Compliance Pointers

The Delve story has put the spotlight on the quality of auditors assessing #compliance with privacy and cybersecurity frameworks. In this episode of Compliance Pointers, Carol Amick shares how to spot the red flags that your SOC 2 auditor may not be up to par. Click the link in the comments to learn about:🕰️ 💲 Unrealistic price and speed promises🪏 How involved your organization needs to be in the audit🔬 Best practices for vetting auditors🔎 How to vet your vendor’s SOC 2 reports

In a case out of Texas, the Fifth Circuit Court of Appeals held that the TCPA requires only “prior express consent,” not “prior express WRITTEN consent,” for prerecorded calls to wireless numbers. Tony Jarnigan joined Compliance Pointers to break down the ruling and its significance for the telemarketing industry.🧑‍⚖️ The Bradford v Sovereign Pest Control – the case and ruling🧑‍⚖️ Trends in TCPA rulings🧑‍⚖️ How this ruling plays with Texas SB 140🧑‍⚖️ How businesses should proceedLearn more about CompliancePoint's Marketing Compliance Services at https://www.compliancepoint.com/services/marketing-compliance/

As organizations embed AI deeper into their operations, AI governance needs to become more of a priority. How do traditional security frameworks account for AI risks and governance? Brandon Breslin joined Compliance Pointers to explore this issue. Watch the complete episode to learn about: ✅ Why PCI, #SOC 2, HITRUST, and ISO 27001 are beginning to converge around AI ✅ The growing AI accountability gap many organizations face ✅ What auditors are starting to evaluate in AI-enabled environments ✅ Practical first steps for building AI governance Learn about CompliancePoint's AI Risk Management Service here: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/ and our InfoSec Certification services here: https://www.compliancepoint.com/services/information-security/

As of January 1st of this year, there are 19 state data #privacy laws in effect. But when enforcing these laws, what are regulators focusing on? The recent #Disney #CCPA settlement and a report from the Connecticut AG give us some idea. Matt Dumiak joined Compliance Pointers to explore the violations currently in the crosshairs for enforcement, including privacy notices, breach notifications, opt-outs, allowing consumers to exercise their privacy rights, and more. Learn more about CompliancePoint's Data Privacy services at https://www.compliancepoint.com/services/privacy/

Cloud computing has added speed and flexibility to the IT landscape, but it has also added a layer of complexity that creates additional risks of data breaches and other cybersecurity incidents. In this episode of Compliance Pointers, Alec Harrell, breaks down cloud misconfigurations that are creating unnecessary vulnerabilities for organizations. Watch the entire episode to learn: • Common cloud security mistakes, including publicly accessible storage, insufficient logging and monitoring, and weak authentication. • How these misconfigurations jeopardize #compliance with frameworks and regulations like HIPAA, PCI DSS, and ISO. • Best practices for cloud security Learn more about common cloud misconfigurations here: https://www.compliancepoint.com/cyber-security/common-cloud-misconfigurations-and-their-compliance-implications/ Learn more about CompliancePoint's cybersecurity services: https://www.compliancepoint.com/

The #California Invasion of #Privacy Act, better known as #CIPA, is a decades-old law that has renewed relevance today with the prominence of cookies and web trackers. With the number of CIPA demand letters on the rise, Matt Dumiak breaks down what companies can actually do to reduce risk. If your organization runs a website, uses trackers, or relies on digital marketing, don’t miss this episode of Compliance Pointers. Watch the complete episode to learn: 💻 What CIPA really is—and why it’s being applied to website tracking today 💻 Why cookies, pixels, and chat tools are driving a surge in demand letters 💻 How CIPA compares to the #CCPA 💻 Common risk-mitigation strategies and the tradeoffs that come with them 💻 Why consent banners alone aren’t a silver bullet Learn more about CompliancePoint's privacy services at: https://www.compliancepoint.com/services/privacy/ and about our Cookie Management Services at: https://www.compliancepoint.com/services/privacy/cookie-management-services/

