Who Let the Dogs Out? ETHIX360's Top 3 Predictions for GRC in 2023
I suppose this won’t be the first set of predictions you’ll read on the state of the risk and compliance market for 2023, nor the last. At ETHIX360 we try to identify a few different trends: one that should have already happened, one that people think has happened but hasn’t, and one that delivers a piece of tomorrow into our world today. If not today, at least one day in 2023!
Clear Policy Management Is Your Compliance Program's Best Defense
Some may say the purpose of an investigation is to uncover the truth, and that’s true, but what’s the process or business focus? Really very simple: Did the behavior alleged rise to be a violation of a published policy? Although the question is direct and succinct on the surface, there’s a lot to unpack there.
2022 Voting Leave Notices Are Essential for Upholding Employee Rights
Several jurisdictions require that a notice about employees’ voting rights be posted in a conspicuous location in the workplace. Employees who work from home or don’t report to the workplace regularly should be provided with these notices electronically.
How to Defend Your Company Against a Discrimination or Harassment Lawsuit
Risk management is fundamental to every organization, and those risks can come from anywhere. Environmental disasters, security breaches, third-party vendors, you name it. But one of the most dangerous risks to a company comes from the inside in the form of a wayward employee.
False COVID-19 Medical Advice: Is the Doctor or the Hospital at Fault?
It's important not to make a judgement on how you personally feel about pandemic-related guidance. Instead, consider what obligation an institution has or does not have to manage the guidance. And what happens if they choose to take a blind eye towards it?
The CROWN Act: Inclusive Dress Codes Encourage Workplace Diversity
If your company is in a state where the CROWN Act has already been passed, you need to seriously review your dress code and ensure that hair discrimination will not slide. You may want to consider it even if it isn’t yet law in your state because the fight against hair discrimination is gaining momentum federally and may become your reality soon.
ETHIX360 Receives Clean SOC 2 Type II Audit Report
We are excited to announce that ETHIX360 has successfully completed a System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba San Filippo, LLP (SSF).
How to Improve Your Corporate Compliance Program With the Help of the Department of Justice
Periodically, the US Department of Justice Criminal Division updates and releases guidelines for prosecutors for the evaluation of corporate compliance programs. Increasingly, the lines are blurred around liability between the bad actor who caused the incident, the permissive environment that allowed it to go previously undetected, and the company.
It's Time to Admit That Data Privacy Legislation Is a Disaster
The tech giants who abuse the privacy rights of individuals still do and still will. Meanwhile, the many businesses who were already protective of their data now have to spend a fortune and dilute their focus to comply with legislation that in large part does nothing except help a few politicians pound on their chest.
4 Things to Consider When Authoring Your Data Privacy Policy
While compliance professionals are allowed to rip off mattress tags and ignore email disclaimers, we actually have to author and enforce data privacy notices. Almost every application and website under the sun uses the words "I accept the privacy policy" somewhere. Even with that checkbox, the added complexity of GDPR, CCPA, and other similar laws might trump your policy anyway.
Steps to Take Before Investing in an Expensive ESG System
Implementing well-designed policies regarding these issues, informing employees, and utilizing an internal reporting tool are all ways to set your company up for ESG success.
Podcast: From a Feature-Based to a Problem-Based Website
In this episode of the Pathmonk Presents podcast, CEO J Rollins sheds light on ETHIX360’s journey from a feature-focused startup to a problem-focused company.
A Markovian Approach to Risk Management
In the past few years, we have all heard more than once that we need to “trust the science.” When it comes to risk in this context, the science is what is referred to as a Markov Chain, or Markovian Process.
The SEC, Jordan Thomas, and Compensating Whistleblowers
The possibility of being blacklisted by employers and other overt forms of retaliation discouraged whistleblowers from reporting wrongdoings for many years. Turns out, $562 million dollars is a strong incentive for people to come forward.
Data Breach Decisions: A Turning of The Tide
Compensation claims for data breaches have become increasingly common in the UK in recent years. This alert from our friends at Crowell & Moring looks at a few such decisions and their potential consequences.
When Dinosaurs Wore Suits
Those who believe sexual harassment is acceptable, a.k.a. dinosaurs in suits, aren’t extinct. But it’s a new day now, and every business has a moral obligation to maintain a harassment-free workplace.
The EU Whistleblower Directive - a View from 15,000 Feet
In 2019, the European Union Council of Ministers adopted what would become known as the EU Whistleblower Directive, or commonly called the WB Directive. The Directive was put in place specifically to protect whistleblowers from retaliation and encourage the reporting of violations of Union law by driving common standards.
Culture vs Compliance: Just Another Chicken and Egg Story?
This blog post brought me back to a philosophy class debate in college – what came first, the chicken or the egg? I don’t even remember all these years later which side of the debate I was assigned to! I suppose if we had the same debate in a science class as opposed to a philosophy class, the outcome might have been that eggs most certainly came before chickens, but chicken eggs did not. Regardless, at the end of the…
Let Your CIO Worry About the IoT, You Worry About the IoB
For years we’ve all heard about the Internet of Things – the connectivity of all sorts of devices via the web through combinations of Wi-Fi and Bluetooth. The IoT is what lets your refrigerator decide when you are low on milk, place an e-commerce order for groceries automatically, and have the milk delivered at your house before you even realized…
A Culture of Compliance
The simplest definition of compliance is “following a rule or order.” In fact, Merriam-Webster defines compliance as “the act or process of doing what you have been asked or ordered to do.” For a word that can invoke complexity, if properly instituted, a culture of compliance can help you move compliance from daunting to deliberate. At ETHIX360, we aim to…