Podcasts about attestations

« Mon fils a 13 ans, il pourra dire au juge où il veut vivre. »Une idée reçue que j'entends souvent chez les parents séparés.Et pourtant, c'est archi-faux !Un enfant ne décide jamais de son lieu de vie.À partir de 10 ans, il est invité à être entendu par un juge, mais uniquement pour partager son vécu et ses ressentis dans un climat de confiance et de bienveillance.Depuis mars 2024, une nouvelle loi permet même à l'enfant d'être accompagné par une personne de confiance, comme un·e psychologue.Mais alors, à quoi sert l'audition de l'enfant si ce n'est pas lui qui choisit ?Lors d'un entretien riche d'enseignements, Elisabeth Fontaine, juge de la famille au Tribunal de première instance du Brabant wallon, m'a répondu :L'audition permet à l'enfant d'exprimer ses sentiments sans être placé au cœur du conflit parental.Pour la magistrate, le rapport d'audition est un outil clé dans sa prise de décision, qui repose sur une analyse globale du dossier :- Témoignages.- Attestations médicales.- Documents du PMS (centre psycho-médico-social).- Bulletins scolaires, etc.Et ne croyez pas qu'il est possible de manipuler l'enfant : le juge est capable de déceler si la parole de l'enfant est sincère ou sous influence.Bonne écoute ! Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Schellman, founded in 2002 as SAS 70 Solutions, was originally focused on just one audit standard; the SAS 70 (subsequently replaced by SOC 2). As the client base grew so did the request to perform other audits outside of the SAS 70. Schellman grew its offerings over the past 20+ years by identifying client needs and then determining if we have the skillset and expertise to deliver high quality work. We have always stayed true to our core strengths and expertise, which is why Schellman is the only Top 100 CPA firm that specializes in IT Audit and Cybersecurity.Schellman provides full-spectrum cybersecurity third-party audits, assessments, and certifications. In a marketplace with growing cybersecurity compliance needs, organizations are struggling to incorporate additional framework and regulations in an efficient and effective way. At Schellman we harnesses our expertise and deep knowledge across the compliance standards to roadmap audits throughout the year that promotes the highest return on evidence collection and subject matter expert time.By performing specific assessments in a staggered or parallel fashion, Schellman is able to collect once and test many; both in terms of information from subject matters experts and evidence from business stakeholders. The broad range of our compliance offerings, along with our combined audit approach and depth of expertise sets Schellman apart. Schellman's approach was built to provide expertise and quality work while valuing and respecting the time and stress assessments/audits place on an organization.Learn more about Schellman: https://itspm.ag/schellman9a6vNote: This story contains promotional content. Learn more.Guests:Michael Parisi, Head of Client Acquisition, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/michael-parisi-4009b2261/Ryan Meehan, Director, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/ryan-meehan-cisa-cissp-ccsfp-iso-lead-cipp-71a5939ResourcesLearn more and catch more stories from Schellman: https://www.itspmagazine.com/directory/schellmanLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Schellman, founded in 2002 as SAS 70 Solutions, was originally focused on just one audit standard; the SAS 70 (subsequently replaced by SOC 2). As the client base grew so did the request to perform other audits outside of the SAS 70. Schellman grew its offerings over the past 20+ years by identifying client needs and then determining if we have the skillset and expertise to deliver high quality work. We have always stayed true to our core strengths and expertise, which is why Schellman is the only Top 100 CPA firm that specializes in IT Audit and Cybersecurity.Schellman provides full-spectrum cybersecurity third-party audits, assessments, and certifications. In a marketplace with growing cybersecurity compliance needs, organizations are struggling to incorporate additional framework and regulations in an efficient and effective way. At Schellman we harnesses our expertise and deep knowledge across the compliance standards to roadmap audits throughout the year that promotes the highest return on evidence collection and subject matter expert time.By performing specific assessments in a staggered or parallel fashion, Schellman is able to collect once and test many; both in terms of information from subject matters experts and evidence from business stakeholders. The broad range of our compliance offerings, along with our combined audit approach and depth of expertise sets Schellman apart. Schellman's approach was built to provide expertise and quality work while valuing and respecting the time and stress assessments/audits place on an organization.Learn more about Schellman: https://itspm.ag/schellman9a6vNote: This story contains promotional content. Learn more.Guests:Michael Parisi, Head of Client Acquisition, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/michael-parisi-4009b2261/Ryan Meehan, Director, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/ryan-meehan-cisa-cissp-ccsfp-iso-lead-cipp-71a5939ResourcesLearn more and catch more stories from Schellman: https://www.itspmagazine.com/directory/schellmanLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

RJJ Software's Software Development Service This episode of The Modern .NET Show is supported, in part, by RJJ Software's Podcasting Services, whether your company is looking to elevate its UK operations or reshape its US strategy, we can provide tailored solutions that exceed expectations. Show Notes "Okay. So I'll come on to that point is that's obviously something i'd like to talk about. But a couple of things I should mention, I guess. That I think you're absolutely right with all the points you raised, but we are trying to work on on everything there. So a couple of things are worth pointing out: one is docker-init; so nowadays if you start in like a new project with python or node or whatever, you can run the docker-init command, and what that will do is like create a dockerfile and a couple of other files, I think, to help you get started, and it sort of contains that the best practices. So to try and help you get over the hump of trying to understand how to create a dockerfile, and all the different ways you can build that without needing to know everything. So I think that really helps."—Adrian Mouat Welcome friends to The Modern .NET Show; the premier .NET podcast, focussing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. We are the go-to podcast for .NET developers worldwide, and I am your host: Jamie "GaProgMan" Taylor. In this episode, Adrian Mouat joined us to talk about Chainguard, what a distroless container is, a number of tools that you can use to check whether your containers have any CVEs present, attestations and reproducibility, and a number of ways to secure your applications once they are running in the wild. "Yeah, I like your point there about showing your receipts. So in attestations, you can also say things like, you know, “we did do this on this image.” You can create an attestation that says, “hey, I ran a scanner on this image and I had this output at this time.” And because it's all signed, you know that that did happen, if you like. Yeah, and also like, you know, you could have an attestation that said, “I ran these tests on this image at this time and this was the output,” sort of thing. So it's sort of proving that certain steps were taken."— Adrian Mouat Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Supporting the Show If you find this episode useful in any way, please consider supporting the show by either leaving a review (check our review page for ways to do that), sharing the episode with a friend or colleague, buying the host a coffee, or considering becoming a Patron of the show. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-7/chainguard-and-securing-your-containers-with-adrian-mouat/ Useful Links Chainguard Container Hacks and Fun Images OODA Loop Snyk Grype docker scout the NVD (National Vulnerabilities Database) seccomp Google Distroless project github.com/wolfi-dev SBOMs Attestation Sigstore project edu.chainguard.dev Chainguard's YouTube channel Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Editing and post-production services for this episode were provided (in part) by MB Podcast Services Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Billy Luedtke is the CEO and Founder of Intuition, an Ethereum-based authentication protocol. Billy previously served as Senior Technology Advisor at EY, a leading global professional services organization providing assurance, tax, audit, strategy and transactions. At EY, Billy created the company's blockchain consulting practice, leading the technical development of blockchain-enabled distributed systems. Billy later became a Senior Token Engineer at ConsenSys, a leading Ethereum developer (MetaMask, Infura, Linea). Billy continues to serve as an advisor at ConsenSys and MetaMask. --- Support this podcast: https://podcasters.spotify.com/pod/show/crypto-hipster-podcast/support

✨ Subscribe to the Green Pill Podcast ✨ https://pod.link/1609313639

✨ Subscribe to the Green Pill Podcast ✨ https://pod.link/1609313639

In this second part of CONCERNING BAPTISM, we looked into the other three accounts of the gospels namely; Mark, Luke & John. We take a focus on the crux of John The Baptist's ministry which appeared in all four gospels, focusing on the mission/vision of his ministry, his comparison between himself and Jesus and the end-result of His ministry. Open your heart to receive from God's Word today.Get your notes and jot as you learn in God's grace through His Word.Stay graced!Stay loved!Stay woke in God's righteousness!

Tous les samedis et dimanches, dans Europe 1 matin week-end, Alexandre Devecchio, rédacteur en chef du service débats du Figaro, livre son édito.

