Podcasts about cordery compliance

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at the continued fallout from the Solar Winds data breach. In the complex world of data protection, the General Data Protection Regulation (GDPR) has placed a spotlight on the importance of transparency, honesty, and corporate responsibility. Experts Tom Fox and Jonathan Armstrong bring their unique perspectives to this topic, shaped by their extensive experience in compliance and data protection. Fox emphasizes the potential legal consequences for corporate leaders who fail to disclose vulnerabilities or engage in dishonest practices, while Armstrong highlights the increasing pressure on individuals and corporations to disclose data breaches, with regulators focusing more on individual liability. Both stress the importance of transparency, the potential for litigation, and the role of whistleblowers. Join Fox and Armstrong as they delve deeper into these issues on this episode of the Life with GDPR podcast. Key Takeaways: The Importance of Truthfulness in GDPR The Importance of Transparency in Data Breaches Legal risks in data breaches and cybersecurity The Impact of Budget Constraints on Vulnerability Fixes  Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Check out the Cordery Data Breach Academy here. Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at a breach of a big law. In the wake of a recent spearphishing attack and data breach at a UK law firm, the legal community is abuzz with discussions on the responsibility of lawyers to prevent such attacks. Tom Fox, known for his critical perspective on big law firms, highlights the mistakes made by the firm in question, emphasizing the increasing concern over cyber-attacks targeting law firms and the need for timely reporting to regulatory authorities. Jonathan Armstrong, on the other hand, underscores the importance of proactive cybersecurity measures and timely reporting, commending the firm for taking immediate action but criticizing the delay in reporting the breach. Both Fox and Armstrong bring their unique perspectives shaped by their experiences in the field. Join them on this episode of the Life with GDPR podcast as they delve deeper into this topic. Key Takeaways: A spearphishing Attack Leads to Data Breach Cybersecurity Measures for Law Firms The Power of Dedicated Data Protection Training   Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR compliance, by clicking here. Check out the Cordery Data Breach Academy here. Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at litigation over a data breach against Singtel Opus in Australia and the fallout from an investigation report. The recent data breach at Intel Optus, affecting 1.2 million individuals, has brought to light the critical role of strategic communication in managing cybersecurity breaches. Tom and Jonathan Armstrong, offer their unique perspectives on this issue. Fox emphasizes the inevitability of cybersecurity breaches and the need for a comprehensive strategy, including effective communication, to manage them. He warns against the potential consequences of mishandling communication during a breach, such as jeopardizing insurance coverage. Armstrong highlights the complexity of maintaining privilege in a global corporate structure and the importance of careful language to avoid invalidating insurance or causing unnecessary speculation. He also underscores the need for a holistic approach to cybersecurity, encompassing prevention, detection, remediation, and crisis communication. Join Tom Fox and Jonathan Armstrong as they delve deeper into this topic in the latest Life with GDPR podcast episode.  Key Takeaways: Implications of Language in Data Breach Reporting Navigating CEO Communication and Insurance Coverage Navigating Insurance Coverage in Data Breaches  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go to their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Check out the Cordery Data Breach Academy here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. We take things in a different direction today as we discuss the somewhat lurid allegations around former Abercrombie & Fitch CEO Mike Jeffries. This matter illustrates the need for robust background checks and support of those who bring forward complaints against top management. The topic of CEO risk, specifically the importance of accountability and investigations in corporate compliance, is a critical issue in today's business world. It explores the potential dangers CEOs can pose to corporations and the necessity of holding them accountable for compliance initiatives. Tom Fox, a renowned compliance expert, emphasizes the importance of conducting thorough due diligence on individuals, particularly at the senior executive level, to mitigate risks. He believes that behavior patterns often exist before public scandals occur and that it is crucial to identify these patterns through deep investigations. On the other hand, Jonathan Armstrong highlights the challenge of pushing compliance up the organization and the need for thorough due diligence when hiring senior executives. He also stresses the importance of accountability and investigations in addressing misconduct allegations, even if they are historic. Join Tom Fox and Jonathan Armstrong as they delve deeper into this topic on this episode of the Life with GDPR podcast. Key Takeaways: CEO Accountability and Risk Exposure Allegations of Sex Trafficking and Abuse The Significance of Investigating Past Misconduct  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here. Connect with Tom Fox ●      LinkedIn ●    Twitter ●    YouTube ●    Facebook ●    Instagram Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage's banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss a data breach in a Scottish hospital during the COVID-19 pandemic. The breach occurred when hospital staff shared patient details on WhatsApp, raising concerns about GDPR compliance. The hospital informed the ICO about the breach but chose not to notify affected patients, highlighting the need for appropriate advice and support when making such decisions. The conversation also explores communication challenges in internal investigations and the privacy and security risks of platforms like WhatsApp. It emphasizes the importance of organizations adapting to the preferences of digital native employees and conducting data protection impact assessments. The podcast also highlights the importance of effective policies, training, and proactive phishing training to prevent cyber-attacks and protect sensitive information. Key Takeaways: ·      Data breach in Scottish hospital ·      The Challenges of Communication in Internal Investigations ·      Importance of Policies and Training ·      Phishing Training Effectiveness  Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here. Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, Tom and Jonathan discuss a troubling inadvertent data release by the Police Service of Northern Ireland (PSNI). The release occurred when a document containing sensitive information about PSNI employees was mistakenly uploaded to a public site, putting officers at risk. The document, inadvertently released based upon a valid FOIA request, wrongfully included the names, ranks, locations, and even surveillance and intelligence details from the Northern Ireland constabulary. This inadvertent release highlights how the bypassing of security checks the caused the breach, emphasizing the real-world impact of data breaches on individuals. Tom and Jonathan also discuss the use of spreadsheets in data breaches and express frustration with the lack of attention given to these incidents. Overall, the conversation stresses the importance of data protection and compliance, and the urgent need for improved measures to address this issue.  Key Takeaways: ·      Data release at PSNI ·      Data release implications ·      Regulator's Call for Improved Data Protection ·      Spreadsheets are evil  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage's banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection.  In this episode, Tom and Jonathan discuss the closure of Farage's bank account with Coutts, a high-end bank owned by NatWest, and the potential data breach that ensued. They discuss the risks of internal emails being exposed through subject access requests (SARs) and emphasize the importance of caution in email communication. The conversation also explores the cost and consequences of non-compliance with GDPR obligations, particularly in relation to SARs. The potential legal implications for banks that violate their own policies or delete data that should be provided in response to a SAR are highlighted. Overall, the episode underscores the need for banks to prioritize data protection, compliance, and proper decision-making in the financial industry.  Key Takeaways: ·      Nigel Farage's Banking Controversy ·      Data Protection Risks in Banking ·      The Cost and Consequences of Subject Access Requests ·      Serious concerns about data protection and access to banking  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. Matt Kelly and Jonathan Marks join Tom and Jonathan Armstrong on this episode, as they explore the case of former Uber CISO Joe Sullivan and the lessons compliance officers can learn from his lenient sentence. From growing trends of personal accountability to conflict of interests, the hosts provide six tips for chief compliance officers to protect themselves, including rehearsing responses and seeking external advice when necessary. This eye-opening episode also delves into the challenges faced by compliance officers in situations like Etsy's ransomware scheme and how they must be cautious with threat actors' demands. Don't miss out on this insightful episode that will leave you questioning whether Sullivan was unfairly punished and whether executives' remuneration packages will receive greater scrutiny going forward. Tune in now to Life With GDPR.  Key Takeaways: ·      The Joe Sullivan Uber Case and Lessons Learned ·      Individual Liability in Corporate Malpractice ·      Compensation and Conflicts of Interest ·      The Challenges of Compliance Officers in Wrongdoing Incidents  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, they discuss the recent billion-dollar fine imposed on Meta (formerly Facebook) for violating data protection laws. They break down the significance of this ruling which limits the use of standard contractual clauses and requires due diligence checks when transferring data from the EU to the US. Discover the consequences and potential appeal arguments of the European Court of Justice's ruling on data privacy. They delve into the challenges of harmonizing data protection authorities in the EU and how this affects corporations. Find out why the lack of consistency among regulators cannot be fixed overnight. Don't miss out on the engaging and informative discussion that can help organizations navigate the complex landscape of GDPR and data privacy. Tune in to "Life with GDPR" now!  Key Takeaways: ·      Facebook fined $1 billion for data transfer ·      Meta's GDPR Noncompliance and Data Transfer Suspension ·      Irish Data Protection decision overruled by EDPB ·      Challenging GDPR court order in Ireland ·      Data Transfer from EU to US: Safe or Unsafe? ·      GDPR differences in privacy enforcement  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. Join them in this episode as they discuss the recent court decision in the Austrian case and its implications on GDPR claims. Discover the guidelines for GDPR damage compensation, assessment of damages, liability provisions, and how businesses can make themselves more robust to avoid such claims. They also delve into the importance of acting quickly in the event of a breach and insurers' sophistication in cyberattack policies. Tune in to learn more, and check out the article on the quarterly compliance website. Don't miss out on their engaging conversation and valuable insights!  Key Takeaways: Understanding GDPR compensation claims Insurance Claims and Breach Response Strategy Cyber insurance is becoming more selective in writing cover Notable Quotes: “I would say when you have a title like that, you get the attention of many class action lawyers.” “Not every infringement of GDPR automatically gives rise to compensation.” “The right to compensation under GDPR needs 3 things. Firstly, an infringement of GDPR; secondly, material damage resulting; and thirdly, a causal link between the damage and the infringement.” “If you haven't got the right team in place, Even on New Year's Day or Christmas day, Easter or Passover or, you know, during fasting, then that's your fault, not ours, and regulators are not forgiving.” Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go to their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. Join them in this episode as they delve into the hot-button issue of data transfers from the EU to the US. With potential new rulings looming, the replacement for privacy shield is said to be doomed to fail. The European data protection board is investigating complaints against Google and Facebook that could affect up to 95% of US corporations using Google Analytics! How can your organization comply with GDPR regulations while avoiding the nearly €3 billion in fines levied since 2018, including practical tips such as conducting compliance checks and due diligence? Don't miss the explosive potential of this episode and what it could mean for businesses around the world. Key Takeaways: ·      Data transfers from the EU to the US and privacy concerns ·      Data Transfer Regulations & Compliance ·      Data Protection Compliance for Business Websites ·      Impending Large GDPR Fine Notable Quotes: "It is not going to get any easier anytime soon, unfortunately." "This case is likely to affect, I think, 95% of corporate America." "Regulators definitely have an appetite to investigate this." "I expect that the find that I'm hearing rumors of will tip us over the €300MM level."  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go to their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, host the award-winning Life with GDPR. In this episode, Tom and Jonathan discuss the role of the Data Protection Officer (DPO) in light of GDPR - an important requirement outlined in Article 37. They discuss how the European Court of Justice views the role, how Germany had a DPO system in place prior to GDPR  and the fact that DPOs should be supported by their employer and protected against any potential conflicts of interests. They touch on the shortage of suitable DPOs due to the price and resource requirements of the role, as well as the example of a data protection authority showing up to an organization and finding a person who had been recently trained. Tune in to discover more key insights about the role of the DPO as you stay knowledgeable on GDPR compliance with Live with GDPR. Key Takeaways: European Court of Justice and the GDPR System [00:05:46] DPO Roles and Responsibilities [00:10:50] Data Protection Authority Visit to an Organization [00:15:26] Notable Quotes: 1.     “The Role of a DPO in simple terms is to sort of act as a sort of police officer to police the organization's handling of data.”  2.     “If you look at GDPR article 37 5, it says that a data protection officer must be designated on the basis of professional qualities. In particular, expert knowledge of data protection law and practices, and there's a number of duties in Article 39 they have to be able to perform.” 3.     “Regulators will expect to see competency. And it's probably easier for a regulator to judge competency than it is to judge conflict of interest.” 4.     “I think it is definitely worthwhile putting resources in training and also currency.”  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, host the award-winning Life with GDPR. In this episode, Jonathan Armstrong shares that SARs remain a significant area of concern for businesses. He joins Tom to discuss a recent individual's complaint with the Austrian DPA, in which the response was incomplete and the individual took their case to an Austrian Federal Administrative Court. Jonathan shares that this tactic is being used by those under regulatory and governmental investigation. Tom and Jonathan's insight is invaluable for staying informed of the most up-to-date news on SARs.  Key Highlights ·      Challenges of Filing Data Protection Complaints in Austria [00:057] ·      Legal Implications of Acquiring a Business Under Regulatory or Governmental Investigation [00:11:03] ·      Ending a Podcast[00:15:50] Notable Quotes 1.     "We know that SARS are onerous, and it may be that the GIST route might be a way of saving some of the effort involved, not in searching for data necessarily, but in the whole redaction task, which is substantial because obviously you have to redact records so as not to expose the data of other individuals in many cases."  2.     "And the officer stream result also seems to be in accordance with guidance from other DPAs as well. So probably the right decisions in both cases but obviously still some complexity involved in dealing with hours."  3.     "We've definitely seen [SARs] in the context of regulatory or other governmental investigation. There are the cases in the public domain, for example, which is a case, which involves Russian oligarchs battling it out in the UK courts after group a investigated group b." 4.     "And as I say, we've used the gist route previously. We know that people have complained to the ICR to other regulators but so far, that hasn't been anything that regulators criticized in the cases that we've been involved with."" Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the podcast Life with GDPR. In the most recent episode, they review the recent sanctions the UK and US have imposed on seven Russia-based individuals linked to ransomware. They explain that there are around 20-30 known vulnerabilities in software that could be responsible for the majority of ransomware attacks, and if these are taken care of, individuals and organizations are less likely to become susceptible. Finally, the host delve into how some ransomware attackers may become public about their actions in order to try and make those affected pay up. Listen to Life with GDPR for the most up-to-date and helpful advice about cyber security and ransomware.  Key Highlights ·      Sanctions levied against Russian cyber-attack gangs [00:01:28] ·      Steps to take to Protect Against Ransomware Attacks [00:06:12]  ·      The Dangers of Ransomware Attacks [00:10:49]  Notable Quotes 1.     "Sanctioning ransomware gangs is not especially new. The US has done it before, but this is a move that's a giant move from the UK and the US to sanction 7 Russia based individuals."  2.     "It's good business sense to payers because x is less than y. So just because GDPR is on the agenda of ransomware gangs, it obviously means that organizations have to take that much more seriously because ransomware gangs trying to push GDPR figures."  3.     "Have a plan to deal with ransomware. It is inevitable a ball that somebody will target you. Maybe create a playbox so that you can work through key considerations in add advance."  4.     "You're only as strong as your weaker link. And oftentimes, it is suppliers, HR providers, payroll providers, outsourced sales solutions that are a real area of vulnerability."" Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we take up NIS II and are pleased to be joined by Jonathan Marks and Matt Kelly for a robust conversation. Highlights include: What is NIS II and how does it differ from NIS I? NIS II governs by sectors. What are the implications for global companies? Where can you go for more information.   Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Connect with Tom Fox LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. Data protection has become a priority for many authorities with the French regulator, CNIL,  recently issuing fines and penalties to Microsoft for not complying with the data protection laws. Changes were made to their practices in March 2022, and similar action was taken against Google and Amazon. In this episode, we discuss the regulatory landscape for cookies which has become difficult for businesses to maneuver, requiring board-level oversight of data privacy, data protection, and data security. Together, these measures are deemed necessary in order to mitigate the biggest risks to organizations. Max Schrems and his pressure group were two of the key adjutants and had filed a substantial number of complaints. This eventually led to a large fine at the end of 2022, announced this month, from CNIL, the French Data Protection Regulator, against Microsoft, for €60 million. This fine highlighted the fact that cookies had been on the agenda for many Data Protection Authorities and the severity of the consequences for not following GDPR requirements. The implications of this case will have a lasting effect on the relations between European Data Protection Authorities and corporations, as well as the resources necessary to stay compliant. Highlights include: ·      [00:04:16] Microsoft's Changes to Cookie Practices ·      [00:09:21] Navigating Regulatory Landscapes for Businesses ·      [00:14:21] The Importance of Data Privacy Board Oversight Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recently released find by the Ireland Data Protection Commission against Meta for two legacy companies, €210m for its Facebook operation and €180m for Instagram for GDPR breaches.  The DPC also ordered Meta to change its data protection practices within three months.  Those changes may have more lasting effect on Meta than the fines.  The two fines come in at fifth and sixth places respectively in the largest GDPR fines of all time .   Some of the highlights  include:  1.     What were the facts? 2.     Why this matter has far wider implications that simply Big Tech. 3.     Max Schrems says this is a huge blow for Meta. 4.     The convoluted appeal process going forward. 5.     Lessons learned.  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent ABB Foreign Corrupt Practices Act resolution. Jonathan considers the ABB enforcement action from the UK perspective and opines how a UK judge might consider the company's recidivism differently than the DOJ did. He rants about ongoing tech scams.   Some of the highlights  include:  1.     What were the facts? 2.     How would UK court's view recidivist behavior under the UK Bribery Act? 3.     Where was the SFO? 4.     What is the status of the investigation in Germany? Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent conviction of Joe Sullivan former CISO at Uber for his role in hiding a data breach which hit the company. Sullivan was convicted in the US in October 2022 in connection with an investigation into a ransomware attack on Uber in 2016. However, we look at the conviction from the GDPR and UK perspective and ask does it portend potential liability for CISOs and CCOs in the EU and UK.  For instance, does this mean that there are likely to be more prosecutions against executives?  And could we see similar prosecutions in Europe? For a more detailed discussion and links to the case, check out the Cordery Compliance News Alert on the case, which you can find in the link below.  Some of the highlights  include:  1.     What were the facts? 2.     Was Sullivan guilty of negligence or intentional conduct? 3.     Why were prior Uber convictions so significant? 4.     What happens next? 5.     Could this lead to more prosecutions of executives? 6.     What does this mean under GDPR and in the UK? Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent action by the ICO against seven UK organizations that failed to respond to Subject Access Requests (SAR), which follows a trend across Europe of more enforcement action on SAR. Some of the highlights  include:  1.     What is a Subject Access Request (SAR)? 2.     Why are these companies in the ‘Naughty Corner.' 3.     How does this follow a trend across Europe of more enforcement action on SAR?  4.     What happens next? 5.     Who is the constituency for change in the SAR process in the UK? 6.     What are the lessons learned? Resources For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, I visit with Jonathan Armstrong, partner at Cordery Compliance in London. We consider the recent payment by the international law firm Dechert of £20 million for its conduct and that of its former partner Neil Gerrard in the ENCR affair. The matter was certainly a dark day for Dechert and a black eye on the legal profession. Some of the highlights include:  Key areas we discuss on this podcast are: ·      What were the failures of the law firm?  ·      What led to the £20 million interim payment? ·      Will there be discipline against the law firm? ·      What is the role of a law firm to oversee investigations? ·      How are the implications of holding investigative data under GDPR going forward? ·      Who watches the watchers (and investigators)?  