice. And they're reasons that usually have bottom-line financial impacts.

Read more...
Categories
Tags
Dates
What We Do
Regulatory compliance advisory services for smaller and not-for-profit entities that lack resources to purchase and manage complex enterprise systems and staff.
Stacks Image p62_n32
Cover Compliance
WHERE WE ARE
Overland Park, KS in the Kansas City area

  • 1.816.226.6759