In this installment of Ask Michelle, Michelle updates attendees on the ACA affordability percentage, Medicare Part D Creditable Coverage Notice, and Gag Clause prohibition and attestations. Michelle answered your questions regarding qualifying events in health insurance, ACA e-filing, and what materials to distribute during open enrollment. Curious about a compliance issue? Submit your questions to AskMichelle@boltonco.com and Michelle will answer them on the next episode.  

On today's episode we welcome Bryce Patrick and Steve Dakh from the Ethereum Attestation Service. EAS is a new public good, open, permissionless, and token free. Is this the key unlock for decentralized identity through crypto?  ------ ✨ DEBRIEF | Ryan & David unpacking the episode: https://www.bankless.com/debrief-eas/  -----

ANOTHER MENTAL HEALTH SHOW FOR YOU! Are you a young, rebellious, and mental health conscious millennial who's sick of conforming to society's toxic standards? Do you struggle with making healthy decisions and feel lost in life? Look no further, because P.S.A the Mental Health Podcast has got you covered!Our Podcast-to-Podcast Bonus Series is back, and this week, the show interviews the PSA The Podcast Host, Izzy Baker.Welcome to That Entrepreneur Show- Top 1.5% Global Podcast: The show meant for high achievers with captivating conversations since 2019.Brought to you by speaker coach, Cesar Cervantes - Specializing in helping you get your transformative message to the TEDx stage. Guaranteed. To schedule your free brainstorming session, visit CesarCervantes.tvProdigy Sportive Attestations is an experience interview based podcast that brings you the edgy, masculine perspective on mental health that you have been craving. It's a safe space where you can learn and grow, even if you know better but struggle to do better. This podcast is not for the weak-willed or those who bow down to society's norms. It captures intellectual and humorous conversations that challenge your thoughts, beliefs, and actions. Get ready for some mind-bending creativity, sound research, storytelling, and the comedy style of satire that will make you laugh and think at the same time. The goal is to help you overcome decision fatigue and navigate life's struggles with ease.So, join us on this journey of self-discovery and personal growth. But remember, this podcast is for educational and entertainment purposes only, and it's not a replacement for seeking professional help.Other areas of discussion:Favorite parts of podcastingHow to start a podcastHow to keep your show freshWhy he started a podcastYouTube HacksWhat's next?Link to Izzy's Welcome Back Episode on this platformLink to Izzy's First Show on this platformSupport the showDigital Editing / Podcast Guests Inquiries, email PodcastsByLanci@Gmail.comAdventure by MusicbyAden | https://soundcloud.com/musicbyadenHappy | https://soundcloud.com/morning-kuliSupport the showIf you enjoyed this week's show, click the subscribe button to stay current.Listen to A Mental Health Break Episodes hereTune into Writing with Authors here