Resources Jonathan Armstrong on Cordery Compliance Hannah Walker in Law.com on the scandal Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent fine by the Irish Data Protection Commission levied against Meta for €405 million for Instagram Data Protection Infringements. Some of the highlights  include:  1.     What is the background to the case? 2.     What was the basis for the fine? 3.     What happens next? 4.     What did other national agencies and commission, particularly the EDPB say? 5.     What are the lessons learned? Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the US/EU/UK agreement for data transfer from the EU/UK to the United States under the Data Protection Framework. Some of the highlights  include: 1.     What is the Data Protection Framework? 2.     How will the Data Protection Review Court work? 3.     What dare the safeguards around the US national security review be? 4.     What happens next? 5.     What are the views of Max Schrems? 6.     Will there be an EU/UK split? Resources For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we discuss the changes in the UK Data Privacy regime currently proposed in the wake of Brexit. Some of the highlights include: Why these changes are so significant. Are things really more complicated now? What does it mean for compliance? What happens next? Will the new PM request any changes? Practical steps you can take now. Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we discuss Lloyd's of London announcement of its coverages for cyber-breaches by state actors. Some of the highlights  include:  1.     Why this change is so significant. 2.     What does it mean for compliance? 3.     What happens next? 4.     Practical steps you can take now. Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In today's edition of Daily Compliance News: ·       Llyod's changes rules on cyber-insurance claims. (Cordery Compliance) ·       Former TN Speaker arrested on corruption charges.  (AP) ·       $4.5bn oil spill. (BBC) ·       Prescott goes all in on crypto. (Bloomberg) Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we discuss the NOYB announcement that it had filed an additional 226 complaints to Data Protection Authorities in 18 countries over the use of OneTrust cookie banners. Some of the highlights include: Previous enforcement actions on cookie banners. The NOYB campaign. What happens next? Practical steps you can take now. Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we discuss British Prime Minster Boris Johnson's recent announcement that he will be resigning as British PM when his successor is announced. Some of the highlights include: Reasons for the resignation. Candidates for the PM role going forward. Key compliance and related issues for the new PM going forward . Lessons learned from the Pincher Affair and the BoJo resignation. Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we review the recently released European Data Protection Board (EDPB) draft guidance on calculating fines entitled “Guidelines 04/2022 on the calculation of administrative fines under the GDPR”. Some of the highlights  include:  1.     There have been just under 1.5 billion in overall fines under GDPR. 2.     Spain has the largest number of fines but the smallest monetary amount of fines. 3.     The five-step calculation methodology. 4.     What are the aggravating and mitigating factors. 5.     Key takeaways from the draft guidance. Resources For more information on the draft guidance, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we review the recently released Financial Reporting Council (FRC), the UK Anti-Slavery Commissioner, and Lancaster University (Management School) report on a sample of a hundred major companies' modern slavery statements and their strategic and governance reports. Some of the highlights  include: 1.     Why the Report? 2.     Some successes but much criticism. 3.     Public responses when slavery issues are uncovered. 4.     Why contracts are a part of the solution. 5.     Key takeaways from the Report. Resources For more information on the FRC Report, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take up a fine in the UK by the ICO against Clearview AI. We have discussed other EU countries' fines against Clearview previously. Some of the highlights include: What is this case all about? What did the ICO decide? Why is AI under the spotlight again? Other actions and penalties against Clearview? Key takeaways. Resources For more information on the Clearview AI fine by the ICO, check out the Cordery Compliance client alert on this topic; click here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take up the proposed agreement for data transfers from the EU (and UK) to the US. Some of the issues we consider in the myriad of questions around this latest version of Privacy Shield include:  1.     Is this simply an agreement to agree? 2.     Who will populate the independent court review in the US? 3.     Will US spy agencies ever comply? 4.     Will there be a real deal by the end of 2022? 5.     Is this simply a temporary solution.  Resources For more information on the new data transfer agreement, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we consider the Italian Data Protection Authority (the Garante) fine against Clearview AI €20m for GDPR violations.  It is the latest in a series of regulatory actions in Europe and in Australia against Clearview AI and it also continues a trend of AI enforcement in Italy. 1.     Who is Clearview AI? 2.     What is this matter about? 3.     The background facts and the Italian investigation. 4.     What did the Garante say? 5.     Lessons learned and next steps. Resources For more information on the Italian Clearview AI enforcement action, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we consider the UK Data Protection Authority, the Information Commissioners Office (ICO) recent announcement that it had fined a law firm, Tuckers Solicitors LLP for GDPR breaches.  Tuckers was fined £98,000 after being hit by a ransomware attack. 1.     Law firms are not unique. 2.     What about other legal regulations and regulatory bodies? 3.     The background facts. 4.     What did the ICO say? 5.     Lessons learned. Resources For more information on the Tuckers enforcement action, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, consider the recently announced EU/US resolution to allow data transfer from the EU to the United States through the mechanism of Privacy Shield 3. Some of the issues we consider include: 1.     