AI adoption continues to accelerate. Can organizations’ governance and risk-management efforts keep pace? In this episode of Compliance Pointers, Brandon Breslin explores how AI is changing workforce dynamics, introducing new risks, and why frameworks like ISO 42001 are becoming essential. Watch the entire episode to learn about: ✅ The impact of accelerating AI adoption ✅ Managing AI risks ✅ Using AI to power compliance Strategies ✅ Relevance of ISO 42001 in AI governance Learn more about CompliancePoint's HITRUST certification services at: https://www.compliancepoint.com/services/healthcare/hitrust-certification/ Learn more about our AI Risk Management Services at: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/

Two AI-focused options that can be incorporated into HITRUST validated assessments are now available. How do businesses know which option makes the most sense for them? We get answers in the latest episode of Compliance Pointers. Watch the complete episode to learn: 💡 The nuts and bolts of the #AI Security Assessment and Certification and AI Risk Management Assessment 💡 How the AI options work with HITRUST assessments 💡 How to determine which option is best for you #cybersecurity #artificialintelligence Learn more about CompliancePoint's HITRUST certification services at: https://www.compliancepoint.com/services/healthcare/hitrust-certification/ Learn more about our AI Risk Management Services at: https://www.compliancepoint.com/services/cyber-security/ai-risk-management-services/

Email has long been viewed as a #marketing activity with less #compliance risk, but that may be changing. In this episode of Compliance Pointers, Frank Nolan, a partner at Eversheds Sutherland, explains what’s driving an increase in email compliance litigation. Watch the complete episode to learn:📧 How a California email law creates more risk than CAN-SPAM and is being used to fuel new class action lawsuits📧 How Gmail ads and “converted” emails are becoming a novel litigation target📧 Email mistakes that can land a business in trouble📧 Best practices to reduce risk#EmailMarketing #CANSPAMLearn more about Eversheds Sutherland: https://www.eversheds-sutherland.com/en/united-statesLearn more about Frank: https://www.eversheds-sutherland.com/en/united-states/people/nolan-francisLearn more about CompliancePoint's Marketing Compliance Services at: https://www.compliancepoint.com/services/marketing-compliance/

ISO 42001 is the first global framework for AI management. The framework is designed to help organizations build trust, reduce risk, and align innovation with accountability. But how do you know if it’s a good fit for your organization? Brandon Breslin joined Compliance Pointers to answer that question. Watch the entire episode to learn: • How ISO 42001 compares to other AI security frameworks • The deciding factors when considering ISO 42001 certification • How to get started • Benefits of ISO 42001 certification Learn more about CompliancePoint's ISO 42001 Certification services here: https://www.compliancepoint.com/services/information-security/iso-42001-certification/

CMMC Phase 1 is officially underway. Certified CMMC Professional Chris Abacon joined Compliance Pointers to give his insights on achieving CMMC certification. Listen to the complete episode to learn about: ✅ Why it’s important to conduct a self-assessment, or gap assessment, before a C3PAO assessment ✅ Crafting the right scope ✅ Best practices when preparing for a CMMC assessment Learn more about CompliancePoint's CMMC services here: https://www.compliancepoint.com/services/federal-cybersecurity-compliance/cmmc-certification/

Texas SB 140 has caused quite a stir and some confusion in the telemarketing world. Alexandra Krasovec, an attorney at Manatt who specializes in TCPA and telemarketing cases, joined Compliance Pointers to analyze the risks posed by Texas SB 140 to businesses. Watch the complete episode to learn about: ☎️ The law’s registration requirements and exemptions ☎️ The private right of action ☎️ Other new requirements in the law and the risks they pose Learn more about CompliancePoint Marketing Compliance Services at: https://www.compliancepoint.com/services/marketing-compliance/ Learn more about Manatt here: https://www.manatt.com/

The CCPA will require organizations to audit their cybersecurity, beginning in 2027 for large businesses. The audits must assess how a business protects personal information from unauthorized access, destruction, use, modification, or disclosure. Matt Dumiak joined Compliance Pointers to help organizations understand these new cybersecurity audit requirements. Listen to the complete episode to learn about:✅ CCPA cybersecurity audit requirements✅ The relationship between cybersecurity and privacy✅ Internal vs external audits✅ Components of an audit✅ How to get startedLearn more about CompliancePoint's CCPA Compliance Services here: https://www.compliancepoint.com/services/privacy/ccpa-compliance/Learn more about CompliancePoint's Cybersecurity Risk Assessments here: https://www.compliancepoint.com/services/cyber-security/cyber-risk-assessment/