Join Lois Houston and Nikita Abraham, along with special guests Nancy Kramer and Betina Tagle from Oracle's corporate security organization, as they discuss the steps you can take to evaluate your organization's security, privacy, and compliance requirements using Oracle Cloud Infrastructure. They also talk about the resources that are available to help you do so.   Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community Subscribe to Security Updates: https://www.oracle.com/security-alerts/ Oracle Trust Center: https://www.oracle.com/trust/ OCI CAIQ: https://www.oracle.com/corporate/security-practices/cloud  LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Twitter: https://twitter.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, and the OU Studio Team for helping us create this episode.   --------------------------------------------------------   Episode Transcript:  00;00;00;00 - 00;00;38;16 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. Hello and welcome to the Oracle University Podcast. I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Product Innovation and Go to Market Programs.   00;00;38;20 - 00;01;01;13 Hi there. In today's special episode, we're going to talk about all the steps you can take to evaluate your organization's security, privacy, and compliance requirements using Oracle Cloud Infrastructure. We'll also explore some of the resources that are available to help you do so. And to tell us all about it, we're joined by two guests from Oracle's corporate security organization.   00;01;01;16 - 00;01;32;25 Nancy Kramer is a Senior Director in Global Information Security. She has 20 years of experience in risk management, security, privacy, and compliance audits involving complex business processes and IT systems. She also provides thought leadership, including engagement with industry organizations. Dr. Betina Tagle is also with Global Information Security. She has over 20 years of experience with cybersecurity and compliance in both the private and public sector.   00;01;32;27 - 00;01;52;26 Thank you so much, Nancy and Betina, for being with us today. Yes, this is such an important topic to learn more about. I'm really interested in what you have to share with us. Thank you so much for having us. We are delighted to help our customers learn more about how to securely reap the benefits of cloud. Thanks for this opportunity, Niki and Lois.   00;01;52;28 - 00;02;25;26 As organizations adopt cloud services, they're seeking guidance on evaluating cloud service providers. Our goal is to offer helpful insights on the approach. Let's start with setting some context. What kind of challenges do organizations face in their cloud adoption journey? Organizations continue to migrate business-critical applications and workloads to the cloud. The benefits are compelling. Leveraging the cloud lets organizations focus on their core mission and minimize capital expenditure.   00;02;25;29 - 00;03;08;09 With cloud services, organizations still own their data while leveraging the expertise, economy of scale, technical flexibility, and scalability offered by their cloud providers. When organizations are considering their cloud strategy, they need to consider their security, privacy, and compliance objectives from internal and external sources, compiling their requirements for the cloud service providers. For example, external requirements may include applicable laws and regulations based on the organization's location, their customer location, industry, or the type of data they process.   00;03;08;12 - 00;03;50;02 Organizations would benefit from a thorough analysis of the regulatory environment by their legal team. Internal requirements may be defined by the organization's Board of Directors, CEO, CISO, and other executives, as well as internal policies and contractual commitments to their customers. Oracle Cloud Infrastructure, or OCI, provides services, features, and documentation resources to support these customer obligations. Oracle University and OCI also offer helpful courses to guide customers through securing their cloud tendencies using various OCI features and services.   00;03;50;03 - 00;04;22;19 I want to come back to those courses later, but first, who does what in the cloud? Which operational technology management tasks are handled by the cloud provider and which are the customer's responsibility? I think it will help if I start by defining the categories of Oracle offerings and summarizing who does what per category. This will clarify the notion of the shared management model that is predominant in the cloud as well as the relative scope of available security assurance validations.   00;04;22;22 - 00;04;57;08 OCI services can be used to build and operate computing environments, which include data analysis, storage, system integrations, enterprise workloads, and cloud native or containerized applications. Oracle manages the hosted tools, but the customer is responsible for how they build, configure, and use these tools, and for the data processed in their tenancies. Some examples of OCI services are compute and autonomous database.   00;04;57;10 - 00;05;30;11 Exactly right, Betina. In contrast, cloud applications are hosted using a Software as a Service or SaaS model in which the cloud provider, such as Oracle, manages the cloud applications and the underlying infrastructure. Customers are responsible for how they configure and use these SaaS applications and for the data processed in their cloud tendencies. Examples of these services include Enterprise Resource Planning, ERP, and Human Capital Management, or HCM.   00;05;30;13 - 00;05;59;11 Customers are also responsible for securing any third-party integration associated with these SaaS offerings, as well as any custom code extension scripts that they add to the applications. Let me highlight the differences a bit more in relation to the traditional on-premises model where companies such as Oracle provide hardware and software that customers install, deploy, and manage in their own computing environments.   00;05;59;13 - 00;06;25;23 The customer is wholly responsible for the management of the entire technology environment in which those products are deployed and operated, as well as the data they process. That makes sense. Right, Lois. And Oracle strongly recommends that customers protect the computing environment they manage by installing security updates delivered through the Critical Patch Update, CPU, and Security Alert programs without delay.   00;06;25;26 - 00;06;59;08 Customers can view and even subscribe to notifications about these security updates at oracle.com/security-alerts. Just to summarize, cloud providers are responsible for the security of the cloud, and customers are responsible for security in the cloud. They still decide on what data to process, where, and how. No matter what type of cloud service, OCI or SaaS, customers should still do the following.   00;06;59;08 - 00;07;34;01 Implement settings for authentication and authorization per their security and privacy requirements for accounts and passwords. Manage access for user accounts, including auditing which user accounts have access to what data. Monitor the available logs and reports, and respond to security events as well as determine what data to process and manage that data per their organization's security and privacy objectives. And you're going to be joining us in the Oracle University Learning Community soon for a special live event to talk about all of this in more detail, right?   00;07;34;02 - 00;07;57;13 Yes, we are. We are so excited to talk to everyone in the community. We're going to look at this topic in-depth in the special live event that is scheduled for June 29th. We will walk you through a tour of relevant resources on oracle.com so you can make sure to plan ahead and attend. And you'll need to be a member of the community if you want to attend.   00;07;57;14 - 00;08;17;13 So be sure you join and register for the event today. If you're not already a member of the community, you can sign up by visiting mylearn.oracle.com. You'll find all the live events, including the one Nancy and Betina will be hosting, on the community home page. So Betina, how can people see a preview of those oracle.com resources?   00;08;17;14 - 00;08;52;08 Oracle offers a wealth of security and cloud compliance information on the Oracle Trust Center found at oracle.com/trust. The site includes Oracle Corporate security practices, the cloud compliance site of third-party independent attestations to various global and regional compliance frameworks, and the Oracle Security blog. You can view the independent third-party certifications for OCI in the Trust Center by clicking the Attestations link under the Cloud Compliance heading.   00;08;52;10 - 00;09;22;06 Please note that each attestation is scoped to a particular set of cloud services and data center regions. Clicking on a compliance framework name retrieves a general description and the link to the entity providing the compliance framework. Some examples of global compliance frameworks include ISO 27001, SOC 2, Cloud Security Alliance Star, and Payment Card Industry Data Security Standards or PCI DSS.   00;09;22;08 - 00;09;45;23 This site also includes geography-specific standards, such as US FedRAMP, UK CyberEssentials, European Union Cloud Code of Conduct for Privacy, and IRAP for Australia. Obviously, this information is subject to change and is updated frequently.   00;09;45;25 - 00;10;11;16 Want to learn more about modern best practices for cloud applications? Oracle University offers business processes training for Human Capital Management, Financials, Customer Experience, Supply Chain, and Procurement. From now through August 31st, you can take the training for any of these areas and get certified for free as well. Oracle Cloud training and certifications empower you to explore limitless possibilities in the cloud landscape.   00;10;11;17 - 00;10;29;10 Gain the knowledge and skills needed to design, deploy, secure, and operate modern cloud infrastructure and applications with confidence. Go to education.oracle.com for more details. What are you waiting for? Get certified today.   00;10;29;12 - 00;11;04;29 Welcome back. Let's say there's a customer who wants to view OCI compliance attestations. I know they can always contact Sales to get these audit reports, but are there any self-service options? Yes. OCI customers can download OCI attestations of compliance to various compliance frameworks, including global information security standards, via the OCI Console and the Compliance Documents screen. There are multiple types of compliance documents available depending on the compliance framework or standard.   00;11;05;02 - 00;11;50;21 These include audit reports, attestations of compliance, and certificates of compliance. While logged in to the OCI Console for your tenancy, open the navigation menu. Click Identity and Security from the left menu that appears and then click Compliance on the screen that appears. The Compliance Documents page displays all available documents. You can filter, sort, and download the compliance documents of interest from this page via the command line interface and using the OCI API. Instructions for accessing compliance documents are also in the OCI product documentation at docs.oracle.com.   00;11;50;21 - 00;12;20;04 Thanks, Betina. That's great to know. Nancy, what else does Oracle offer to help our customers secure their cloud workloads running on OCI? I can offer two additional recommendations. The first is to take advantage of the in-depth OCI courses available through Oracle University. The OCI learning subscription includes introductory as well as expert-level courses.   00;12;20;06 - 00;12;59;02 To get started, there's an OCI Foundations learning path that describes the types of services OCI offers, has some basic recommendations for configuring your tenancy so that you meet your organization's security and privacy and compliance objectives. There are some key terminology you'll be introduced to in that learning path, as well as recommendations for architecture that provide resilience and business continuity. For example, OCI regions typically have multiple availability domains which each, in turn, have multiple fault domains.   00;12;59;05 - 00;13;31;01 OCI designed these availability and fault domains to have redundant systems so that a disruption of service in one availability domain does not result in a disruption to all availability domains in that region. These kinds of architectural and system design choices will help organizations avoid disruption of their operations when using systems running in OCI. A more advanced Oracle University offering is the Cybersecurity and Oracle Cloud learning path.   00;13;31;03 - 00;13;58;21 This group of courses explains the various OCI services that can be used to implement information security controls for identity management, networks, managing encryption keys, network firewalls, vulnerability scanning, compartment management practices, and so much more. And all of our OCI training in MyLearn is available free to anyone. So, there are really no barriers to learning if you're interested in diving in.   00;13;58;23 - 00;14;36;09 Those are some great course recommendations, Nancy and Bettina. So, Nancy, you said you had two recommendations. What's the other one? My second suggestion is for customers to evaluate the suitability of OCI cloud services by downloading and reading the detailed information about security practices from oracle.com. Oracle published Consensus Assessment Initiative Questionnaires, also called CAIQ or “CAKE” for various cloud services, including for OCI. CAIQs are industry-standard questionnaires from the Cloud Security Alliance.   00;14;36;12 - 00;15;11;14 That is a global organization which defined a set of controls companies can use to evaluate all types of cloud services to essential security controls in a fair and consistent manner. Each CAIQ answers several hundred questions, encompassing important information security control domains such as audit and assurance, application security, business continuity, change management, data center physical controls, human resources, identity and access management, incident management, and finally, threat and vulnerability management.   00;15;11;14 - 00;15;38;22 These publicly-available CAIQs encompass a broad set of information security policies and practices that are most relevant for cloud services. You can download the OCI CAIQ from oracle.com/trust by drilling down on the Security Practices for Cloud section. We will also add it in the show notes so that it's easily accessible.   00;15;38;25 - 00;16;07;16 Thank you, Betina and Nancy. This has been a very informative conversation. I had no idea about all the details that went into corporate security. I can't wait for the live tour of these oracle.com public resources in the Oracle University Learning Community on June 29th. We're very much looking forward to that event as well. Thank you so much for giving us a chance to share guidance about how organizations can evaluate the security, compliance, and privacy of cloud service providers.   00;16;07;18 - 00;16;31;02 We look forward to being back here again. We'd love that. Thanks again! In our next episode, we'll look at Oracle Machine Learning with Cloud Engineer Nick Commisso. Until then, this is Nikita Abraham and Lois Houston signing off. That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes.   00;16;31;04 - 00;19;04;01 We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

212:  In this episode of Sales Bluebird, we dive into the world of software supply chain security and the challenges it presents. Rubi Arbel, co-founder and CEO of Scribe Security, sheds light on the limitations of traditional application security solutions and introduces Scribe's innovative approach to software security using evidence collectors. We examine the importance of boldly positioning oneself in the market and engaging with the developer community through evangelists, open-source projects, and attending conferences. Additionally, we explore new US regulations coming into effect in 2023 and the impact they will have on the software security landscape. Tune in to this episode for a comprehensive overview of software supply chain security and how companies are taking steps to ensure trustworthy code.[00:05:05] "Startup Solves Software Supply Chain Trust Issues"[00:08:33] "Revolutionizing Software Security: An Evidence-Based Approach"[00:13:17] "Creating Secure Coding Policies for Production Success"[00:15:16] "Focus on Attestations and Provenance technology development"[00:16:16] "Securing Scribe: Responsibility and Collaboration Across Teams"[00:18:42] "Scribe: A Unique Software Supply Chain Platform"[00:20:09] "2023 Regulation Sparks Software Supply Chain Revolution"[00:25:02] "Software Supply Chain Security: The Future Standard"[00:34:19] "Scaling up Sales at the Right Time"[00:43:35] "Importance of Developer Engagement for Swipe"Scribe Security websiteRubi Arbel on LinkedInSupport the show

