CompliancePoint

Compliance Pointers

Business EN ↓ 99 episodes

An in-depth look into the latest news, trends, and challenges surrounding information security, privacy, and marketing compliance. Visit CompliancePoint.com to learn more about our suite of risk management and compliance services.

Author

CompliancePoint

Category

Business

Podcast website

rss.com

Latest episode

Apr 8, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

SOC 2 Auditor Red Flags 08.04.2026

The Delve story has put the spotlight on the quality of auditors assessing #compliance with privacy and cybersecurity frameworks. In this episode of Compliance Pointers, Carol Amick shares how to spot the red flags that your SOC 2 auditor may not be up to par. Click the link in the comments to learn about: 🕰️ 💲 Unrealistic price and speed promises 🪏 How involved your organization needs to be in...

Analyzing the Written Consent Ruling 25.03.2026

In a case out of Texas, the Fifth Circuit Court of Appeals held that the TCPA requires only “prior express consent,” not “prior express WRITTEN consent,” for prerecorded calls to wireless numbers. Tony Jarnigan joined Compliance Pointers to break down the ruling and its significance for the telemarketing industry. 🧑‍⚖️ The Bradford v Sovereign Pest Control – the case and ruling 🧑‍⚖️ Trends in TC...

The Intersection of AI Governance and Traditional Security Frameworks 18.03.2026

As organizations embed AI deeper into their operations, AI governance needs to become more of a priority. How do traditional security frameworks account for AI risks and governance? Brandon Breslin joined Compliance Pointers to explore this issue. Watch the complete episode to learn about: ✅ Why PCI, #SOC 2, HITRUST, and ISO 27001 are beginning to converge around AI ✅ The growing AI accountabili...

State Privacy Laws - What Regulators are Looking For 25.02.2026

As of January 1st of this year, there are 19 state data #privacy laws in effect. But when enforcing these laws, what are regulators focusing on? The recent #Disney #CCPA settlement and a report from the Connecticut AG give us some idea. Matt Dumiak joined Compliance Pointers to explore the violations currently in the crosshairs for enforcement, including privacy notices, breach notifications, opt-...

Cloud Security and Compliance Best Practices 18.02.2026

Cloud computing has added speed and flexibility to the IT landscape, but it has also added a layer of complexity that creates additional risks of data breaches and other cybersecurity incidents. In this episode of Compliance Pointers, Alec Harrell, breaks down cloud misconfigurations that are creating unnecessary vulnerabilities for organizations. Watch the entire episode to learn: • Common cloud...

The California Invasion of Privacy Act - Managing CIPA Risks 11.02.2026

The #California Invasion of #Privacy Act, better known as #CIPA, is a decades-old law that has renewed relevance today with the prominence of cookies and web trackers. With the number of CIPA demand letters on the rise, Matt Dumiak breaks down what companies can actually do to reduce risk. If your organization runs a website, uses trackers, or relies on digital marketing, don’t miss this episode o...

AI Risk Management That Scales with Adoption 04.02.2026

AI adoption continues to accelerate. Can organizations’ governance and risk-management efforts keep pace? In this episode of Compliance Pointers, Brandon Breslin explores how AI is changing workforce dynamics, introducing new risks, and why frameworks like ISO 42001 are becoming essential. Watch the entire episode to learn about: ✅ The impact of accelerating AI adoption ✅ Managing AI risks ✅ Us...

The HITRUST AI Options 28.01.2026

Two AI-focused options that can be incorporated into HITRUST validated assessments are now available. How do businesses know which option makes the most sense for them? We get answers in the latest episode of Compliance Pointers. Watch the complete episode to learn: 💡 The nuts and bolts of the #AI Security Assessment and Certification and AI Risk Management Assessment 💡 How the AI options work w...

Ask an Attorney: What's Driving Email Compliance Litigation 21.01.2026

Email has long been viewed as a #marketing activity with less #compliance risk, but that may be changing. In this episode of Compliance Pointers, Frank Nolan, a partner at Eversheds Sutherland, explains what’s driving an increase in email compliance litigation. Watch the complete episode to learn: 📧 How a California email law creates more risk than CAN-SPAM and is being used to fuel new class act...

Is ISO 42001 Right for Your Business? 17.12.2025

ISO 42001 is the first global framework for AI management. The framework is designed to help organizations build trust, reduce risk, and align innovation with accountability. But how do you know if it’s a good fit for your organization? Brandon Breslin joined Compliance Pointers to answer that question. Watch the entire episode to learn: • How ISO 42001 compares to other AI security frameworks • T...

CMMC Scoping and Self Assessments 10.12.2025

CMMC Phase 1 is officially underway. Certified CMMC Professional Chris Abacon joined Compliance Pointers to give his insights on achieving CMMC certification. Listen to the complete episode to learn about: ✅ Why it’s important to conduct a self-assessment, or gap assessment, before a C3PAO assessment ✅ Crafting the right scope ✅ Best practices when preparing for a CMMC assessment Learn more abo...

Ask an Attorney: Analyzing Texas SB 140 Risks 03.12.2025

Texas SB 140 has caused quite a stir and some confusion in the telemarketing world. Alexandra Krasovec, an attorney at Manatt who specializes in TCPA and telemarketing cases, joined Compliance Pointers to analyze the risks posed by Texas SB 140 to businesses. Watch the complete episode to learn about: ☎️ The law’s registration requirements and exemptions ☎️ The private right of action ☎️ Other new...