Is it Déjà vu all over again? 2.     What about consent and standard contractual clauses as a basis for data transfer? 3.     What was the court's ruling? 4.     Why double due diligence will be required going forward? 5.     What about the UK? 6.     What does Max Shrems have to say?    Resources Check out the Cordery Compliance, client alert on this topic, click here and here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In the 2020 Morrisons case the UK Supreme Court ruled that an employer can be legally responsible for data breaches caused by their employees, although in the particular situation in that case the court ruled that Morrisons (the employer) was not liable for the actions of their rogue employee. In this episode, Tom and Jonathan look at the more recent case of Isma Ali v. Luton Borough Council where the High Court ruled that in committing the data security breach actions the rogue employee undertook, she had solely pursued her own interests and so the employer was not liable for her conduct. Some of the issues we consider include: 1.     What were the underlying facts of the case? 2.     What was the court's ruling? 3.     Key Takeaways for the data privacy, data protection practitioner, including: ·      Take a close look at security measures and ensuring that access rights are policed. Data loss prevention and monitoring systems should also be in place to check for large data files leaving the organization - depending on the circumstances, a rogue employee might be after a lot of data; ·      Put in place appropriate policies and procedures to make sure that data protection principles like data security and data minimization are properly understood; ·      Perform a Data Protection Impact Assessment for new processes; ·      Make sure that employees in trusted roles are reliable and that their access rights are reviewed.   ·      Put in place and rehearse a data breach notification procedure, including detection and response capabilities; ·      Training staff on all of the above; and, ·      Check existing insurance or taking out new insurance to cover the range of potential risks from "innocent" errors to the actions of a rogue employee.    Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, dissect the case of the Smart TV and considers its implications for de minimis cases brought under GDPR. Some of the issues we consider include: 1.     What were the underlying facts of the case? 2.     Was the case filed in the correct court (High Court)? If not, why not? 3.     What was the court's ruling? 4.     What is the viability of a de minimums claim going forward? 5.     When dealing with data protection infringement compensation claims, look to cases from other jurisdictions. 6.     No matter how seemingly trivial, organizations should be prepared for them and manage them with care.    Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we celebrate the 10-year anniversary of the initial proposal of the law which became GDPR. Some of the issues we consider include: What was in the original proposal that did not become enacted in the final law? Reduction in costs-what happened? Right to be Forgotten, morphed into something very different than intended. Fines, Fines, Fines. Evolution of regulatory sophistication. Criticism of regulators. Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take a deep dive into class action litigation in the UK and EU around data privacy and data protection. Some of the issues we consider include: 1.     Has the tide turned in favor of defendants in class action litigation in the UK? 2.     Are actual damages now required to receive damages after a data breach? 3.     How can a company manage a regulatory investigation of a data breach during a class action litigation? 4.     What about suits against Boards of Directors?  Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Life with GDPR named one of the top 30 Data Security Podcasts you must follow in 2022. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong returns from assignment to take on a potpourri of issues with co-host Tom Fox. In this episode, we consider some of the issues from the Blackbaud data breach enforcement action. Some of the issues we consider include: Does this matter signal a priority in risk shifting by the regulators? Implications for class actions involving customers. Hardening of the insurance market regarding data breaches. More due diligence coming in the B2B arena. Steps your organization should take now. Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.  Welcome to the first Great Women In Compliance episode for 2022. Lisa and Mary are really excited about starting off another year of connecting, communicating and celebrating our GWIC family. While Mary and Lisa usually start out each quarter with a joint discussion, this time they do a joint interview with a guest who was there when this podcast was born. Jonathan Armstrong is a strong supporter of women in compliance, diversity, and is an expert in GDPR, Brexit, and many other multinational issues, as well as a partner at Cordery Compliance, and is based in the UK. He is also on the Compliance Podcast Network as a co-host of the "Everything Compliance" and "Life with GDPR" podcasts.  In this episode, we talk about what he thinks should be top of mind for E&C professionals in multinational organizations, how Brexit has impacted compliance programs, and what is new in the world of GDPR and data privacy.   Jonathan is also known for his ability to connect and build relationships. and talks about how he builds his network and his approach. Lisa and Mary like to think that one of the highlights of Jonathan's career is that he won the GWICie for Comic Relief, and not only will you understand why after listening to this episode. As always, we are so grateful for all of your support and if you have any feedback or suggestions for our line up or would just like to reach out and say hello, we always welcome hearing from our listeners. If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it.  You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast.   You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast. Join the Great Women in Compliance community on LinkedIn here. 

