WeComply, Inc.

Gays and Lesbians Still Face Workplace Challenges

Thu, 09 May 2013 18:39:14 GMT

Basketball’s Jason Collins came out of the closet last month and made history by becoming the first openly gay, active major league athlete. By all accounts, he received a very warm reception. Protecting his workplace rights as a gay male, however, would be no slam dunk were it to come to that – at least not for now.

Title VII of the Civil Rights Act of 1964, which prohibits employment discrimination based on race, color, religion, sex and national origin, is silent about discrimination based on sexual orientation. Reformers have introduced the Employee Non-Discrimination Act (ENDA), which would prohibit discrimination based on sexual orientation and gender identity, in every Congressional session since 1994 and, in 1996, the measure failed to pass the Senate by just one vote. On April 25, 2013, Rep. Jared Polis (D-Colo.) and Sen. Jeff Merkley (D-Ore.) introduced the latest version of ENDA in the House and Senate respectively.

ENDA’s fate in the House 113^th Congress remains unclear but it’s not hard to tell which way the wind is blowing. According to The National Law Review, 87 percent of Fortune 500 companies already maintain policies prohibiting discrimination based on sexual orientation, and over 50 percent of those companies likewise prohibit discrimination based on gender identity. Twenty-one states and the District of Columbia now prohibit employment discrimination based on sexual orientation. Of those 21 states, all but five also prohibit discrimination based on gender identity.

It may be time to start preparing for ENDA. In the meantime, WeComply’s online Preventing Discrimination and Harassment and Managing Within the Law courses can teach managers how to comply with existing state and federal anti-discrimination laws and how to manage a diverse workplace.

State Department Exports Items From ITAR to EAR

Tue, 07 May 2013 20:33:27 GMT

Earlier this year, President Obama proposed reforming outdated export control laws by transferring certain items from the U.S. Munitions List (USML) to the more flexible Commerce Control List (CCL). The USML lists defense articles, services and technology regulated by the State Department’s International Traffic in Arms Regulations (ITAR). In contrast, items on the CCL contain both commercial and military applications and are regulated by the Commerce Department’s Export Administration Regulations (EAR). By changing the classification of certain parts and components, U.S. manufacturers can more easily supply their overseas customers with less sensitive defense-related items.

On April 16, 2013, the State and Commerce Departments released final rules that implement important changes to ITAR and EAR. These rules revise Category VIII of the USML, which regulates the exportation of aircraft and associated equipment, and create a new Category XIX that covers gas turbine engines. Thousands of items from these categories will begin transitioning to the CCL on October 14, 2013.

Among the changes to Category VIII is a narrower definition of "aircraft" to include only those with certain critical military capabilities. All items no longer fitting that definition will appear on the CCL. The reclassified articles will be subject to an increased range of export-license exceptions and decreased regulation when incorporated with foreign-origin products.

Category XIX will control the exportation of gas turbine engines and associated equipment with military uses — which includes components used on cruise missiles, surface vehicles and certain aircraft — and will absorb many items previously covered under categories IV, VI and VII. Other related parts, components and technologies with non-military uses will transition over to the CCL.

This set of final rules is the first in a series of export control reforms the government has planned. Within the next few years, the State Department intends to revise all USML categories. WeComply’s Export Controls Essentials training course provides an overview of the federal laws and regulations affecting the export of commodities from the U.S. and discusses the most common “red flags.”

Protecting Student Privacy Online

Wed, 08 May 2013 19:24:47 GMT

Cloud computing and the proliferation of online courses are effecting profound changes in the way we learn. These changes, in turn, have significant implications for ongoing compliance with FERPA (the Family Educational Rights and Privacy Act), which generally prohibits schools from disclosing students’ personally identifiable information (PII) without proper consent.

Take for example the technology developed by the Silicon Valley startup CourseSmart. According to a recent New York Times article, the technology enables teachers to track students’ interaction with their online textbooks as they work their way through the courses. This data is personally identifiable -- traceable back to specific students -- and CourseSmart can use it to provide universities with an "engagement index" for each student.

Does FERPA allow universities to facilitate third-party access to and storage of this type of data? The answer is "yes," if the service provider remains under "direct control of the educational institution with respect to the use and maintenance of student records." To ensure that service providers remain under their direct control, educational institutions should take the following steps:

Secure a contract with the service provider that contains restrictions on the use of educational records and specific contractual definitions of key terms such as “personally identifiable information” and “education records.”
Ensure that the contract expressly prohibits the mining of student data for advertising and marketing purposes.
Ensure that the contract is comprehensive and that it minimizes the terms of use that are subject to click-through consent as students and teachers move through the course materials.
Prohibit any uses of student data other than those specifically allowed by the contract.
Thoroughly investigate the service provider to ensure that it takes the proper measures to safeguard student data, including data security measures to prevent inadvertent disclosure or hacking.
Understand and approve of the service provider’s data retention and deletion policies and practices.

WeComply’s online FERPA Essentials training course explains the key FERPA principles that school personnel need to know and understand.

Social Media Privacy Rules Put Employers in Tough Spot

Thu, 02 May 2013 21:22:24 GMT

All is still not quiet on the social media front, where a host of conflicting laws and regulations continue to leave many employers between a rock and a hard place.