Welcome to the Accounting Influencers Podcast, going live every Monday to 150 countries and 30,000 accounting practitioners, fintech specialists and influencers in the accountancy, CPA and bookkeeping space.In today's episode, "The CFO-Accountant Relationship", host Rob Brown interviews guest Steve Rosvold, who shares his insights on the skills accountants need to develop to grow their firms. Rosvold emphasizes the importance of improving communication skills and developing insights beyond just financial statements. He believes accountants must become business advisors and compete with other companies by leveraging their unique insight into their clients' financial information.Rosvold also discusses the role of the CFO and how it can be a stepping stone to the CEO role. He shares his four pillars of CFO success: accounting, finance, treasury, and leadership. Rosvold details the accounting pillar covering governance and internal controls, recording transactions, and reporting accurate and timely financial statements.Overall, this episode is aimed at accountants looking to improve their skills and become more than just number crunchers. It provides valuable insights into the changing role of accountants in today's business landscape and how they can position themselves for success.You can also watch this on youtubeKey Takeaways➤ Accountants must improve their communication skills and develop insights beyond financial statements to become successful business advisors.➤ The CFO role is an exciting avenue for those interested in leading companies, and it's becoming a stepping stone to the CEO role.➤ Rosvold's four pillars of CFO success include accounting, finance, treasury, and leadership. The accounting pillar covers governance and internal controls, recording transactions, and reporting accurate and timely financial statements.➤ The partnership model can work well for public accountants and consulting companies today.➤ Emotional intelligence and managing the customer experience are crucial skills that accountants need to develop to compete with larger firms like McKinsey and Boston Consulting.➤ Attestations and audits will continue to be significant revenue streams for accountants, but they must also focus on becoming trusted business advisors to their clients.Guest BioSteve Rosvold is the Founder of CFO.University, a professional development platform for finance leaders built on the four pillars of CFO success: Accounting, Finance, Treasury, and Leadership. With 20 years of corporate finance leadership experience, he developed the ability to drive change, improve profitability, and ensure long-term financial health. Steve lives in Vancouver, WA, with his wife, and is an avid bicyclist who once pedaled 275 miles in one day. Learn more about CFO.University on their website.◣━━━━━━━━━━━━━━━━━━━━◢If you like the show, we'd truly appreciate a review on whatever platform you listen. We'd love to get to know you!Main show website. For access to every single show with full shownotes: https://accountinginfluencers.com/podcastFor announcements of published shows, tagging guest so you can build your network and offer feedback on the show: https://www.linkedin.com/company/accountinginfluencersFor videos of all podcast interviews and bonus video content: https://bit.ly/AI-youtubehttps://www.instagram.com/accinfluencershttps://twitter.com/accinfluencers

Hey everyone, Tom Raftery here, and I've got an amazing episode of the Digital Supply Chain podcast lined up for you! I had the pleasure of chatting with Jon Geater, Chief Product and Technology Officer at RKVST, about the ever-increasing need for security and trust in supply chains.During our conversation, we dove into the importance of integrity and transparency in digital supply chains and how companies can leverage technology to ensure a more secure and efficient process. Jon shared fascinating insights on how RKVST is helping businesses remove paper from the process and streamline information sharing.We also discussed the power of collaboration in supply chains, with Jon emphasizing the need to overlay a simple collaboration layer to improve efficiency without compromising security. He shared some valuable resources for those interested in learning more about secure digital supply chains, including the RKVST website (rkvst.com) and the Supply Chain Integrity, Transparency, And Trust (SCITT) group's site (scitt.org).Towards the end of our chat, we touched upon the motivation behind improving security and operational quality in digital supply chains, and Jon raised some thought-provoking questions about what will truly drive businesses to take control of their digital processes.You won't want to miss this episode, as Jon's expertise and passion for creating more secure and efficient supply chains shines through every minute. Check out the full episode, and don't forget to connect with Jon on LinkedIn to stay updated on his latest insights.And don't forget, the video version of this podcast is on YouTube at https://youtu.be/Ercc3ZUXUWAHappy listening!TomPodcast supportersI'd like to sincerely thank this podcast's generous supporters: Lorcan Sheehan Krishna Kumar Christophe Kottelat Olivier Brusle Robert Conway Alexandra Katopodis Alicia Farag Joël VANDI And remember you too can Support the Podcast - it is really easy and hugely important as it will enable me to continue to create more excellent Digital Supply Chain episodes like this one.Podcast Sponsorship Opportunities:If you/your organisation is interested in sponsoring this podcast - I have several options available. Let's talk!FinallyIf you have any comments/suggestions or questions for the podcast - feel free to just send me a direct message on Twitter/LinkedIn. If you liked this show, please don't forget to rate and/or review it. It makes a big difference to help new people discover it. Thanks for listening.

Noam Chomsky discusses the testimony of witnesses in cases and whether it can be helpful in averting miscarriages of justice.

Cette semaine, je reçois Emmanuel Poidevin, le fondateur et président d'e-Attestations. Emmanuel est un vrai entrepreneur et un vrai patron. Après 15 ans à développer son entreprise, il partage une foule d'apprentissage et d'expériences, avec une bonne dose d'humour.  Le résultat ? Une conversation à batons rompus, où Emmanuel me raconte :

Retrouvez en podcast un "teasing" de l'émission du lendemain avec Alain Azhar. Au micro de Capucine Trollion, le rédacteur en chef de "Ça peut vous arriver" vous dévoile certains des cas qui seront abordés par son équipe à l'antenne. Écoutez "Ça peut vous arriver", du lundi au vendredi de 09h00 à 12h00 sur RTL. Laissez votre message sur rtl.fr, au 3210 ou sur la page Facebook de l'émission.

This episode is sponsored by Nexo.io, NEAR and FTX US.    Tether has released its Q1 reserve attestations. On today's episode, NLW covers what many in the industry are seeing as positive shifts. He also looks at some recent regulatory news, including the SEC and CFTC increasing enforcement actions.  - Nexo is a secure crypto exchange and crypto lending platform. Buy 40+ hot coins with your bank card in seconds and swap between exclusive pairs for cashback. Earn up to 17% interest on your idle crypto assets and borrow against them for instant liquidity. Simple and secure. Head over to nexo.io and get started now.  - NEAR is a blockchain for a world reimagined. Through simple, secure, and scalable technology, NEAR empowers millions to invent and explore new experiences. Business, creativity, and community are being reimagined for a more sustainable and inclusive future. Find out more at NEAR.org. - FTX US is the safe, regulated way to buy Bitcoin, ETH, SOL and other digital assets. Trade crypto with up to 85% lower fees than top competitors and trade ETH and SOL NFTs with no gas fees and subsidized gas on withdrawals. Sign up at FTX.US today. - Consensus 2022, the industry's most influential event, is happening June 9–12 in Austin, Texas. If you're looking to immerse yourself in the fast-moving world of crypto, Web 3 and NFTs, this is the festival experience for you. Use code BREAKDOWN to get 15% off your pass at www.coindesk.com/consensus2022. - “The Breakdown” is written, produced by and features Nathaniel Whittemore aka NLW, with editing by Rob Mitchell, research by Scott Hill and additional production support by Eleanor Pahl. Jared Schwartz is our executive producer and our theme music is “Countdown” by Neon Beach. The music you heard today behind our sponsors is “Catnip” by Famous Cats and “I Don't Know How To Explain It” by Aaron Sprinkle. Image credit: wsmahar/Getty Images, modified by CoinDesk. Join the discussion at discord.gg/VrKRrfKCz8.   

Will the attestations be enough to calm Tether's critics?This episode is sponsored by Nexo.io, NEAR and FTX US. Tether has released its Q1 reserve attestations. On today's episode, NLW covers what many in the industry are seeing as positive shifts. He also looks at some recent regulatory news, including the SEC and CFTC increasing enforcement actions. -Nexo is a secure crypto exchange and crypto lending platform. Buy 40+ hot coins with your bank card in seconds and swap between exclusive pairs for cashback. Earn up to 17% interest on your idle crypto assets and borrow against them for instant liquidity. Simple and secure. Head over to nexo.io and get started now. -NEAR is a blockchain for a world reimagined. Through simple, secure, and scalable technology, NEAR empowers millions to invent and explore new experiences. Business, creativity, and community are being reimagined for a more sustainable and inclusive future. Find out more at NEAR.org.-FTX US is the safe, regulated way to buy Bitcoin, ETH, SOL and other digital assets. Trade crypto with up to 85% lower fees than top competitors and trade ETH and SOL NFTs with no gas fees and subsidized gas on withdrawals. Sign up at FTX.US today.-Consensus 2022, the industry's most influential event, is happening June 9–12 in Austin, Texas. If you're looking to immerse yourself in the fast-moving world of crypto, Web 3 and NFTs, this is the festival experience for you. Use code BREAKDOWN to get 15% off your pass at www.coindesk.com/consensus2022.-“The Breakdown” is written, produced by and features Nathaniel Whittemore aka NLW, with editing by Rob Mitchell, research by Scott Hill and additional production support by Eleanor Pahl. Jared Schwartz is our executive producer and our theme music is “Countdown” by Neon Beach. The music you heard today behind our sponsors is “Catnip” by Famous Cats and “I Don't Know How To Explain It” by Aaron Sprinkle. Image credit: wsmahar/Getty Images, modified by CoinDesk. Join the discussion at discord.gg/VrKRrfKCz8.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

What's your favorite pizza topping? Knowledge based authentication is not really knowledge, and not really authentication. In this week's State of Identity, host, Cameron D'Ambrosi is joined by Alex Shockley, President & Co-Founder of Journey, to discuss identity as the cornerstone of a better contact center. In this episode, you'll learn how a zero knowledge identity network can solve for security, privacy, and customer experience simultaneously.