CCPA Cybersecurity Audits 19.11.2025

The CCPA will require organizations to audit their cybersecurity, beginning in 2027 for large businesses. The audits must assess how a business protects personal information from unauthorized access, destruction, use, modification, or disclosure. Matt Dumiak joined Compliance Pointers to help organizations understand these new cybersecurity audit requirements. Listen to the complete episode to lea...

Where do Consent Revocation Rules Stand? 12.11.2025

Elements of the FCC’s consent revocation rules, also known as “Revoke One, Revoke All,” were postponed until April 2026, but now the rule could be in jeopardy altogether. Marketing compliance expert Kevin Mayfield joined Compliance Pointers to provide clarity on the rule. Listen to the complete episode to learn: 🛑 What exactly is “Revoke One, Revoke All” 🛑 Why the rule could be in jeopardy 🛑 Be...

B2B Marketing and the TCPA 05.11.2025

We have a unique episode of Compliance Pointers this week. There’s a dangerous misconception circulating among B2B organizations—that the TCPA doesn’t apply to them. This belief can lead to costly mistakes, regulatory scrutiny, and class action lawsuits. Marketing compliance experts Steve Gniadek and Tony Jarnigan teamed up with PossibleNow for a webinar focused on B2B calls and the TCPA. We thoug...

AI and SOC 2 Compliance 29.10.2025

How does an organization’s use of AI impact SOC 2 compliance? Mary Beth Marchione, a partner at Wipfli, joined Compliance Pointers to discuss the risks and how AI can help streamline SOC 2 compliance efforts. Watch the complete episode to learn about: ✅ Aligning AI use and SOC 2 requirements ✅ Compliance challenges posed by AI ✅ Leveraging AI for monitoring and compliance ✅ Documenting AI proc...

What is the EU AI Act? 22.10.2025

The EU AI Act is widely regarded as one of the most significant #AI laws in the world. But how does it impact your organization? Matt Dumiak joined Compliance Pointers to break down the law. Watch the entire episode to learn: ⚖️ How the #EUAI Act applies to American companies ⚖️ How the law is similar to the #GDPR ⚖️ The different risk tiers ⚖️ What practices the law prohibits ⚖️ The potential pen...

How to Complete InfoSec Audits Faster 15.10.2025

How can your business streamline InfoSec audits without sacrificing quality? Brandon Breslin has answers in this episode of Compliance Pointers. Watch the entire episode to learn how to utilize these strategies: 🕰️ Centralization and standardization of evidence 🕰️ Leveraging AI in audit preparation 🕰️Preparing teams for audits 🕰️ Adopting a continuous readiness mindset 🕰️ Collaboration with audito...

Managing Telemarketing Partner Risks 08.10.2025

Third-party telemarketing vendors making calls on your behalf can expose your business to additional risks. Tony Jarnigan joined Compliance Pointers to share how organizations can be sure their vendors are operating in compliance with the TCPA and other regulations. Watch the complete episode to learn: 📞 What is vicarious liability? 📞 How to vet a potential partner’s compliance posture 📞 What n...

S3 E37: Getting to Know NIST AI RMF 01.10.2025

NIST AI RMF was one of the first AI risk management frameworks. Senior Security Consultant Chris Abacon joined Compliance Pointers to give the info you need to get started with the standard. Watch the complete episode to learn: ✅ The NIST AI RMF basics ✅ The characteristics of a trustworthy AI system ✅ The framework’s core functions ✅ How #NIST AI RMF compares to #ISO42001 ✅ Is NIST AI RMF Ri...

S3 E36 How State Privacy Laws Impact Telemarketing 24.09.2025

Understandably, telemarketers' top compliance focus is on the TCPA and other telemarketing regulations. But state privacy laws like the California Invasion of Privacy Act (CIPA) and the CCPA also create compliance risk. Kara Urbaniak joined Compliance Pointers to explain these risks and how they can be managed. Watch the complete episode to learn: ⚖️ How CIPA impacts telemarketers ⚖️ What the CCPA...

S3 E35: HIPAA Risk Assessments 17.09.2025

Risk assessments are a major component of HIPAA compliance. Sarah Reckling joined Compliance Pointers to help healthcare organizations understand the requirements surrounding both #security and privacy risk assessments. Listen to the entire episode to learn: ⚕️ The elements of a HIPAA Security Risk Assessment ⚕️ When and how to do a Privacy Risk Assessment Learn about CompliancePoint's HIPAA compl...

S3 E34: A HITRUST Certification Story 10.09.2025

HITRUST certification can be a daunting task. Learn how one business was able to get successfully certified and recertified. Kelly Stevens, Executive Director of Compliance and MarCom at Compu-Mail LLC, joined Compliance Pointers to share her company’s HITRUST story. Watch the entire episode to learn: • The tools and strategies that worked for Compu-Mail • The challenges they faced during the cert...

S3 E33: How ISO 42001 Fits Into the Current AI Landscape 03.09.2025

As we approach the two-year milestone since ISO 42001 was first published as an International Standard, one question looms large: is the industry keeping pace with the near-constant stream of new GPT model releases? David Forman, CEO of Mastermind, joins Compliance Pointers to take stock of ISO42001 adoption and reveal emerging trends fueled by the growing spotlight on AI governance. Watch this ep...

S3 E32: Telemarketing in Texas Just Got Riskier 27.08.2025

Texas SB 140 takes effect on September 1st, bringing significant risks to businesses making calls into Texas. Kevin Mayfield joined Compliance Pointers to break down why the changes create more risk for telemarketing organizations and how they can mitigate that risk. Watch the entire episode to learn: 📱 What’s in Texas SB 140 📱 Enforcement Changes and Private Right of Action 📱 Telemarketer Regi...

Listen to the Compliance Pointers podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.