Jonathan Armstrong returns from assignment to take on a potpourri of issues with co-host Tom Fox. We use the recent speech by Deputy Attorney General Lisa Monaco as a jumping off point to discuss how this change in DOJ enforcement policy and focus will be impacted by GDPR, the new EU Whistleblower Directive and how increased international cooperation around international anti-corruption compliance may play out. Some of the issues we consider include: Data protection issues under the new DOJ FCPA enforcement policy? Monitorships outside the US. Data privacy and investigations. Class actions in the UK going forward. Increased cooperation between the DOJ/SEC and the UK Serious Fraud Office. Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong is on assignment in Cornwall so for this episode Cordery Compliance co-founder Andre Bywater joins Tom Fox to discuss issues relating to the upcoming EU Whistleblower Directive, with a go live date of December 17. This is Part 2 of a special 2-part episode. Some of the questions we consider include: What about whistleblowing and data protection issues? Are individuals subject to whistleblowing allegations also protected? Subject Access Requests. False whistleblowing. Sanctions for non-compliance. Bounties for whistleblowing. When must the EU whistleblowing rules be implemented? Post-Brexit, how will the UK be implementing these rules? What are Andre's three takeaways? Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong is on assignment in Cornwall so for this episode Cordery Compliance co-founder Andre Bywater joins Tom Fox to discuss the upcoming EU Whistleblower Directive go live date of December 17. This is Part 1 of a special 2-part episode. Some of the questions we consider include: 1.     Why is the EU tackling whistleblowing & what EU areas fall in scope? 2.     Who can be a whistleblower? 3.     What about anonymity and confidentiality? 4.     Which whistleblowing route should a whistleblower follow? 5.     Are there any record-keeping obligations? 6.     Is retaliation prohibited? Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. In this episode we take up a recent decision from Luxembourg which would seem antithetical to good whistleblower practices. We also consider the upcoming EU Whistleblower Directive go live date of December 17. Some of the questions we consider include: 1.     What are the facts of the enforcement actions?  2.     When should company harm outweigh public good from whistleblowers? 3.     What lessons can companies learn from this matter in conjunction with the EU whistleblower directive? Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. In this episode we take up Jonathan's (current) favorite GDPR enforcement action, involving the food deliver services Deliveroo and Foodinho, who ran afoul of the Italian data protection authority.  Some of the questions we consider include: What are the facts of the enforcement actions? What do these cases tell us about the use of AI and data privacy? What lessons can companies that use algorithmic management of staff learn? Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

Jonathan Armstrong, Partner at Cordery Compliance, joins Tom Fox on this episode of the ESG Report to discuss important supply chain issues in the EU and Baltic regions. They talk about how legislation has evolved and the importance of looking at ESG risks with a holistic view.  Evolution of Due Diligence Legislation “What have you seen legislative-wise around supply chain due diligence from that part of the EU?” Tom asks Jonathan. He responds that he and his team have done major work in modern slavery and supply chain due diligence in the EU and Baltics. There has been region-wide legislation, as well as country-specific legislation, he comments. Tom asks how this plays into an overall ESG framework. Jonathan remarks, “I think there's almost three forces at play. There's the legislative changes; there's corporations trying to do ESG well and be regarded as good corporate citizens; and then there are potentially consumers voting with their feet as well … by not buying those products.” Consumers in the fashion and apparel industries particularly, ‘vote with their feet' by refusing to buy from companies with bad ESG practices. A Holistic Approach Tom comments that a regulatory framework as well as taking a holistic approach to supply chain management would lead more companies to put processes into place to comply with the law, which would ultimately lead to more efficient supply chain procedures. Jonathan agrees. Companies who do ESG well assess supply chain risks holistically, he points out. In particular, they look at where and with whom their suppliers transact business. Although some countries are prone to higher risk, it's not as cut and dry as labeling those countries bad and others good. He shares an example of a UK manufacturer who brought slave labor from Asia to the UK. “He just imported the problem,” Jonathan says. His UK retailers felt good about buying locally, but unknowingly was still supporting child labor.  