Minister:Rev. Kenneth WieskeTexts:Heidelberg Catechism: Lord's Day 30

https://bennettftomlin.com/2021/07/17/a-history-of-tether-and-bitfinexs-audits-attestations-memos-and-letters-both-promised-and-actual/ Amidst all the confusion surrounding Tether and Bitfinex it can be difficult to keep track of what they have actually provided in terms of audits, attestations, and other documents to support their contentions. Here I will summarize, but the important note that needs to be included at the top is that both Bitfinex and Tether once hired an auditor, but neither ever completed the audit. Ever since Tether was founded they have promised to provide a full financial audit. It feature prominently in their whitepaper and on their website for years. They have never provided this audit, but have provided a variety of other documents meant to convince the public that they had sufficient backing for the tethers in circulation. In March of 2015 Tether and Factom announced (archive) they had formed a partnership to provide greater transparency into Tether's holdings. The partnership never provided any additional transparency into Tether or its operations. In August of 2016 Bitfinex promised (archive) to provide a full financial and security audit after they were hacked. They initially announced that Ledger Labs was hired to perform both. No audit from Ledger Labs was ever released. This was likely in part due to the fact that Ledger Labs was not able to provide financial audits. In May of 2017 Bitfinex announced (archive) they had engaged Friedman LLP out of New York to audit them. As of today in 2021 we have yet to get an update from Bitfinex on the status of this audit. In September of 2017 Tether announced (archive) that they had engaged Friedman LLP out of New York to audit them. This audit would never occur, we would eventually get an update from a Tether spokesperson saying the relationship dissolved, citing the “excruciatingly detailed procedures”(archive) that the auditor wanted to undertake. Also in September of 2017 Tether released from previous attestations from a small accounting firm in Taiwan called TOPSUN. These were monthly attestations attesting to Tether having sufficient backing for the end of the month from December 2016 through March 2017. Strangely these were not completed at the end of the respective months but were all completed on May 23rd 2017. (Strangely approximately two weeks after they announced that Friedman had been brought on to audit Bitfinex) Read more... https://bennettftomlin.com/2021/07/17/a-history-of-tether-and-bitfinexs-audits-attestations-memos-and-letters-both-promised-and-actual/

017_La 2nde Source_Le 1er Degré l'Islam_Les deux Attestations by Xam Sa Dine

Le gouvernement préconisait bien les attestations pour 21 millions de Français puis rétropédale : nécessité sanitaire ou retour en Absurdistan ?

L'Union européenne doit présenter demain son projet de pass sanitaire … En quoi ça va consister Katell … et à quoi ça va servir ? Ca devrait servir de sésame cet été pour voyager en Europe et rouvrir les frontières … Donc c'est assez tentant ! Tu l'as dit ce serait un pass sanitaire et pas un pass vaccinal … Le vaccin n'est pas obligatoire en Europe et en plus pour l'instant il n'y a pas assez de doses pour tout le monde donc on ne peut pas éditer un passeport vaccinal … Et dire toi tu es vacciné tu peux prendre l'avion … tu peux aller au resto … toi tu ne l'es pas donc tu restes chez toi … Ce serait de la discrimination ! Le pass sanitaire donc … qui s'appellera "certificat vert numérique" … indiquera donc si vous avez éte vacciné mais également les résultats de vos tests PCR … négatifs … ou encore des attestations de rétablissement. Attestations qui diront que vous avez attrapé le Covid mais que ça va mieux et que surtout vous n'êtes plus contagieux …

Impertinent et inimitable, Nicolas Canteloup passe l’info à la moulinette de sa revue de presque sur Europe 1.

durée : 00:06:10 - Le 7H50 l'invité de la rédaction - La députée du Gard Annie Chapelier ne signera plus d'attestations de sortie. Elle s'en explique dans le 7H50 de France Bleu Gard Lozère.

A description of the "attestation" that have to be filled out or downloaded while in quarantine in France. Un petit résumé des différentes attestations COVID pour connaître le vocabulaire.

Alors qu'Emmanuel Macron doit prendre la parole dès la semaine prochaine pour annoncer les étapes de "l'allégement" des mesures sanitaires, en vigueur pour lutter contre le Covid-19, le gouvernement travaille à plusieurs pistes. Les dates du 1er décembre, pour la réouverture de certains commerces et du 20 décembre, pour la fin des attestations, sont évoquées, ainsi qu'une modification de la politique d'isolement des cas positifs.

L'impact psychologique du confinement : débat avec Françoise Degois, Élisabeth Lévy et Éric Revel

Alors qu'Emmanuel Macron doit prendre la parole dès la semaine prochaine pour annoncer les étapes de "l'allégement" des mesures sanitaires, en vigueur pour lutter contre le Covid-19, le gouvernement travaille à plusieurs pistes. Les dates du 1er décembre, pour la réouverture de certains commerces et du 20 décembre, pour la fin des attestations, sont évoquées, ainsi qu'une modification de la politique d'isolement des cas positifs.

Pour vous aider, vous trouverez ci-dessous les moyens d’avoir l’attestation nécessaire à un déplacement. Pour le déplacement professionnel, Adrexo vous délivrera une attestation nominative signée du directeur général, vous permettant de justifier vos trajets professionnels [...] L’article Attestations nécessaires pour circuler et travailler est apparu en premier sur Syndicat C.A.T. ADREXO.

Impertinent et inimitable, Nicolas Canteloup passe l’info à la moulinette de sa revue de presque sur Europe 1.

Richard Fremder, rédacteur en chef adjoint de CFO Radio.TV, Jacques Potdevin, Président de JPA International et Frédéric Zablocki, CEO d’Entrepreneur Invest reçoivent Emmanuel Poidevin, Président de e-Attestations.com. 

Interview de Claude Bertoncini, médecin et président des pédiatres vaudois au sein de la Société vaudoise de médecine.

A partir de lundi vous n’aurez plus à remplir une attestation à chaque sortie de votre domicile pour les courses, une simple balade ou un jogging. Mais cela ne veut pas dire pour autant la fin des contrôles. Plusieurs nouvelles règles font leur apparition pour régir vos déplacements dans les transports en commun et à plus de 100 km de votre domicile.

durée : 00:03:00 - C'est mon boulot - par : Philippe DUPORT - Suite aux dernières annonces d'Edouard Philippe sur le plan de déconfinement mis en place à partir du lundi 11 mai, on comprend mieux ce qui concerne le monde du travail.