Elements of the FCC’s consent revocation rules, also known as “Revoke One, Revoke All,” were postponed until April 2026, but now the rule could be in jeopardy altogether. Marketing compliance expert Kevin Mayfield joined Compliance Pointers to provide clarity on the rule. Listen to the complete episode to learn:🛑 What exactly is “Revoke One, Revoke All”🛑 Why the rule could be in jeopardy🛑 Best practices for complianceLearn more about CompliancePoint's Marketing Compliance Services at: https://www.compliancepoint.com/services/marketing-compliance/

We have a unique episode of Compliance Pointers this week. There’s a dangerous misconception circulating among B2B organizations—that the TCPA doesn’t apply to them. This belief can lead to costly mistakes, regulatory scrutiny, and class action lawsuits. Marketing compliance experts Steve Gniadek and Tony Jarnigan teamed up with PossibleNow for a webinar focused on B2B calls and the TCPA. We thought the content would be valuable to Compliance Pointers watchers and listeners, so we’re sharing it today. Listen to the entire podcast/presentation to learn:☎️ Why B2B calls are not immune to TCPA rules☎️ The biggest compliance blind spots for B2B organizations☎️ Practical steps to protect your brand, bottom line, and business from costly violationsLearn more about CompliancePoint's Marketing Compliance Services here: https://www.compliancepoint.com/services/marketing-compliance/Learn more about PossibleNow's products and services here: https://www.possiblenow.com/

How does an organization’s use of AI impact SOC 2 compliance? Mary Beth Marchione, a partner at Wipfli, joined Compliance Pointers to discuss the risks and how AI can help streamline SOC 2 compliance efforts. Watch the complete episode to learn about: ✅ Aligning AI use and SOC 2 requirements ✅ Compliance challenges posed by AI ✅ Leveraging AI for monitoring and compliance ✅ Documenting AI processes for SOC 2 ✅ AI's Role in risk assessment and management Learn more about CompliancePoint's SOC 2 services at: https://www.compliancepoint.com/services/information-security/soc2-compliance/ Learn more about Wipfli at: https://www.wipfli.com/ Learn more about Mary Beth Marchione at: https://www.wipfli.com/about-wipfli/partners-and-associates/mary-beth-marchione

The EU AI Act is widely regarded as one of the most significant #AI laws in the world. But how does it impact your organization? Matt Dumiak joined Compliance Pointers to break down the law. Watch the entire episode to learn: ⚖️ How the #EUAI Act applies to American companies ⚖️ How the law is similar to the #GDPR ⚖️ The different risk tiers ⚖️ What practices the law prohibits ⚖️ The potential penalties Learn more about the EU AI Act here: https://www.compliancepoint.com/privacy/how-the-eu-ai-act-impacts-us-businesses/

How can your business streamline InfoSec audits without sacrificing quality? Brandon Breslin has answers in this episode of Compliance Pointers. Watch the entire episode to learn how to utilize these strategies:🕰️ Centralization and standardization of evidence🕰️ Leveraging AI in audit preparation🕰️Preparing teams for audits🕰️ Adopting a continuous readiness mindset🕰️ Collaboration with auditorsLearn more about CompliancePoint's Information Security Assurance Services at https://www.compliancepoint.com/services/information-security/

Third-party telemarketing vendors making calls on your behalf can expose your business to additional risks. Tony Jarnigan joined Compliance Pointers to share how organizations can be sure their vendors are operating in compliance with the TCPA and other regulations. Watch the complete episode to learn:📞 What is vicarious liability?📞 How to vet a potential partner’s compliance posture📞 What needs included in your vendor contracts📞 How to monitor your third-party for compliance when they're placing calls on your behalfLearn more about CompliancePoint's Marketing Compliance Services at https://www.compliancepoint.com/services/marketing-compliance/

NIST AI RMF was one of the first AI risk management frameworks. Senior Security Consultant Chris Abacon joined Compliance Pointers to give the info you need to get started with the standard. Watch the complete episode to learn: ✅ The NIST AI RMF basics ✅ The characteristics of a trustworthy AI system ✅ The framework’s core functions ✅ How #NIST AI RMF compares to #ISO42001 ✅ Is NIST AI RMF Right for your business? ✅ Implementation stepsLearn more about NIST AI RMF at https://www.compliancepoint.com/regulations/nist-ai-rmf/

