CompliancePoint

Compliance Pointers

Business EN ↓ 99 episodes

An in-depth look into the latest news, trends, and challenges surrounding information security, privacy, and marketing compliance. Visit CompliancePoint.com to learn more about our suite of risk management and compliance services.

Author

CompliancePoint

Category

Business

Podcast website

rss.com

Latest episode

Apr 8, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

S2 E18: Change Healthcare - The Impact and the Lessons Learned 15.05.2024

The Change Healthcare cyberattack has had a huge ripple effect across the healthcare industry. The director of CompliancePoint’s Healthcare Services joins the podcast to explore: · What went wrong · The lessons we can learn · The keys to an effective response plan · How organizations can handle the expected increase in security scrutiny · How to stay current with new and emerging threats To learn...

S2 E17: Where you Should be in the Transition to PCI DSS v4.0 08.05.2024

With the retirement of PCI DSS v3.2.1 now official, how far along does your organization need to be in the transition to v4.0? In this episode of Compliance Pointers two PCI experts will help make sure you’re on the correct path. Take a listen to learn: 💳 Where we are in the transition timeline 💳 How challenging the transition has been 💳 The new controls 💳 What you should be doing to prepare f...

S2 E16: Building an Effective Cybersecurity Training Program 01.05.2024

Human error can be the biggest threat to your organization's cybersecurity. This is why security awareness training is a valuable investment. In this episode of Compliance Pointers, we explore what it takes to implement an effective training program. Give it a listen to learn about: 🎓 The core components of a training program 🎓 How to monitor the effectiveness of your training 🎓 Innovative appr...

S2 E15: Breaking Down the American Privacy Rights Act 24.04.2024

In this episode of Compliance Pointers we explore the new federal privacy bill, the American Privacy Rights Act Listen for a breakdown of: Business requirements How it would work with existing state laws Enforcement bodies and the private right of action The impact on your existing privacy program We also touch on the new laws at the state level and CompliancePoint Exchange 24 , an event in Octobe...

S2 E14: Telemarketing Regulations Update Spring 2024 10.04.2024

The regulatory environment for telemarketing and direct marketing is always changing. Recent rule changes and bills have or could potentially impact the TCPA and TSR. Take a listen to learn about: The Do Not Disturb Act Changes to record-keeping requirements Updated B2B call rules To learn more about CompliancePoint's suite of privacy, security, and marketing compliance services at www.compliancep...

S2 E13: The Essentials of Penetration Testing Part 2 27.03.2024

This week’s episode of Compliance Pointers is the conclusion of our penetration testing conversation. In part 2 we explore: · Creating a scope · The rules of engagement · What to expect in your report Learn more about CompliancePoint's penetration testing services at https://www.compliancepoint.com/services/cyber-security/penetration-testing/ Learn more about our full suite of security, privacy, a...

S2 E12: The Essentials of Penetration Testing Part 1 20.03.2024

In this episode of Compliance Pointers, we focus on penetration testing. A pen tester with more than 10 years of experience covers: What pen testing is and why it's key to a successful cybersecurity program What areas need to be tested The qualifications to look for in a tester Learn more about CompliancePoint's penetration testing services at https://www.compliancepoint.com/services/cyber-securit...

S2 E11: Reducing the Risk of Internal Threats in Healthcare 13.03.2024

This episode of Compliance Pointers explores how healthcare organizations can better defend against internal security threats. Take a listen to learn: 🏥 Policies and procedures to implement 🏥 How to monitor for inappropriate access to PHI 🏥 The keys to effective employee #security training Learn more about our suite of healthcare services here: https://www.compliancepoint.com/

S2 E10: Why You Need to do Calling Data Audits 06.03.2024

In this episode of Compliance Pointers, we explore calling data audits. These audits are a powerful tool for telemarketers, but many organizations are unaware of their benefits. Listen to learn: ·       What calling data audits are ·       How they can account for legal requirements and business rules   ·    &nbsp...

S2 E9: The Impact of AI on Privacy Regulations and Compliance 28.02.2024

In this episode of Compliance Pointers, we explore the impact of artificial intelligence on privacy regulations and compliance as its use continues to expand. Topics covered include: Early regulatory actions How state laws are handling AI Common privacy-related challenges stemming from the use of AI Actions organizations can take to make compliance now and in the future easier Learn more about Com...

S2 E8: Getting to Know PCI 3DS 21.02.2024

In this episode of Compliance Pointers, we explore PCI 3DS a framework that provides security protections for online card transactions. Two 3DS QSAs give you information about: 💳 What PCI 3DS is 💳 If it applies to your organization 💳 The benefits of 3DS certification 💳 The major security requirements 💳 The validation process 💳 The relationship between PCI DSS and 3DS Learn more about PCI 3DS...