Sommaire #LeMugNowtech 121 : 03:00 Le Kawa 05:00 Confinement et attestation sur smartphone 05:30 Non, les opérateurs ne vont pas limiter l’accès à Netflix 08:00 Appel amende de 1,1 milliard d'euros 09:00 Microsoft Teams n’a pas résisté au télétravail 10:00 Retour de Popcorn Time 13:00 Apple présente un nouvel iPad Pro 14:00 Netflix va réduire ses débit en Europe 23:00 Interdiction des attestations sur smartphone 43:00 Logitech : claviers avec pavé tactile 50:00 Coronavirus : sortie VOD plus tôt 52:00 Coronavirus : Amazon et ses salariés 1:01:00 Concours Shadow 1:04:00 La tartine de Jérôme : Coronavirus : on va en rire quand « meme » 1:15:00 Les corn FAQ --- Send in a voice message: https://anchor.fm/nowtechlive/message

Shadow sponsor de l’émission : https://shadow.tech/ - Code parrainage et promo : NOWTECH2020 1 mois de Shadow à gagner toutes les semaines ► Pour participer : 1 - Suivez le twitter @shadow_France 2 - Postez un tweet "Je veux gagner un #ShadowPC avec #LeMugNowtech pour jouer à ................." (ou utiliser un logiciel si c'est pas un gamer) ► Annonce du gagnant le vendredi sur la chaîne principale : https://www.youtube.com/nowtech ●♦● SOUTENEZ LA CHAÎNE ●♦●►En contribuant financièrement : https://www.tipeee.com/nowtechtv A partir de 2€/mois, vous avez accès aux lives privés et à partir de 4€/mois à notre forum privé sur Slack... ►En devenant Sponsors de la chaîne principale : https://www.youtube.com/channel/UCVwG9JHqGLfEO-4TkF-lf2g/join Sommaire #LeMugNowtech 121 : 03:00 Le Kawa 05:00 Confinement et attestation sur smartphone 05:30 Non, les opérateurs ne vont pas limiter l’accès à Netflix 08:00 Appel amende de 1,1 milliard d'euros 09:00 Microsoft Teams n’a pas résisté au télétravail 10:00 Retour de Popcorn Time 13:00 Apple présente un nouvel iPad Pro 14:00 Netflix va réduire ses débit en Europe 23:00 Interdiction des attestations sur smartphone 43:00 Logitech : claviers avec pavé tactile 50:00 Coronavirus : sortie VOD plus tôt 52:00 Coronavirus : Amazon et ses salariés 1:01:00 Concours Shadow 1:04:00 La tartine de Jérôme : Coronavirus : on va en rire quand « meme » 1:15:00 Les corn FAQ #LeMugNowtech est une émission quotidienne qui parle de technologie. C'est une revue de presse des meilleurs articles que nous retenons pour nos Flipboards. Elle est enregistrée en Live à 08h00 (heure de Paris) tous les matins de la semaine. #LeMugNowtech du lundi au jeudi sur la chaîne live : https://www.youtube.com/c/NowtechLive et le vendredi sur la chaîne principale : https://www.youtube.com/nowtech ●♦● ABONNEZ-VOUS à nos chaînes ●♦● ►Nowtech Live : http://bit.ly/2weGg0f Revue de presse Tech, Unboxings, reportages, Q&A etc... ►Nowtech : http://bit.ly/19lUGZZ Tests vidéo d'applications mobiles et tech. ●♦● SOUTENEZ LA CHAÎNE ●♦●►En contribuant financièrement : https://www.tipeee.com/nowtechtv A partir de 2€/mois, vous avez accès aux lives privés et à partir de 4€/mois à notre forum privé sur Slack... ►En devenant Sponsors de la chaîne principale : https://www.youtube.com/channel/UCVwG9JHqGLfEO-4TkF-lf2g/join ►Lien uTip Nowtech : https://utip.io/nowtech ►En devenant bénévole : benevoles.nowtech@gmail.com ►D'autres façons de nous soutenir : http://nowtech.tv/soutenir-nowtechtv/ ↓ PLUS D'INFOS ↓ ------------ Nos Flipboards --------------------------------------------------------- ►nowtech.tv : https://flipboard.com/@jkeinborg/nowtechtv-ogcbmgbby ►SHOOT : https://flipboard.com/@jkeinborg/nowtechtv-shoot-p3e5vba1y ------------ Suivez NowTech ---------------------------------------------------- ►Lien Instagram de Jérôme : https://www.instagram.com/jerome_nowtech/ ►Twitter : https://twitter.com/NowTechTV ►Facebook : https://www.facebook.com/Nowtechtv ►Site Web : http://nowtech.tv ►Discord Nowtech Gaming : http://bit.ly/discordnowtech ►►► EN LIVE tous les matins sur la Chaîne ! Nowtech, chaîne indépendante de tests d'applications mobile et de Tech, est présentée par des passionnés qui partagent leurs avis, astuces et conseils. L'idée derrière Nowtech, c'est de vous offrir des tests soignés et divertissants, pas forcément liés à l'actualité et aux nouveautés, mais avec un vrai ton « homemade ». Nous pensons fondamentalement qu'il est important, en tant que consommateurs, qu'un maximum de personnes s'expriment sur les produits et nous avons voulu apporter notre pierre à l'édifice.

HodlCast Episode 54 with Kara Haas, CPA (twitter: @dividebynine) - Kara is a Certified Public Accountant, Certified Fraud Examiner and Certified Information Technology Professional. She's also an amazing writer and regular contributor to the Henry Raines show. We discuss Tether and other stable coins, the possible motivation behind the Binance Stable Coin basket, the difference between Audits & Attestations, what she is seeing in when she looks at the exchanges wallets, and what all of it mean could mean for the price of bitcoin.

Every thing will lead to the answer to the question - what is truth? We will consider all things, other avb questions, avb attestations & testimonies. It will be an exciting hour.