Understandably, telemarketers' top compliance focus is on the TCPA and other telemarketing regulations. But state privacy laws like the California Invasion of Privacy Act (CIPA) and the CCPA also create compliance risk. Kara Urbaniak joined Compliance Pointers to explain these risks and how they can be managed. Watch the complete episode to learn:⚖️ How CIPA impacts telemarketers⚖️ What the CCPA and other state privacy laws require⚖️ How to synchronize TCPA and privacy law compliance effortsLearn more about CompliancePoint's Marketing Compliance Services at: https://www.compliancepoint.com/services/marketing-compliance/ Learn more about our Data Privacy Services at: https://www.compliancepoint.com/services/privacy/

Risk assessments are a major component of HIPAA compliance. Sarah Reckling joined Compliance Pointers to help healthcare organizations understand the requirements surrounding both #security and privacy risk assessments. Listen to the entire episode to learn:⚕️ The elements of a HIPAA Security Risk Assessment⚕️ When and how to do a Privacy Risk AssessmentLearn about CompliancePoint's HIPAA compliance services at https://www.compliancepoint.com/services/healthcare/hipaa-compliance/

HITRUST certification can be a daunting task. Learn how one business was able to get successfully certified and recertified. Kelly Stevens, Executive Director of Compliance and MarCom at Compu-Mail LLC, joined Compliance Pointers to share her company’s HITRUST story. Watch the entire episode to learn: • The tools and strategies that worked for Compu-Mail • The challenges they faced during the certification process • Kelly’s advice for organizations seeking certification Learn more about CompliancePoint's HITRUST Certification Services at https://www.compliancepoint.com/services/healthcare/hitrust-certification/ Learn more about Compu-Mail at https://www.compu-mail.com/

As we approach the two-year milestone since ISO 42001 was first published as an International Standard, one question looms large: is the industry keeping pace with the near-constant stream of new GPT model releases? David Forman, CEO of Mastermind, joins Compliance Pointers to take stock of ISO42001 adoption and reveal emerging trends fueled by the growing spotlight on AI governance.Watch this episode to learn:Current stats for ISO 42001 certificate issuancesPitfalls when conducting AI system impact assessmentsRisks associated with model hallucinationsShared responsibility model between AI producers and AI providersLearn more about Mastermind at: https://mastermindassurance.com/ Learn more about CompliancePoint's ISO 42001 certification services at https://www.compliancepoint.com/services/information-security/iso-42001-certification/

Texas SB 140 takes effect on September 1st, bringing significant risks to businesses making calls into Texas. Kevin Mayfield joined Compliance Pointers to break down why the changes create more risk for telemarketing organizations and how they can mitigate that risk. Watch the entire episode to learn: 📱 What’s in Texas SB 140 📱 Enforcement Changes and Private Right of Action 📱 Telemarketer Registration and Exemptions in Texas 📱 Recommendations for Compliance in Texas Learn more about CompliancePoint's Marketing Compliance Services at https://www.compliancepoint.com/services/marketing-compliance/

In the McLaughlin case, SCOTUS ruled that federal district courts are not bound to follow FCC interpretations of the #TCPA in private lawsuits. Tony Jarnigan joined Compliance Pointers to explain the impact the case has already had and how it could change the telemarketing litigation landscape in the future. Watch the complete episode to learn:👨‍⚖️ Details of the McLaughlin ruling👨‍⚖️ Conflicting text messaging rulings at the district court level👨‍⚖️ Other FCC interpretations that could be questioned👨‍⚖️ Compliance strategies for the evolving landscapeLearn more about CompliancePoint's Marketing Compliance Services here: https://www.compliancepoint.com/services/marketing-compliance/