Not Easy to Fix “It isn't an easy problem to fix,” Jonathan tells Tom. “But that doesn't mean that we shouldn't try and have in place clear expectations of our suppliers.” Due diligence and training are important in addressing these issues. Jonathan comments that confusing legislation - the voluntary Modern Slavery Register in the UK is a prime example - is adding to the problem instead of resolving it. Companies have differing opinions about their responsibility to report, and some even have instigated litigation to oppose reporting. Overall, he says, “There is a real need for transparency, and there's also a need for corporations to invest more in doing the right thing and evidence that doing, rather than just saying they are doing the right thing.” Resources Jonathan Armstrong on LinkedIn | Twitter Cordery Compliance  Articles on modern slavery and supply chain management

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. In this episode the always difficult decision of whether to pay or not to pay a ransomware demand. Some of the questions we consider include: 1.     How does a ransomware attack occur?  2.     What are the potential legal and commercial risks of paying ransoms? 3.     What about specific new laws to ban ransomware payments? 4.     What should you do if your organization is faced with a ransomware attack? 5.     What can you do to guard against a ransomware attack? Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. In this episode we consider due diligence in mergers and acquisitions from the data privacy/data protection perspective. What should you review? Who should you talk to? What reps and warranties should you consider? These questions and much more on this edition of Life with GDPR. Resources Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

As the Tokyo Olympics conclude and Biden passes an infrastructure bill, Tom and Jay are back to take a look at this week's stories top compliance and ethics stories which caught their interest on This Week in FCPA in the Infrastructure Bill edition.  Stories 1.     Navex Global new benchmark report. Carrie Penman, Andrew Burt and Mary Bennett in Navex Global's Risk & Compliance Matters blog. 2.     Conducting a double materiality assessment. Donota Calace in PracticalESG, Part 1 and Part 2.  3.     Dangers lurking in internal investigations? Mike Volkov in Corruption, Crime and Compliance.  4.     What can ‘ethics refugees' teach us about E&C? Richard Shell in CCI.  5.     Running a design sprint. Carsten Tams with Part 4 of his 5-part series on Design Thinking in LinkedIn.  6.     Amazon tagged for €746MM for GDPR violations.  Cordery Compliance news alert.  7.     What are the factors driving change in the investigation process? Jaclyn Jaeger in Compliance Week.  8.     The Achilles Heel of Compliance? Scott Moritz in LinkedIn.  9.     Ted Lasso and corruption. Harry Cassin in the FCPA Blog. 10.  100 bottles of booze on the wall, 100 bottles of booze.  Jeff Kaplan in the Conflict of Interest Blog.    Podcasts and Events 11.  Innovation in Compliance hits its 200th anniversary show. I celebrate with Dan Skolnick from Accuity. Check out the show here. 12.  On The Compliance Life, in August I visit with Kortney Nordrum CCO at Deluxe. In Episode 1, from Red Wing to Israel.  13.  How do the Greek Timoleon and the Roman Aemilius inform compliance leadership today? Find out as Tom and Richard Lummis continue their exploration of Plutarch's Lives in this episode of 12 O'Clock High, a podcast on business leadership. 14.  Compliance Week is having an open house this month as they have dropped their firewall. You can check out the entire publication for no charge. Check it out here.  15.  K2 Integrity's Sepideh Rowland will moderate an ABA Webinar: Managing Compliance Under Pressure, August 17. Register and information here. 16.  The Compliance Handbook, 2nd edition is released. Learn about it here. Purchase it here. 17.Each month Affiliated Monitors, Inc. introduces our readers and listeners to members of our AMI team. This month, in addition to our web Spotlight feature https://lnkd.in/g9aUbMaJ  we recorded a companion podcast with Deann Conroy, who is a Compliance Solutions Manager. She is an experienced attorney, leader, and educator of healthcare legal issues. Please follow the link in the show notes for this month's double shot of our colleague Deanne! https://lnkd.in/gfTdF5mq Tom Fox is the Voice of Compliance and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com. Learn more about your ad choices. Visit megaphone.fm/adchoices