A primary issue for financial services sector employers is the extent to which they may monitor their social-media usage for the purpose of protecting investors against Ponzi schemes and other frauds. There can be no doubt that investors are vulnerable; last month , the benchmark Standard & Poor's 500-stock index fell 14.6 points — 0.93% — in the space of three minutes, wiping out $136.5 billion of the index’s value, after a hacker falsely tweeted that the White House had been bombed.

So far, however, privacy advocates like the American Civil Liberties Union appear to have the upper hand. As we have reported , the National Labor Relations Board has issued several rulings leading to the invalidation of many purportedly invasive corporate social-media policies. Meanwhile, California, Illinois, Maryland and Michigan all adopted social-media privacy laws last year, and a similar law in Utah takes effect in May. Social-media privacy legislation has been introduced or is under way in 35 states since the start of 2013, according to a recent account in the The Wall Street Journal. After signing the California bill, California Governor Jerry Brown said it will “protect all Californians from unwarranted invasions of their personal social-media accounts.”

That may be so, but if financial service firms cannot monitor their employees’ social media usage, investors are at increased risk of a pandemic of bogus investment advice, according to FINRA (the Financial Industry Regulatory Authority). FINRA has asked lawmakers in about 10 states to make changes to proposed regulation that would allow financial firms to continue using specialized software to keep tabs on their employee’s tweets and posts.

In the meantime, the Securities and Exchange Commission has made its own contribution to the social media revolution: It announced guidance that allows companies to disseminate information over social media such as Facebook and Twitter without violating their disclosure obligations under Regulation FD – provided investors have been alerted about which social media will be used to disseminate such information. Regulation FD is intended to preserve fairness by ensuring that some investors are not made aware of “material, non-public” business information before other investors, which might give them an unfair advantage in managing their assets.

WeComply’s online Social Media training course offers employees reasonable guidelines for using social media responsibly, and its online Regulation FD training course explains what managers and finance-industry employees need to know about Regulation FD.

US-Data-Privacy-and-Security-Compliance-Training-Courses-Classes

Fri, 10 May 2013 17:14:01 GMT

Online US Data Privacy and Security Training Course

Protecting Personal Information

Identity theft is a huge problem for consumers and the companies that serve them. In the U.S. alone, five percent of adults — about 10 million — are victimized each year, with total losses of about $50 billion. U.S. companies spend another $50 billion a year on identity-theft-prevention measures.

Organizations can take steps to ensure that any personal information in their possession remains secure. Some jurisdictions — Massachusetts, for example — require organizations that handle the "personal information" of any resident of that jurisdiction to implement safeguards to protect that information against identity theft and other misuse. This training course is designed to help employees understand these safeguards and learn how to detect potential threats before identity thieves can gain access to personal information.

Online US Data Privacy and Security Training Course Summary

Using the Massachusetts data-security regulation as a framework, this 25-minute course explains the basic principles of protecting the personal information of all individuals, regardless of their state of residence. It includes pop quizzes, news clippings and a final quiz highlighting real-world compliance issues that employees should learn to recognize and respond to appropriately. The topics covered in the course include —

Overview of data privacy and security
What information is covered?
Why is this important?
Physical safeguards
Administrative safeguards
Technical safeguards
Encryption
Handling personal information
Electronic ID and passwords
Social engineering
Security incidents

Get online access to the WeComply US Data Privacy and Security Training Course. Just complete the sign-up form on the right to begin your free course evaluation.

FACTA-for-Government-Compliance-Training-Courses-Classes

Fri, 10 May 2013 14:43:18 GMT

Online FACTA for Government Training Course

FACTA "Red Flags"

Government agencies and entities that handle personal and business account information are vulnerable to identity theft — a growing problem for consumers and businesses, as well as those who serve them. In the U.S., some 10 million adults are victimized each year, as are an ever-increasing number of businesses and organizations. Losses and identity-theft prevention spending total about $100 billion per year in the U.S.

If government entities aren't careful with the personal and business account information they handle, clever criminals can use these entities as to carry out identity theft. But if they're alert to the "red flags" of identity theft, government entities can do much to prevent it, detect it early if it does occur, and mitigate the damage it can cause.

Online FACTA for Government Training Course Summary

This 25-minute training course will help employees of government agencies and entities recognize these "red flags" and respond appropriately. It includes video vignettes, pop quizzes, news clippings and a final quiz highlighting real-world compliance issues that government employees should learn to spot and respond to appropriately. The topics covered in the course include —

What is identity theft?
Fighting identity theft with FACTA
Identifying and detecting red flags
Suspicious documents
Suspicious personal identifying information
Suspicious activity
Identity theft alers
Low-tech red flags
Responding to red flags
Other information-security practices
Identity theft — a moving target

Get online access to the WeComply FACTA for Government Training Course. Just complete the sign-up form on the right to begin your free course evaluation.

Workplace Anti-Discrimination Enforcement is White Hot

Tue, 07 May 2013 18:54:21 GMT

Private employment-discrimination lawsuits are down, but the federal government is taking up much of the slack.

In 2011, the U.S. Supreme Court ruled in Wal-Mart v. Dukes that thousands of female Wal-Mart employees did not have enough in common to bring a single wage-discrimination class-action lawsuit. The total value of all employment-discrimination class-action settlements in 2010, the year before the Wal-Mart decision, was $348 million. In 2012, the year after Wal-Mart, the value of these settlements was $49 million, according to the Seyfarth Shaw law firm’s ninth annual Workplace Class Action Litigation Report.