Being issued a new ISO certificate is certainly a milestone, but it's just the beginning. When applied correctly, implementing standards like ISO 27001, ISO 27701, and ISO 42001 should influence overall business operations, like regular KPI reporting, too. David Forman, CEO at Mastermind, joined Compliance Pointers to explain how some of his team’s clients get the most value from their management systems. Topics from this episode:· How to leverage ISO as a catalyst for business innovation· How building a management system extends beyond creating a few controls· Real proof points of certified clients that have taken ISO certificates to the next level· Status update on the upcoming major revision to ISO 27701Learn more about Mastermind at: https://mastermindassurance.com/CompliancePoint offers many ISO certification services, visit the following web pages to learn more:https://www.compliancepoint.com/services/information-security/iso-27001-certification/https://www.compliancepoint.com/services/information-security/iso-27701-certification/https://www.compliancepoint.com/services/information-security/iso-42001-certification/

Many businesses are using GRC tools to prepare for audits and improve the overall efficiency of their compliance programs. Brandon Breslin joined Compliance Pointers to explain how organizations can identify the best tool for them and maximize its value. Watch the entire episode to learn about: 🔧 Considerations when selecting a GRC tool 🔧 Benefits of leveraging GRC tools 🔧 Effective implementation 🔧 #AI in GRC tools Learn more about CompliancePoint's Cybersecurity services here: https://www.compliancepoint.com/services/cyber-security/ Learn more about our InfoSec Certification services here: https://www.compliancepoint.com/services/information-security/

Penetration testing is an important element of a cybersecurity program. Pen testing is also a compliance requirement for standards like HIPAA, PCI, and FISMA. There are some common mistakes businesses make that can hurt the efficiency and effectiveness of a test. We break down these mistakes on the latest episode of Compliance Pointers. Click the link in the comments to see the entire episode and learn about: 💻Defining the scope 💻Tools and techniques in #pentesting 💻Testing environments 💻Phishing and Social Engineering 💻Post-test remediation and documentation challenges Learn more about CompliancePoint's Penetration Testing Services at https://www.compliancepoint.com/services/cyber-security/penetration-testing/

What are the most important items to look for when reading a SOC 2 report? Carol Amick joined Compliance Pointers to answer that question. Watch the entire episode and learn about:📃 The key components - management's assertion, controls, and exceptions📃 Analyzing the controls📃 Understanding exceptions📃 Verifying the quality of the reportLearn more about CompliancePoint's SOC 2 services at: https://www.compliancepoint.com/services/information-security/soc2-compliance/

Michael Young, a partner at Morris, Manning, and Martin, who focuses on the intersection of data, tech, privacy, and cybersecurity, joined Compliance Pointers to break down AI laws that are in effect at the state level. Watch the complete episode to learn about: ⚖️ Existing state laws and their requirements ⚖️ The risks those laws create for businesses implementing #artificialintelligence into products and services ⚖️ First steps businesses can take for compliance Learn more about Michael Young here: https://www.mmmlaw.com/people/michael-young/ and Morris, Manning & Martin here: https://www.mmmlaw.com/ Learn more about CompliancePoint's data privacy and cybersecurity services at https://www.compliancepoint.com/

The number of TCPA lawsuits continues to increase in 2025. Alexandra Krasovec, Partner at Manatt, Phelps & Phillips, LLP, who specializes in TCPA cases, joined Compliance Pointers to give us an insider look at what’s currently driving these cases. Watch the entire episode to hear Alex’s take on: ⚖️ The most common violations plaintiffs are leveraging for suits ⚖️ Identifying and managing the risks your third-party vendors can create ⚖️ The importance of internal #DoNotCall lists ⚖️ #Telemarketing best practices for mitigating lawsuit risks ⚖️ How to respond when facing a lawsuit ⚖️ How the McLaughlin #SCOTUS ruling could impact the TCPALearn more about CompliancePoint's TCPA Compliance Services here: https://www.compliancepoint.com/services/marketing-compliance/tcpa-compliance/ Learn more about Alex (https://www.manatt.com/alexandra-n-krasovec) and Manatt's services: https://www.manatt.com/

Where do organizations with HITRUST certification plans begin? We answer that question in this episode of Compliance Pointers. Listen to the entire episode to learn more about:✅ Choosing the Right HITRUST Certification✅ The Role of a HITRUST Auditor✅ Selecting the Right Audit Partner✅ Preparing for Your HITRUST AssessmentLearn more about CompliancePoint's HITRUST certification services at: https://www.compliancepoint.com/services/healthcare/hitrust-certification/