Pharmacy Compliance Guide Attestations & Certifications  Every fall we hear the PBMs sending out requests for Attestations for Fraud, Waste and Abuse and HIPAA Compliance. Why do they all keep asking for the same information? When Medicare Part D came into play, the Pharmacy Benefit Managers were given the regulatory authority to manage the Medicare Part D program. Part of this program was ensuring pharmacies were properly training their staff. It initially started with annual: Fraud, Waste & Abuse Training, OIG Exclusion Verification, and HIPAA Compliance Training Then each fall, everyone had to attest they accomplished these requirement for Medicare Part D. Unfortunately, a lot of pharmacies and organizations signed off of the attestations and really didn’t do it.   The attestation is a legal statement where the individual, the pharmacy owner and/or the pharmacist-in-charge was legally attesting they were accomplishing the training and had no documentation to support their claim. Legally this was a false claim under Medicare Part D and the PBM can and did recoup all Part D reimbursements from the pharmacy, which was devastating.   The PBMs then added to their requirements over the years making them sticker and more over bearing. Most especially is the OIG Exclusion verification requirement. Only pharmacy in all of health care must accomplish this task every month. It started with just one database, the Office of Inspector General, then were added the General Services Administration (GSA) and the Systems for Award Management (SAM). The GSA and SAM have publicly merged into one, but as of today, we are still receiving a database from each of them. In addition, individual states are developing their own exclusion lists that must be checked. There is no standard for the lists. Some are managed by the health departments, others by the Attorney General or the Treasury Department.   Jeff, let’s break these requirements down. What is involved with the Fraud, Waste and Abuse requirement besides the OIG Exclusion? Fraud, Waste and Abuse really is not hard to comply with. It is having established policies and procedures and training. However, when someone gets in trouble with the government with stealing money through claims or misleading patients, the Fraud, Waste and Abuse processes is where all of the federal penalties come from. There are ten (10) basic policies and procedures from Fraud Waste and Abuse Prevention, Anti-Kickback, Conflict of Interest, False Claims, Whistleblower Protection and General Compliance. When you look at these policies and procedures, they are mostly common sense. Bill for what you dispense and treat patients like they are your family. There are several methods of training. CMS has training modules and like all things created by the government and their lawyers it is complicated. To use these training modules, each employee logs into the CMS system, establishes a user name and password, then embarks on a one-hour on-line training session, with on-tests along the way. When the employee has the completed the training, he or she will have a CMS training certificate for Fraud, Waste and Abuse with General Compliance. There are several problems with this training: Who has the time and the computers to have each employee to spend one hour going through the training program? In the statute Title 42 C.F.R. 422.504(B)(4)(vi) and the Medicare Prescription Drug Benefit Manual, Chapter 9, you are to train on the pharmacy’s policies and procedures, which the CMS Module does not do meet There is no requirement for a test We covered the OIG/GSA/SAM verification above, however, most people have the opinion the OIG check is only for employees. This is not correct. The statutes specifically states: “Any individual or entity that has been convicted…”   Jeff, I never heard this before, so what is an entity? The best definition I have been able to define is: a HIPAA Business Associate and any vendor you purchase a product from that you then dispense to a Medicare or Medicaid patient. It also includes: 1099 employees, part-time employees and contractors. So the question is are you verifying these entities? CVS/Caremark is checking this on their on-site inspections.   So what is the HIPAA requirement? HIPAA has been around since 2003. We had a podcast earlier this year on HIPAA breaches and desk audits. If you haven’t listen to it. It is quite important. HIPAA requires all health care providers and Business Associates to have a HIPAA Privacy and Security policies and procedures. Annual training on these policies occurs on how HIPAA relates to your operations. Our listeners will primary need privacy training on interactions with their patients and their requests, handling Protected Health Information and most importantly what to do when a breach occurs. Jeff, I remember the podcast on HIPAA Breaches. That was one of the most informative podcasts we have had and if you don’t do anything when they occur will lead to millions in finds.  So I understand there was a new requirement added this year to attestations. Yes, Cultural Awareness Training. This was originally part of the Affordable Care Act but it was struck down by the federal courts in November 2016. But Humana and CVS/Caremark brought it back to life. This is a training to ensure the pharmacy and the staff understand the culture of your patients and the language skills if they can’t speak English. My biggest concern with this added requirement for community independent pharmacies is we all live in our communities. We know our communities. If there are a second or third language in the neighborhood, we hire staff who speak these languages. We understand the local customs and cultures. Why would anyone offend your patients, who would then go to your competitor? That might make sense inside the Washington Beltway or an insurance company board room, but not in an independent pharmacy.   Now let’s talk about Credentialing. What is it and why do we have to deal with it. Credentialing is simply the validation of the attestations. These normally start in late January. The PBMs want to see proof. These are mostly completed on-line or via fax. However, CVS/Caremark and OptumRx are doing follow-up on-side inspections. Each PBM has their own list of items to send in or provide the on-site auditor: Fraud, Waste and Abuse training certificate or Log I recommend only sending the Pharmacist in charge, not the entire staff HIPAA training certificate or log I recommend only sending the Pharmacist in charge, not the entire staff Specific pharmacy operational policies and procedures Pharmacy licenses Pharmacist-In-Charge License Other miscellaneous requests All in the effort to validate the attestation that was submitted in the fall were correct   Does anyone look at these documents? Good question. There are 26,000 plus independent pharmacies submitting documentation. Just the volume of documents is huge. The server size to store the data year after year will be in the terabytes. But I do know they do a random checks.   Are there any penalties? Yes, if you falsify an attestation, the pharmacy is in jeopardy of losing all Part D reimbursements for the period or year in question. Plus the pharmacy is in breach of contract and will be drop from the contract. It really can’t get much worse than that.   OK, what was this NCPDP credentialing about in August? This has been on my radar. I met with NCPDP in 2016 about this project and then again at the NCPA convention in Orlando this year. NCPDP developed a platform to help pharmacies report one time, rather than multiple times each year. The concept is good. But there are challenges and concerns. First, the development was with chain pharmacies with no independent involvement. The reason was NCPDP had a massive test pool with the same organizations. It’s logical, but there are more independents than chain pharmacies. This program works with the PBMs but not with the PSAOs who still are requesting the same information. So it does reduce the amount of reporting. Now my major concern is NCPDP is sharing the information they are collecting with different organizations. They are updating your NPI information. OK, that is good. But they are also sending it to the National Supplier Clearinghouse. Here is the concern. If the data submitted to NCPDP differs from the CMS 855S Medicare Enrollment Application, NSC’s process is to deactivate the PTAN. If you catch it right away, the pharmacy can re-activate the PTAN with no issue. However, if the pharmacy does not catch it because they are not reconciling their reimbursements on a weekly basis and PTAN is deactivated for a period of time, the pharmacy must reactivate their PTAN from scratch. If the pharmacy had “Exempt” status, depending on the length of time, the pharmacy loses the exemption and they must start over with accreditation to continue to dispense DMEPOS products. I have seen this done already. It is as simple as changing your hours of operation, updating the NCPDP credentialing website and not updating your Medicare 855S and your PTAN is deactivated. This is a very costly error that no one thought about.   Jeff, how can you prevent that from happening? Don’t let just anyone complete these attestations and credentialing documents. Complete them all the same way, every time. Keep copies so you are consistent. Always know what your CMS 855S Medicare Enrollment Application states. When a change is made on the NCPDP website, make the same change on the CMS 855S application.   Is there anything else the pharmacies need to be aware of for Credentialing? Yes, one very important item. Continuous Quality Improvement Certificates are required for Medicare Part D. Every pharmacy is required to have a Continuous Quality Improvement (CQI) program. The CQI certificate is generated by an organization certifying the pharmacy has an active CQI program. This is normally through a Patient Safety Organization. We talked about a PSO on our last podcast with the Alliance for Patient Medication Safety. We can see the PBMs looking at the CQI certificates more closely in 2018. For my clients, make sure you continue with the PQC+ entries so you can pull the CQI certificates when these requests start in January and February. If you are not sure if you have a CQI program or how to get your CQI certificate, the process is not a week or two quick fix program. There are a number of items that are required to be completed. Check out our last podcast on Patent Safety. There are not a lot of organizations talking about these subjects, especially the CQI programs and certificates. I keep my podcast factually based, but on the Continuous Quality Improvement program, certificates and enrollment with a patient safety organization, this is part of our standard pharmacy compliance program that we offer. To my knowledge, no other consulting firm offers these services.   Jeff, so wrapping up, on our conversation today, you always bring items to us that no one is talking about. See omnystudio.com/listener for privacy information.