In contrast, government enforcement activity is white hot. On May 1, 2013, the U.S. Equal Employment Opportunity Commission (EEOC) announced that it won the biggest jury verdict in agency history — a $240 million award in a disability-discrimination lawsuit against a Texas-based turkey processing company. The EEOC brought the lawsuit on behalf of 32 men with intellectual disabilities.

More discrimination charges were filed with the EEOC in 2012 than in any but one previous year, according to the Seyfarth report. The EEOC is taking up cases challenging broad corporate policies and also is focusing on "pattern or practice" lawsuits affecting large groups of employees.

The Wal-Mart decision appears not to have had the same chilling effect on wage-and-hour-related litigation, which "continued to outpace all other types of work place class actions," according to the Seyfarth report. The report noted 7,908 Fair Labor Standards Act lawsuit filings in 2012, representing a 16% increase from 2011. The dollar value of major settlements also increased in 2012, with the top ten settlements totaling $292 million, up from $211 million in 2011.

WeComply’s online Preventing Discrimination and Harassment training courses help managers, supervisors and employees understand the discrimination laws and avoid the type of conduct that can result in enforcement actions and litigation.

How Not to Provide a Job Reference

Tue, 07 May 2013 18:41:47 GMT

When asked for a job reference, a kind-hearted manager might be tempted to gloss over the misconduct or performance issues that had prompted the company to fire an employee. But as a Takeda Pharmaceuticals, Inc. ("Takeda") manager learned the hard way, in the context of an age-discrimination suit, managers should resist that temptation.

After the Takeda manager fired 49-year old Barbara Kragor, Ms. Kragor sued Takeda under the Age Discrimination in Employment Act. Takeda moved to dismiss the case, claiming that it had fired Ms. Kragor for non-discriminatory reasons following an investigation into whether Ms. Kragor gave gifts to a doctor in violation of company policy. Ms. Kragor, however, produced evidence that the Takeda manager had told a doctor that Ms. Kragor had done nothing wrong and should not have been fired.

The District Court dismissed the case but the Eleventh Circuit Court of Appeals sent it back for trial. The court reasoned that by disavowing the non-discriminatory reason for terminating Ms. Kragor, and going on to praise her performance, the manager had raised the possibility that Takeda had in fact unlawfully fired Ms. Kragor because of her age.

The Takeda case serves as a reminder that managers should be consistent and honest when dealing with employees and should never use a pretext as a reason to fire someone. Whenever managers need to take steps towards terminating someone's employment, they should document every step toward termination to show that they —

Based the termination decision on valid reasons;
Treated the employee fairly; and
Gave the employee ample opportunity to rectify the performance or misconduct issues.

Whenever third parties may ask managers for job references for terminated employees, managers should refer these requests to Human Resources to ensure compliance with the organization's policy.

WeComply’s online Managing within the Law course teaches managers the key concepts they need to know to respond appropriately to employee misconduct and performance issues.

University's Inaccurate Understanding of FERPA Leads to Police Investigation

Wed, 01 May 2013 16:00:28 GMT

FERPA (The Family Educational Rights and Privacy Act) is a federal law that is intended to protect the privacy of student education records. The law applies to all schools that receive funds from an applicable program of the U.S. Department of Education. One of its key provisions requires that schools have written permission from the parent or eligible student in order to release any information from the student's education record.

But just what are "education records" under FERPA? Oklahoma State University (OSU) officials learned -- the hard way -- that they do not include certain types of law-enforcement reports. Last month, the Society of Professional Journalists (SPJ) awarded OSU its 2013 “Black Hole Award” for invoking FERPA to avoid notifying students, the public or the OSU police department that an alleged serial sex offender was on campus groping male students while they slept.

“FERPA was not meant to be a Harry Potter-like invisibility cloak that could turn any record that names a student into a protected document,” said Salt Lake Journal columnist Don Meyers, one of the SPJ award judges.

OSU officials learned of the alleged sexual assaults in November 2011, according to media accounts, and should have realized not only that FERPA was inapplicable but also that the Clery Act (requiring all colleges and universities that participate in federal financial-aid programs to keep and disclose information about crime on and near their respective campuses) applied. Instead of disclosing the alleged sexual assaults and dealing with the adverse publicity that likely would have ensued, OSU officials decided to hold secret student-conduct hearings that resulted in a three-year suspension of the alleged offender.

Local police opened an investigation the next month, after someone contacted the department with questions about the alleged incidents. The police later charged the student perpetrator with four counts of sexual battery.

An independent report commissioned by the OSU Board of Regents concluded that the OSU officials handling of the incident were “misguided” but that their failure to disclose the incident had not broken any laws.

WeComply’s online FERPA Basics course can help school personnel understand their responsibilities under the Family Educational Rights and Privacy Act and its interplay with other federal laws.

Corporate Social Responsibility Training Now Available from WeComply

Mon, 29 Apr 2013 21:52:43 GMT

April 30, 2013 (Mahwah, N.J.) – WeComply, Inc., a leader in web-based ethics and compliance training, has announced a new "Corporate Social Responsibility for Employees" course. This course is intended to increase employees' awareness of their company's commitment to "sustainability" — that is, taking into account its impact on the environment, consumers, employees, the local community and the public at large.