Cookie functionality is a key to GDRR, CCPA, and other state privacy law #compliance. Proper cookie configuration can be technically challenging. Michael Nadeau joined Compliance Pointers to share his cookie expertise. Listen to the entire episode to learn more about:🍪 Cookie requirements for privacy law compliance🍪 The most common implementation challenges🍪 Opt-in vs opt-out environments🍪 Cookie management best practicesLearn more about CompliancePoint's Cookie Management Services here: https://www.compliancepoint.com/services/privacy/cookie-management-services/

For organizations working towards SOC 2 compliance for the first time, the journey can seem daunting. Carol Amick joined Compliance Pointers to break down the SOC 2 essentials. Watch the entire episode to learn about:☑️ Defining a scope☑️ The AICPA Trust Service Principles☑️ Combining SOC 2 with other infosec frameworks☑️ Designing controls☑️ What happens if you can't demonstrate compliance with the controls☑️ The impact of exceptions on your SOC 2 reportLearn more about CompliancePoint's SOC 2 services at: https://www.compliancepoint.com/services/information-security/soc2-compliance/

CANSPAM and state email laws are an often-overlooked aspect of marketing compliance. A recent ruling against Old Navy in the Washington State Supreme Court shows there are risks to violating email laws. Tony Jarnigan joined Compliance Pointers to break down email regulations and best practices. Watch to learn about:📧 The relationship between CAN-SPAM and state email laws📧 The Old Navy case & misleading subject lines📧 State laws and the private right of action📧 Best practices for email complianceLearn more about CompliancePoint's marketing compliance services at: https://www.compliancepoint.com/services/marketing-compliance/

Two CCPA enforcements have been issued recently. Both fines largely stemmed from #privacy and consent functionality on the company’s websites. Matt Dumiak joined Compliance Pointers to discuss the lessons everyone can learn from these penalties. Listen to the entire episode to learn about:💻 The Honda violations💻 Third-party privacy management software risks💻 The mistakes made regarding deletion requests, identity verification, and authorized agents💻 Todd Snyder's opt-out violations💻 The importance of monitoring your privacy functionsLearn more about Compliance Point's Privacy Services at: https://www.compliancepoint.com/services/privacy/

As the adoption of #AI continues to expand rapidly, ISO 42001 certification will become more valuable for businesses. In this episode of Compliance Pointers, Brandon Breslin explains how organizations can leverage their existing ISO 27001 certification to accelerate their ISO 42001 compliance efforts. Watch the complete episode to learn:The overlaps in 27001 and 42001 complianceArtificial Intelligence governance and policy considerationsNew tasks required for ISO 42001First steps for achieving ISO 42001 certification with and without an existing ISO 27001 certificationLearn more about CompliancePoint's ISO42001 services: https://www.compliancepoint.com/services/information-security/iso-42001-certification/ Learn more about our ISO 27001 services: https://www.compliancepoint.com/services/information-security/iso-27001-certification/

In this episode of Compliance Pointers, Senior Marketing Compliance Consultant Megan Rose breaks down the impact of recent rulings regarding the FCC’s One-to-one Consent and Consent Revocation rules. She also explores the spike in TCPA lawsuits stemming from calling times violations.Learn more about CompliancePoint's Marketing Compliance services at: https://www.compliancepoint.com/services/marketing-compliance/

Healthcare organizations have specific cybersecurity needs and challenges alongside their obligations to comply with laws like HIPAA. Security Consultant Alec Harrell joined Compliance Pointers to share how organizations can align their cybersecurity controls with their healthcare compliance needs. Listen to the entire episode to learn: 🏥 Why cybersecurity can be extra challenging for healthcare organizations 🏥 Is complying with the HIPAA Security Rule doing enough? 🏥 Security frameworks that make sense for the healthcare sector Learn more about CompliancePoint's cybersecurity services here: https://www.compliancepoint.com/services/cyber-security/ Learn more about CompliancePoint's healthcare services at: https://www.compliancepoint.com/services/healthcare/

HHS has undergone significant changes under the Trump Administration and Secretary Kennedy. Sarah Reckling joined Compliance Pointers to give her perspective on:⚕️ How HHS has changed⚕️ The impact on HIPAA investigations⚕️ Security rule status⚕️ How healthcare organizations should account for the changesLearn more about CompliancePoint's healthcare and HIPAA services at https://www.compliancepoint.com/services/healthcare/hipaa-compliance/