S2 E7: Achieving Compliance with NIST 800-171 Part 2 14.02.2024

In this episode of Compliance Pointers, we conclude our conversation about NIST 800-171, which is the framework that serves as the foundation of CMMC certification. Two cybersecurity experts with military backgrounds provide in-depth information on: ·       How to measure your existing security program against NIST requirements ·       Ho...

S2 E6: Achieving NIST 800-171 Compliance Part 1 07.02.2024

This episode of Compliance Pointers is part 1 of a deep dive into NIST 800-171, which is the framework that serves as the foundation of CMMC certification. Two cybersecurity experts with military backgrounds provide in-depth information on: ·       The contract language, specifically FAR and DFAR ·       The security controls and assessme...

S2 E5: The Value of Risk Assessments in Healthcare 31.01.2024

In this episode, we dive into healthcare risk assessments. You will learn about: Why healthcare organizations need to conduct assessments Frameworks to use a guide The importance beyond regulatory compliance How to get started Remediation steps after the assessment Learn about our risk assessment services here . To learn about all of our security, privacy, and compliance services, visit compliance...

S2 E4: Understanding Your Privacy Notice Obligations 24.01.2024

In this episode of Compliance Pointers, we explore privacy notices. Privacy expert Matt Dumiak provides an in-depth analysis of: Common requirements for privacy notices How requirements vary from state to state, and in Europe Common challenges organizations face when creating notices Strategies to make privacy notices easier Learn more about how we can help your organization overcome its privacy c...

S2 E3: The Impact of the FCC's New Lead Generation Rules 17.01.2024

The FCC has adopted new rules for lead generation. In this episode, marketing compliance professionals break down the new requirements, how they will impact organizations that generate and sell leads, and the impact on organizations that purchase leads. You can learn about the new rules here . Explore our suite of security, privacy, and compliance services at compliancepoint.com .

S2 E2: The Major Changes in PCI DSS v.40 10.01.2024

In this episode, we explore what is new in the PCI DSS v4.0 standard. A team of PCI experts gives an in-depth explanation of how requirement changes in the following areas will impact your certification efforts: · Risk Management · Identification and Authentication · Cryptography · Vulnerability Management · Staff Training · Service Provider Requirements Learn more about PCI DSS here . Learn more...

S2 E1: Preparing for a SOC 2 Audit 03.01.2024

In this episode, we explore what organizations should do to prepare for a SOC 2 audit. We explore: The different types of AICPA Service Organization Control attestations Strategies that can improve the odds of a successful audit The importance of avoiding overly rigid requirements and having realistic control objectives The role of Control Owners The importance of policy and supporting procedure d...

S1 E6: Making Data Privacy Impact Assessments Easier 13.12.2023

In this episode, we explore Data Privacy Impact Assessments, or DPIAs. We’ll break down what they are, when and why they are needed, and some strategies to make completing them easier. To learn more about how we can help your organization comply with all privacy regulations, visit CompliancePoint.com .

S1 E5: Effective Vendor Security Evaluations 06.12.2023

Are the vendors and third parties your organization shares data with keeping that data safe? Your organization is responsible for protecting the data it collects. In this episode, we explore steps organizations can take to reduce the risk of a breach caused by a vendor or partner. Visit CompliancePoint.com to learn more about our suite of risk management and compliance services.

S1 E4: CMMC: The Requirements, Challenges, and Benefits 29.11.2023

CMMC, or the Cybersecurity Maturity Model Certification, is a security certification organizations need to hold in order to land Department of Defense contracts. We’re going to explore the requirements that need to be met to get that certification, some of the challenges organizations can expect along the way, and the benefits of CMMC compliance. Learn more about CMMC here . Visit CompliancePoint....

S1 E3: Transitioning to PCI DSS v4.0 15.11.2023

Organizations that hold a PCI DSS certification, or that are working towards certification need a plan to meet the requirements of the new version 4.0 standard. In this episode we break down the transition timelines, the actions organizations need to take to ensure a smooth move to 4.0, and the role a QSA should play in the process. Learn more about PCI DSS here . Visit CompliancePoint.com to lear...

S1 E2: Effective Record Keeping for Do Not Call Compliance 08.11.2023

Quality records are a key component of proving compliance with Do Not Call laws. In this episode, we cover what types of evidence need to be gathered and maintained. We also explore how effective record keeping is beneficial for verification, resolving disputes, defense against professional plaintiffs, and leveraging Do Not Call Safe Harbor. Learn more about Do Not Call laws here . Visit Complianc...

S1 E1: Web Trackers and HIPAA Compliance 26.10.2023

The Office of Civil Rights of the Department of Health and Human Services issued a bulletin warning organizations that the use of trackers on websites and apps could result in the collection of PHI and potential HIPAA violations. In this episode, we'll explore what organizations need to do to safely use trackers and the penalties companies are facing for non-compliance. Learn more about HIPAA here...

Listen to the Compliance Pointers podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.