The course begins with explanations of what CSR is and how it honors the "triple bottom line" of People, Planet and Profit. It goes on to explain the concept of eco-efficiency and CSR performance indicators, such as the GRI. The course concludes with discussions of what employees can do individually and how they can help the company improve its sustainability practices.

“More and more companies are integrating socially responsible policies and practices into all facets of their business operations,” said Mike Pallatta, WeComply CEO. “While it has long been known that this is good for the environment, companies are recognizing that these practices are also good for their bottom lines. This course will help companies educate employees about and reinforce their commitments to Corporate Social Responsibility.”

For more information on WeComply’s Corporate Social Responsibility course, please visit http://www.wecomply.com/ethics-training/1593802-corporate-social-responsibility-training-courses-classes.

About WeComply

WeComply is a leading provider of ethics and compliance training for employees in all industries and offers more than 100 courses that are easily customized and available in multiple languages both online and offline. Companies can host courses in their own LMS or use WeComply's patented system, which provides centralized administration, custom reporting and other advanced features. WeComply is the exclusive compliance training partner of Proskauer and the ACC Alliance. For more information, visit www.wecomply.com.

Netflix Facebook Post Spurs SEC Clarification on Social Media Regulation

Fri, 26 Apr 2013 19:46:06 GMT

Netflix inadvertently prompted the SEC to update and clarify its regulations as they relate to the use of social media by public companies. This update was issued following an SEC investigation of Netflix chief executive officer Reed Hastings after a July 3, 2012 post on his personal Facebook page stating "Congrats to Ted Sarados, and his amazing content licensing team. Netflix monthly viewing exceeded 1 billion hours for the first time ever in June."

Netflix faced trouble because it did not report the content of the Facebook post through a press release or Form 8-K filing with the SEC. Instead, the information trickled out via blog posts and other news sources, resulting in higher stock prices for Netflix the following day. The SEC initiated an investigation stemming from concerns about a possible violation of the Regulation Fair Disclosure (commonly known as Regulation FD), which requires a public company to make material, nonpublic information (“inside” information) available to all investors at the same time.

Although the SEC did not pursue charges against Hastings, its report reiterates the goal of ensuring that all investors receive the same information at the same time, thereby preventing the selective disclosure of information. Acknowledging the changes in social media since the regulation was written in 2000, the SEC confirmed that Regulation FD applies to social media and other emerging means of communication used by public companies in the same way it applies to company websites. One caveat is that corporations must ensure that investors are aware of the specific Twitter feeds or Facebook pages that will serve as potential outlets for material information.

Unlike official corporate sites, the personal social media sites of a public company’s employees would not ordinarily be channels through which the company would disclose material corporate information. Consequently, disclosure of material, nonpublic information on such a site of an individual corporate officer — without advance notice to investors that the site may be used for this purpose — is unlikely to qualify as an acceptable method of disclosure under the securities laws.

Recognition of the uncertainty about the application of Regulation FD to social media prompted the SEC to issue its most recent report. The SEC made a similar move in 2008 when it issued guidance clarifying that websites can serve as an effective means for distributing information to investors provided those investors have been informed where to look for it.

Just as technological changes necessitate adjustments to business policies, government regulations must be amended as well. WeComply’s Regulation FD course offers managers and finance-industry employees simple, easy-to-understand explanations of the basic principles of Regulation FD.

5 Common Mistakes in HIPAA Compliance

Thu, 25 Apr 2013 19:48:38 GMT

In 2012, the Department of Health and Human Services (HHS) audited select healthcare organizations for compliance with the Health Insurance Portability and Accountability Act (HIPAA). The agency’s findings revealed some common privacy and security mistakes among both large and small organizations:

No monitoring of computers and mobile devices. HIPAA requires organizations to regularly review system activity through access and security-incident reports. If employees store patient information on mobile devices, employers should have data-wiping programs that can remotely erase hard drives in case of theft.
Failing to encrypt data. In instances where patient records are lost, stolen or viewed improperly, encryption can mitigate potential liability by preventing data thieves from accessing or tampering with sensitive information, whether through a cyber-attack or physical theft of an electronic device.
No limiting of data access. When releasing patient information, organizations should provide the requesting party only with what is “minimally necessary.” Additionally, as a general precaution, employers should restrict employees’ access to data when they are off the clock.
Omitting risk assessments. HIPAA requires organizations to continually analyze internal and external threats as part of their security procedures. These threats include employees who have unnecessary access to sensitive data, system vulnerabilities, configuration errors or threats from cybercriminals.
Neglecting to implement contingency plans. Every entity covered under HIPAA must have a contingency plan in case of data loss, emergencies or system errors. The plan should cover a wide range of possible disaster scenarios and undergo an annual testing and revision process.

Organizations that fail to implement the proper HIPAA security procedures can face civil and criminal penalties, legal fees and a damaged reputation.

WeComply's online HIPAA training course explains what employees and HR managers need to know about HIPAA privacy and security laws.

5 Tips for Discussing Gender-Related Issues in the Workplace

Fri, 19 Apr 2013 20:01:47 GMT

Managers often find it difficult to raise gender–related issues in the workplace because they think it’s inappropriate to discuss these issues with employees. Some companies, out of liability concerns, even advise their managers to avoid these topics entirely.