Pharmacy Compliance Guide Attestations & Certifications  Every fall we hear the PBMs sending out requests for Attestations for Fraud, Waste and Abuse and HIPAA Compliance. Why do they all keep asking for the same information? When Medicare Part D came into play, the Pharmacy Benefit Managers were given the regulatory authority to manage the Medicare Part D program. Part of this program was ensuring pharmacies were properly training their staff. It initially started with annual: Fraud, Waste & Abuse Training, OIG Exclusion Verification, and HIPAA Compliance Training Then each fall, everyone had to attest they accomplished these requirement for Medicare Part D. Unfortunately, a lot of pharmacies and organizations signed off of the attestations and really didn't do it.   The attestation is a legal statement where the individual, the pharmacy owner and/or the pharmacist-in-charge was legally attesting they were accomplishing the training and had no documentation to support their claim. Legally this was a false claim under Medicare Part D and the PBM can and did recoup all Part D reimbursements from the pharmacy, which was devastating.   The PBMs then added to their requirements over the years making them sticker and more over bearing. Most especially is the OIG Exclusion verification requirement. Only pharmacy in all of health care must accomplish this task every month. It started with just one database, the Office of Inspector General, then were added the General Services Administration (GSA) and the Systems for Award Management (SAM). The GSA and SAM have publicly merged into one, but as of today, we are still receiving a database from each of them. In addition, individual states are developing their own exclusion lists that must be checked. There is no standard for the lists. Some are managed by the health departments, others by the Attorney General or the Treasury Department.   Jeff, let's break these requirements down. What is involved with the Fraud, Waste and Abuse requirement besides the OIG Exclusion? Fraud, Waste and Abuse really is not hard to comply with. It is having established policies and procedures and training. However, when someone gets in trouble with the government with stealing money through claims or misleading patients, the Fraud, Waste and Abuse processes is where all of the federal penalties come from. There are ten (10) basic policies and procedures from Fraud Waste and Abuse Prevention, Anti-Kickback, Conflict of Interest, False Claims, Whistleblower Protection and General Compliance. When you look at these policies and procedures, they are mostly common sense. Bill for what you dispense and treat patients like they are your family. There are several methods of training. CMS has training modules and like all things created by the government and their lawyers it is complicated. To use these training modules, each employee logs into the CMS system, establishes a user name and password, then embarks on a one-hour on-line training session, with on-tests along the way. When the employee has the completed the training, he or she will have a CMS training certificate for Fraud, Waste and Abuse with General Compliance. There are several problems with this training: Who has the time and the computers to have each employee to spend one hour going through the training program? In the statute Title 42 C.F.R. 422.504(B)(4)(vi) and the Medicare Prescription Drug Benefit Manual, Chapter 9, you are to train on the pharmacy's policies and procedures, which the CMS Module does not do meet There is no requirement for a test We covered the OIG/GSA/SAM verification above, however, most people have the opinion the OIG check is only for employees. This is not correct. The statutes specifically states: “Any individual or entity that has been convicted…”   Jeff, I never heard this before, so what is an entity? The best definition I have been able to define is: a HIPAA Business Associate and any vendor you purchase a product from that you then dispense to a Medicare or Medicaid patient. It also includes: 1099 employees, part-time employees and contractors. So the question is are you verifying these entities? CVS/Caremark is checking this on their on-site inspections.   So what is the HIPAA requirement? HIPAA has been around since 2003. We had a podcast earlier this year on HIPAA breaches and desk audits. If you haven't listen to it. It is quite important. HIPAA requires all health care providers and Business Associates to have a HIPAA Privacy and Security policies and procedures. Annual training on these policies occurs on how HIPAA relates to your operations. Our listeners will primary need privacy training on interactions with their patients and their requests, handling Protected Health Information and most importantly what to do when a breach occurs. Jeff, I remember the podcast on HIPAA Breaches. That was one of the most informative podcasts we have had and if you don't do anything when they occur will lead to millions in finds.  So I understand there was a new requirement added this year to attestations. Yes, Cultural Awareness Training. This was originally part of the Affordable Care Act but it was struck down by the federal courts in November 2016. But Humana and CVS/Caremark brought it back to life. This is a training to ensure the pharmacy and the staff understand the culture of your patients and the language skills if they can't speak English. My biggest concern with this added requirement for community independent pharmacies is we all live in our communities. We know our communities. If there are a second or third language in the neighborhood, we hire staff who speak these languages. We understand the local customs and cultures. Why would anyone offend your patients, who would then go to your competitor? That might make sense inside the Washington Beltway or an insurance company board room, but not in an independent pharmacy.   Now let's talk about Credentialing. What is it and why do we have to deal with it. Credentialing is simply the validation of the attestations. These normally start in late January. The PBMs want to see proof. These are mostly completed on-line or via fax. However, CVS/Caremark and OptumRx are doing follow-up on-side inspections. Each PBM has their own list of items to send in or provide the on-site auditor: Fraud, Waste and Abuse training certificate or Log I recommend only sending the Pharmacist in charge, not the entire staff HIPAA training certificate or log I recommend only sending the Pharmacist in charge, not the entire staff Specific pharmacy operational policies and procedures Pharmacy licenses Pharmacist-In-Charge License Other miscellaneous requests All in the effort to validate the attestation that was submitted in the fall were correct   Does anyone look at these documents? Good question. There are 26,000 plus independent pharmacies submitting documentation. Just the volume of documents is huge. The server size to store the data year after year will be in the terabytes. But I do know they do a random checks.   Are there any penalties? Yes, if you falsify an attestation, the pharmacy is in jeopardy of losing all Part D reimbursements for the period or year in question. Plus the pharmacy is in breach of contract and will be drop from the contract. It really can't get much worse than that.   OK, what was this NCPDP credentialing about in August? This has been on my radar. I met with NCPDP in 2016 about this project and then again at the NCPA convention in Orlando this year. NCPDP developed a platform to help pharmacies report one time, rather than multiple times each year. The concept is good. But there are challenges and concerns. First, the development was with chain pharmacies with no independent involvement. The reason was NCPDP had a massive test pool with the same organizations. It's logical, but there are more independents than chain pharmacies. This program works with the PBMs but not with the PSAOs who still are requesting the same information. So it does reduce the amount of reporting. Now my major concern is NCPDP is sharing the information they are collecting with different organizations. They are updating your NPI information. OK, that is good. But they are also sending it to the National Supplier Clearinghouse. Here is the concern. If the data submitted to NCPDP differs from the CMS 855S Medicare Enrollment Application, NSC's process is to deactivate the PTAN. If you catch it right away, the pharmacy can re-activate the PTAN with no issue. However, if the pharmacy does not catch it because they are not reconciling their reimbursements on a weekly basis and PTAN is deactivated for a period of time, the pharmacy must reactivate their PTAN from scratch. If the pharmacy had “Exempt” status, depending on the length of time, the pharmacy loses the exemption and they must start over with accreditation to continue to dispense DMEPOS products. I have seen this done already. It is as simple as changing your hours of operation, updating the NCPDP credentialing website and not updating your Medicare 855S and your PTAN is deactivated. This is a very costly error that no one thought about.   Jeff, how can you prevent that from happening? Don't let just anyone complete these attestations and credentialing documents. Complete them all the same way, every time. Keep copies so you are consistent. Always know what your CMS 855S Medicare Enrollment Application states. When a change is made on the NCPDP website, make the same change on the CMS 855S application.   Is there anything else the pharmacies need to be aware of for Credentialing? Yes, one very important item. Continuous Quality Improvement Certificates are required for Medicare Part D. Every pharmacy is required to have a Continuous Quality Improvement (CQI) program. The CQI certificate is generated by an organization certifying the pharmacy has an active CQI program. This is normally through a Patient Safety Organization. We talked about a PSO on our last podcast with the Alliance for Patient Medication Safety. We can see the PBMs looking at the CQI certificates more closely in 2018. For my clients, make sure you continue with the PQC+ entries so you can pull the CQI certificates when these requests start in January and February. If you are not sure if you have a CQI program or how to get your CQI certificate, the process is not a week or two quick fix program. There are a number of items that are required to be completed. Check out our last podcast on Patent Safety. There are not a lot of organizations talking about these subjects, especially the CQI programs and certificates. I keep my podcast factually based, but on the Continuous Quality Improvement program, certificates and enrollment with a patient safety organization, this is part of our standard pharmacy compliance program that we offer. To my knowledge, no other consulting firm offers these services.   Jeff, so wrapping up, on our conversation today, you always bring items to us that no one is talking about. See omnystudio.com/listener for privacy information.

Pharmacy Compliance Guide Attestations & Certifications  Every fall we hear the PBMs sending out requests for Attestations for Fraud, Waste and Abuse and HIPAA Compliance. Why do they all keep asking for the same information? When Medicare Part D came into play, the Pharmacy Benefit Managers were given the regulatory authority to manage the Medicare Part D program. Part of this program was ensuring pharmacies were properly training their staff. It initially started with annual: Fraud, Waste & Abuse Training, OIG Exclusion Verification, and HIPAA Compliance Training Then each fall, everyone had to attest they accomplished these requirement for Medicare Part D. Unfortunately, a lot of pharmacies and organizations signed off of the attestations and really didn’t do it.   The a

Every fall we hear the PBMs sending out requests for Attestations for Fraud, Waste and Abuse, and HIPAA Compliance. Why do they all keep asking for the same information? When Medicare Part D came into play, the Pharmacy Benefit Managers were given the regulatory authority to manage the Medicare Part D program. Part of this program was ensuring pharmacies were properly training their staff. It initially started with annual: Fraud, Waste & Abuse Training, OIG Exclusion Verification, and HIPAA Compliance Training Then each fall, everyone had to attest they accomplished these requirements for Medicare Part D. Unfortunately, a lot of pharmacies and organizations signed off of the attestations and really didn’t do it. The attestation is a legal statement where the individual, the pharmacy owner and/or the pharmacist-in-charge were legally attesting they were accomplishing the training and had no documentation to support their claim. Legally this was a false claim under Medicare Part D and the PBM can and did recoup all Part D reimbursements from the pharmacy, which was devastating. The PBMs then added to their requirements over the years making them a sticker and more overbearing. Most especially is the OIG Exclusion verification requirement. Only pharmacy in all of the healthcare must accomplish this task every month. It started with just one database, the Office of Inspector General, then was added to the General Services Administration (GSA) and the Systems for Award Management (SAM). The GSA and SAM have publicly merged into one, but as of today, we are still receiving a database from each of them. In addition, individual states are developing their own exclusion lists that must be checked. There is no standard for the lists. Some are managed by the health departments, others by the Attorney General or the Treasury Department.

Les deux attestations: Avantage et Manifestations - Cheikh Ibrahima Khalil LO by XamSaDine

Pour permettre au consommateur de choisir, il doit connaître l'origine du courant électrique. Pour cela il existe un système: les attestations d'origine.

A new MP3 sermon from Still Waters Revival Books is now available on SermonAudio with the following details: Title: Life & Diary Of The Rev. David Brainerd #29 (Attestations of Divine Grace Displayed) Subtitle: Jonathan Edwards Messages Speaker: Jonathan Edwards Broadcaster: Still Waters Revival Books Event: Audio Book Date: 11/5/2010 Bible: Romans 12:1; Psalm 2:8 Length: 10 min.

Cours n°3 : Explication des deux attestations/ Ses deux piliers : l’affirmation et la négation/Ses mérites/Les huit conditions de cette attestation et leurs preuves réciproques…

Cours nº 06 : - Les Annonces et Attestations de la Venue du Prophète sallallahu ‘alayhi wa sallam