Medical devices can increase the risk of cyberattacks and data breaches involving PHI for healthcare organizations. Carol Amick, Director of Healthcare Services, joins Compliance Pointers to help organizations better understand: ⚕️ The types of devices that create risk ⚕️ Why those devices create risk ⚕️ How to mitigate risks ⚕️ Incident response and device management strategiesLearn more about CompliancePoint's healthcare services at https://www.compliancepoint.com/services/healthcare/

Fresh on the heels of the PCI Security Standards Council releasing guidance on integrating #AI into PCI assessments, Brandon Breslin joins Compliance Pointers to discuss how organizations with PCI goals can leverage AI. Listen to the complete episode and hear Brandon’s perspective on:💳 Benefits and risks of AI in PCI assessments💳 Addressing data sensitivity and accuracy concerns💳 Creating an AI planLearn about CompliancePoint's PCI services at https://www.compliancepoint.com/services/information-security/pci-dss-certification/

Milou Meier, Founder of Compliance Counsel, is this week’s guest on Compliance Pointers. She gives her thoughts on how the new administration’s emphasis on deregulation will impact businesses’ cybersecurity efforts. Listen to the complete episode to hear Milou’s perspective on:🔒 How the cybersecurity landscape is changing🔒 Where businesses can turn for guidance🔒 Regulation expectations at the state level🔒 Strategies for uncertain timesLearn more about Compliance Counsel at https://www.compliancecounsel.com/Learn more about CompliancePoint's cybersecurity services at https://www.compliancepoint.com/services/cyber-security/

Clark Haynes, Head of IT at Modere, brings his 30 years of technology experience to Compliance Pointers. In this episode, Clark shares what he’s learned about:• Building a culture of security and privacy• Leveraging NIST• Providing employees with the right #cybersecurity training• Using AI and managing its risksLearn more about Modere at https://www.modere.com/Learn more about CompliancePoint's cybersecurity and privacy services at https://www.compliancepoint.com/

Darlene Geller-Stoff, VP of Litigation Support Services at CompliancePoint, brings her 30 years of experience to Compliance Pointers. Listen to the entire episode to learn about the trends she is seeing in TCPA and Telemarketing litigation, including:☎️ What’s behind a spike in reassigned numbers cases☎️ How businesses can defend themselves from these cases☎️ Other litigation trends, including a drop in #ATDS cases

In a special episode of Compliance Pointers, Jordan chats with Tamara Lauterbach, Cybersecurity Manager at Guthrie about her journey through the cyber industry, common challenges she’s encountered, and strategies to overcome those challenges. Watch or listen to the complete episode to hear what Tamara has learned in her career about:• Building a culture of security• Pursuing #HITRUST• The importance of company-wide communication• The cybersecurity challenges #healthcare organizations are facingLearn about CompliancePoint's cybersecurity services here: https://www.compliancepoint.com/services/cyber-security/

What should your privacy program be focused on in 2025? Matt Dumiak shares his top privacy priorities for regulatory compliance, operations, and risk mitigation in the latest episode of Compliance Pointers? Listen or watch to learn what your organization should be doing about:Data Privacy Impact AssessmentsAdTechSafeguarding Protected Health Information Children’s data and #COPPA complianceWebsite privacy functionality, including cookiesLearn more about CompliancePoint's suite of privacy services at https://www.compliancepoint.com/services/privacy/

ISO expert David Forman, Founder at Mastermind, joins us for another episode of Compliance Pointers. David explains what organizations should look for when searching for a readiness partner. Watch or listen to the entire episode to uncover:🔎 Qualities to prioritize when evaluating readiness partners🔎 When it makes sense to outsource your internal audit🔎 Red flags associated with inexperienced advisory teamsLearn more about Mastermind here: https://mastermindassurance.com/Learn more about CompliancePoint's ISO and other InfoSec certification services here: https://www.compliancepoint.com/services/information-security/

CompliancePoint Exchange, a new event dedicated to marketing compliance and data privacy, is happening March 11-12 in Orlando. Matt Cagle joined Compliance Pointers to give an in-depth look at CPX, including info on the scheduled sessions, presenters, and some fun events planned. Learn more about CPX and register here: https://www.compliancepoint.com/cpx/