Frequently, male managers avoid discussing uncomfortable topics like pregnancy and child-rearing with their female employees. Likewise, employees may refrain from voicing their concerns about family and children out of fear that management will question their commitment to the company. By avoiding the problem, however, employees may feel like victims of gender discrimination when their managers pass them over for a promotion or make other adverse managerial decisions.

Here are some tips managers can use to ease the discussion of gender-related issues with their staff:

Maintain an “open door” policy. Managers should let employees know they are welcome to discuss concerns about pregnancy, parenting or other gender issues.
Respect employees’ privacy. Managers should not pry into the personal lives of their employees by asking direct questions like “When do you plan to have children?”
Bring up your own experiences. Managers can make employees feel more comfortable discussing gender-related issues by bringing up their personal experiences with balancing work and family.
Avoid any implications that raising a family will negatively impact prospects for success. Federal and state laws prohibit employers from discriminating against employees based on gender. This means managers may not use an employee’s pregnancy or desire to raise a family as a factor in making promotion decisions or assigning projects.
Provide options for working parents. Managers should make an attempt to accommodate working parents by offering such options as flexible hours and telecommuting, where possible.

WeComply’s online Preventing Discrimination and Harassment and Managing within the Law courses teach managers the key concepts they need to know to respond appropriately to gender-related issues and other real-world concerns.

Affordable-Care-Act-Compliance-Training-Courses-Classes

Fri, 19 Apr 2013 18:11:45 GMT

Online Affordable Care Act Training Course

The Affordable Care Act (ACA), signed into law by President Obama in 2010, significantly overhauls the U.S. healthcare system by expanding healthcare coverage, reducing healthcare costs and improving the quality of care.

With part of the ACA already in place and the remainder on its way — including an individual mandate and coverage for preexisting conditions — employees should be aware of how the law makes insurance affordable for those without employer-provided insurance. Beginning in 2014, anyone who fails to provide proof of health insurance on his or her federal tax return will face significant financial penalties. By 2016, fines will increase to as much as 2.5% of a person’s yearly income.

Online Affordable Care Act Course Summary

This 15-minute mini-course provides a preliminary "report card" on those aspects of the Affordable Care Act that are now in effect, as well as a quick look at important provisions that will become effective in 2014. The topics covered in this course include —

Overview of the Affordable Care Act
Expanded coverage
Insurance costs
Healthcare costs
Quality of care
What’s Ahead . . .

Get online access to the WeComply Affordable Care Act Training Course. Just complete the sign-up form on the right to begin your free course evaluation.

Virtual Money Laundering Carries Real-World Consequences

Thu, 18 Apr 2013 14:04:53 GMT

The Financial Crimes Enforcement Network (FinCen), an arm of the U.S. Department of Treasury, recently issued guidance that applies the Bank Secrecy Act’s anti-money-laundering rules to “virtual currency” -- digital currency exchanged on the Internet. The Treasury Department released the interpretation in response to growing concerns among regulators and financial institutions that virtual currencies are being used for illegal activities.

Businesses that issue or exchange virtual currency are now subject to the same rules as traditional money service businesses (e.g., Western Union), including more stringent bookkeeping requirements and a mandatory reporting requirement for transactions that exceed $10,000. The most popular and widely traded virtual currency is Bitcoin, a form of Internet cash that — unlike hard currency — is not backed by any government-endorsed bank or controlled by an administrator. While the new guidance will not affect individuals who buy or sell virtual currency, companies that exchange legal tender for currencies like Bitcoin must begin complying with the anti-money-laundering provisions of the Bank Secrecy Act in order to avoid severe civil and criminal penalties.

Since its inception, virtual currency has gained quick acceptance in the online community and is now used on a daily basis to make ordinary, everyday purchases. For example, people can use Bitcoins to buy real goods and services like food, clothing or pizza delivery. The problem is that virtual currency is hard to trace, making it ideal for illegal activities. According to an FBI report, Bitcoin has a track record of attracting criminals who want to avoid traditional financial institutions that are heavily regulated.

Fortunately, the market for virtual currency is so small and price fluctuations so extreme that money launderers cannot easily move large amounts of money. In March 2013, the largest Bitcoin exchange, Mt. Gox, saw volume ranging from around $427,000 a day to $8 million a day. These figures are miniscule compared to the daily volume of traditional financial exchanges.

WeComply’s Anti-Money Laundering for Money Service Businesses training course helps money service business employees understand the most important money-laundering laws and regulations and how they affect employees’ day-to-day job responsibilities.

Whistleblowing (Dodd-Frank Compliance) Training Now Available from WeComply

Tue, 16 Apr 2013 21:13:49 GMT

April 17, 2013 (Mahwah, N.J.) – WeComply, Inc., a leader in web-based ethics and compliance training for corporate employees, has announced a new course on the "whistleblowing" provisions of the Dodd-Frank Act. The Dodd-Frank Act provides financial incentives for employees who report suspected financial fraud to the Securities and Exchange Commission (SEC) and prohibits retaliation against them by their companies. WeComply's 25-minute training course explains how employees can report suspected fraud internally as well as to the SEC.

The Whistleblowing course begins with an overview of the most common types of securities fraud. It then discusses how employees who detect or suspect fraud can report it, both through internal company processes and externally to the SEC. The course then discusses whistleblower awards and protections against retaliation, and the pros and cons of internal vs. external reporting.

“A company charged with securities fraud can have its reputation damaged and see its stock prices plummet, even if the company is never tried or convicted,” said Mike Pallatta, WeComply CEO. “This course educates employees about their role in preventing and detecting securities fraud, and their responsibilities and rights with regard to reporting it.”

For more information on WeComply’s Whistleblowing (Dodd-Frank) course, please visit http://www.wecomply.com/ethics-training/1565506-whistleblowing-dodd-frank-compliance-training-courses-classes.

About WeComply
WeComply is a leading provider of ethics and compliance training for employees in all industries and offers more than 100 courses that are easily customized and available in multiple languages both online and offline. Companies can host courses in their own LMS or use WeComply's patented system, which provides centralized administration, custom reporting and other advanced features. WeComply is the exclusive compliance training partner of Proskauer and the ACC Alliance. For more information, visit www.wecomply.com.

Rutgers Ejects Abusive Coach

Mon, 15 Apr 2013 16:16:47 GMT

Rutgers University faces a controversy at a time when its athletic program is preparing to join the Big Ten, an athletic conference that will put the school in the national spotlight and generate millions of dollars in revenue. On April 3, the university fired Mike Rice, the head coach of the men’s basketball team, after a video containing footage of team practices between 2010 and 2012 surfaced. The video showed Rice kicking and hurling basketballs at players and berating them with vulgar language and homophobic slurs. These events come just two years after the suicide of a Rutgers student, Tyler Clementi, following bullying involving his sexual orientation.

The university first learned of the video four months ago when a former team assistant turned a copy of it over to the university’s athletic director, Tim Pernetti. In an effort to avoid any public controversy during the university’s negotiations with the Big Ten, Rutgers decided to rehabilitate Mr. Rice by suspending him for three games, fining him $50,000 and ordering him to take anger-management classes.

After learning of how Rutgers initially handled the matter, New Jersey officials vowed to hold hearings to investigate the university’s response. Some faculty members are also calling for the dismissal of the university’s president, Dr. Robert Barchi. A letter signed by at least 10 faculty members and the dean of the graduate school accused Dr. Barchi of covering up the abuse and renewing Mr. Rice’s contract despite the allegations. Dr. Barchi claims he was aware of the video four months ago but only saw it for the first time when it was publicly released on April 2.

In the wake of the firing of the head coach, three others have resigned: Mr. Pernetti; the interim senior vice president, John B. Wolf; and the assistant coach. Mr. Pernetti and Mr. Wolf were among the school officials involved in the initial decision to rehabilitate Mr. Rice rather than fire him.

Unlike the allegations involving Jerry Sandusky, the allegations about Mr. Rice’s conduct are not primarily about sexual misconduct. Yet his abusive behavior raises questions about whether coaches and school personnel received proper harassment training — sexual or otherwise. WeComply’s Preventing Sexual Harassment in Athletics training course explains appropriate behaviors for coaches and sports professionals in the context of athletics; and WeComply’s Preventing Sexual Misconduct (Title IX) training course is designed to assist faculty and staff members in maintaining a respectful educational environment.

Peter Seidman

Tue, 09 Apr 2013 16:14:31 GMT

Sustainability Reporting: Making It Meaningful

Tue, 09 Apr 2013 13:48:50 GMT

The pressure we put on the planet’s finite resources is less of an abstraction and more of a concrete problem with each passing day. The same holds true for local and global economic inequality and social injustice. Customers, investors other stakeholders now want the opportunity to factor in the costs of external environmental, social and economic consequences of business practices when assessing the bottom line – and to know what companies are doing to reduce or eliminate those costs. Sustainability reporting provides such an opportunity and, if done correctly, can be a vehicle for showcasing a company’s progress as it moves toward more environmentally and socially conscious business practices.

Companies are not generally required to provide sustainability reports, although this will likely change as stakeholder demands for transparency into corporate responsibility grow louder. More countries are close to requiring integration of corporate responsibility information with financial reporting. The Global Reporting Initiative (GRI), a non-profit organization that provides frameworks for sustainability reporting, is considering additional disclosures. In the meantime, companies have substantial discretion when designing the form and substance of their sustainability reports – if they choose to provide them.

The following are some suggestions for making sustainability reporting more informative and easier to understand:

Avoid empty generalities and platitudes. Stakeholders will surely recognize them for what they are, and they may damage credibility. It’s better to provide no sustainability report at all than one that lacks substance or sincerity.
Set specific, realizable goals and track the company’s progress toward achieving them.
Integrate sustainability information into financial reporting and make the business case for sustainable practices. Explain how sustainable practices are part of your business model.

WeComply’s online Corporate Social Responsibility course explains what employees need to know about corporate social responsibility and how impacts the way they should think about and do their work. The course is designed for ease of customization and includes a template that companies can use to describe their own specific CSR activities.

Corporate-Social-Responsibility-Training-Courses-Classes

Mon, 08 Apr 2013 21:24:11 GMT

Online Corporate Social Responsibility (CSR) Training Course

Sustainability

Every innovative company is concerned about sustainability: the challenge of offering useful and safe products and services while protecting the ability of future generations to meet their needs. As they grow, companies need more resources to satisfy customer demand, but those resources are often finite. Thus, it's more important than ever that companies are attuned to the impacts of their activities — on the environment, consumers, employees, the communities in which they operate, and the public at large.

A company that practices corporate social responsibility (CSR) honors the "triple bottom line": people, planet and profit. To this end, companies are developing policies and practices that contemplate sustainability and integrate responsible behaviors into all facets of their business operations.

Online Corporate Social Responsibility Course Summary

This 20-minute course explains the concepts of CSR and sustainability, as well as the policies and practices that impact the way employees should think about and do their work. The course is designed for ease of customization and includes a template — "CSR highlights" — that companies can use to describe their own specific CSR activities. It includes pop quizzes, news clippings and a final quiz highlighting real-world issues that employees should learn to spot and respond to. The topics covered in this course include —

What is Corporate Social Responsibility
The importance of Corporate Social Responsibility
Eco-efficiency
Corporate Social Responsibility performance indicators
Corporate Social Responsibility highlights
What you can do
How you can help us

Get online access to the WeComply Corporate Social Responsibility Training Course. Just complete the sign-up form on the right to begin your free course evaluation.

Conflict Minerals Compliance Training Now Available from WeComply

Thu, 04 Apr 2013 05:25:35 GMT

April 4, 2013 (Mahwah, N.J.) – WeComply, Inc., a leader in web-based ethics and compliance training for corporate employees, has announced its "Conflict Minerals Compliance" course. This course covers the fundamentals of the SEC’s new Conflict Minerals Rule, which requires publicly traded companies that use “conflict minerals” (such as tantalum, tin, tungsten and gold) in their products to make public disclosures of the origin of those minerals to the SEC. The Rule applies to companies in many industries including technology, aerospace, automotive and consumer goods. The intention of the Conflict Minerals Rule is to encourage companies to strengthen their controls over how and where they obtain such minerals so as to reduce funding to armed groups responsible for extreme violence in the Democratic Republic of Congo and adjoining countries.

The course begins with an overview of the Conflict Minerals Rule and an explanation of the compliance process. The course then discusses determining whether the Rule applies, conducting a “reasonable country of origin inquiry” and due diligence. The course concludes with discussions on the Conflict Minerals Report and the costs of non-compliance.

“The Conflict Minerals Rule adopted by the SEC in August 2012 lays out very specific requirements regarding the disclosure of the origin of certain minerals,” said Mike Pallatta, WeComply CEO. “This course is an important training tool that will help companies comply with the various aspects of the Rule and avoid the severe consequences than can result from non-compliance.”

For more information on WeComply’s Conflict Mineral Compliance course, please visit
http://www.wecomply.com/ethics-training/1551491-conflict-minerals-compliance-training-courses-classes.

“Big Data” Requires Bigger Attention to Data Privacy

Wed, 03 Apr 2013 13:07:41 GMT

The term “big data” refers to sets of information so large that they are difficult to process using traditional database techniques. The healthcare industry has recently started using big data to solve many issues affecting patient care. Big data is able to increase the quality of healthcare — while simultaneously lowering the cost — by revealing certain patterns and trends that would otherwise be unavailable to healthcare providers.

According to a report released by McKinsey Global Institute in May 2011, big data has the potential to generate approximately $300 billion every year, mostly by reducing healthcare costs. Organizations capable of analyzing big data have already started reaping the benefits. In 2011, the big-data business produced over $30 million in revenue.

Advocates for data privacy argue that the only organizations benefiting from big data are those that mine and sell the information. These organizations have the ability to sell a patient’s information to employers or others who might use it for purposes unrelated to healthcare. The privacy advocates believe organizations should obtain a patient’s informed consent before collecting and analyzing his or her data.

Others believe the Health Insurance Portability and Accountability Act (HIPAA) rule under the Health Information Technology for Economic and Clinical Health (HITECH) Act addresses most data-privacy concerns. Recent studies, however, have shown a 97% increase in the number of patient records breached from 2010 to 2011. In addition, a survey by the Ponemon Institute revealed that 94% of healthcare organizations suffered at least one data breach since 2010. The increased use of big data will only make data breaches more prevalent as organizations adopt larger databases.

Organizations that wish to reap the benefits of big data — and gain consumer trust — must quickly realize that more advanced security controls are required. The increased strictures under enhanced HIPAA disclosure regulations might just give organizations the incentive they need. Failure to comply with HIPAA when handling protected health information (PHI) can lead to civil and criminal penalties, as well as a damaged reputation for the violator.

The use of big data as a tool for improving healthcare quality and reducing healthcare costs is too new to predict what the value of it will be in the long run. While it holds a lot of potential benefits, there are still many safety and privacy concerns. Its overall worth will depend largely on how organizations handle the tool in coming years.

WeComply's online HIPAA training course explains what employees and HR managers need to know about HIPAA privacy and security laws.

Employee Misuse of Data a Threat to Security

Thu, 28 Mar 2013 13:47:10 GMT

According to a recent study published by the Ponemon Institute, combating insider fraud and the growing threat it poses to intellectual property and corporate security should be a higher priority for employers. "Insider fraud" includes malicious or criminal attacks on business or governmental organizations — by employees and contractors — that result in the theft of financial or information assets. Even employees' casual misuse or mishandling of data may have severe consequences for companies.

Apart from the intentional acts of insider fraud, data loss happens in a variety of ways. Employees reported that they commonly e-mail business documents to personal e-mail accounts, download company data to their personal tablets or smartphones, or use file-sharing apps; the majority indicate that they take no action to delete the data after transfer. The risk of data loss grows ever greater as more employees and contractors work outside the office and remotely access corporate network systems from home offices and public facilities. Employee turnover also can mean data loss: Half of study respondents admitted to retaining confidential information when leaving employment and 40% said they intend to use the data in their new jobs.

This leaves employers facing the fact that a significant amount of their confidential information and intellectual property is vulnerable to transfer to outside entities, including competitors. The threat comes not only from the tendency of employees to disregard policies but an inability of a majority of organizations to monitor and secure access to data with respect to mobile devices.

The study suggests that the risk organizations face from insider fraud and employee misuse of internal data is on the rise. Employers can minimize their exposure by implementing and enforcing formal policies and training with respect to data security and privacy, installing procedures to monitor and regulate employee access privileges and having employees sign well-drafted non-disclosure agreements. WeComply’s Protecting Trade Secrets and Information Security training courses teach employees what they need to know to handle and protect sensitive and proprietary information.

Insider Trading Leads to Record $616 Million in Settlements

Wed, 27 Mar 2013 13:07:57 GMT

Last week, SAC Capital Advisors, a large hedge fund owned by billionaire Steven A. Cohen, has agreed to pay the staggering sum of $602 million to the Securities and Exchange Commission (SEC) to settle an insider-trading case. The civil lawsuit against SAC claimed the company sold around $1 billion in shares of two pharmaceutical companies after a former portfolio manager received a tip from a doctor that the development of a new drug for Alzheimer’s disease was not going well. At the same time, SAC also paid $14 million to settle a smaller case involving the illegal trading of technology stocks. Altogether, SAC paid $616 million to make its insider-trading problems go away.

The insider-trading lawsuits have hurt SAC’s business, causing investors to withdraw over $1.5 billion of the $6 billion the company manages for outside clients. While the $602 million settlement is one of the largest in history, SAC could have faced much harsher consequences. The penalty is $550 million lower than the maximum allowed under applicable securities laws, and the settlements did not require SAC to admit to any wrongdoing.

The settlements, however, do not resolve the pending cases against former SAC employees who were involved in the insider-trading violations. The biggest of these cases involves Mathew Martoma, a former portfolio manager at SAC, who was criminally charged in December for playing a central role in the pharmaceutical stock-trading case. He allegedly received a tip from a doctor and used it to produce $275 million in gains and avoided losses. Martoma maintains he is innocent, but prosecutors have a significant amount of evidence against him, including the testimony of the doctor who leaked the information to him.

WeComply's Avoiding Insider Trading training course discusses the laws prohibiting insider trading and explains the potential civil and criminal penalties for violations.

SEC To Continue Aggressive Enforcement

Tue, 26 Mar 2013 13:59:47 GMT

Officials of the Securities and Exchange Commission (SEC) promised to continue to enforce laws aggressively at the annual "SEC Speaks" conference in Washington, D.C. last month. Protecting investors by maximizing stability and minimizing risk continues to be the goal of the Commission.

Budget Limitations Prompt Cooperation and Prioritization
As the SEC's use of automated investigative tools increases, so does the volume of leads obtained. However, the Commission’s ability to expand into new areas of regulation or utilize new tools is limited by government-wide budgetary constraints. Consequently, cooperation from the private sector and other regulated entities is fundamental to the SEC's mission. Officials also commented that such cooperation was taken into consideration in the decision whether to pursue an enforcement action or enter into non-prosecution or deferred prosecution agreements.

Whistleblower Program Proven a Success
The Commission's successful implementation of the Whistleblower program resulted in 3,001 tips from 50 states and 49 foreign countries during 2012, most of which were received through the SEC’s whistleblower "hotline." The majority of reports concerned corporate disclosures, fraud in securities offerings and market manipulation.

Insider Trading a Top Priority
Insider trading remains a top priority with a continued focus on hedge funds. Since 2009 the Commission has filed approximately 175 enforcement actions against 425 defendants alleging approximately $900 million in illicit gains. The Commission confirmed that it will continue to aggressively litigate actions involving suspicious trading in offshore accounts.

Focus on Emerging Trading Technologies
The growth of electronic trading centers and high-frequency trading has dramatically increased trading volume in recent years. The Commission pointed out its reliance on self-regulatory organizations to act as "gatekeepers" to ensure stability and fairness in trading. Finally, reflecting on the two-day loss of trading after Hurricane Sandy, the Commission advised electronic exchanges to establish business continuity plans to be implemented in the event of similar events or other disruptions.

Creation of a Regulatory Framework for Crowdfunding
The JOBS Act of 2012 added "crowdfunding" (whereby start-up companies raise money online from numerous investors making small contributions) to the Commission’s agenda for 2013. Title III of the JOBS Act provides certain regulatory exemptions for crowdfunding and Internet "funding portals" that facilitate such transactions. Under the Act, funding portals are prohibited from taking possession of funds or making investment recommendations. The SEC anticipates the need to re-examine what acts will be considered "investment advice" in an effort to aid portals in keeping fraudulent dealers off their websites without appearing to be making particular dealer recommendations. It also foresees the need for additional fine-tuning for the more limited disclosure framework for companies receiving investments from funding portals.

Increasing Partnerships With Other Regulatory Agencies
Working with other government agencies, both foreign and domestic, remains key to the Commission’s enforcement efforts and it expects to expand upon such relationships in the year ahead.

In summary, the SEC recognizes a need to adapt its traditional regulatory regime in the face of legislative, technological and international developments. The departure of Chairman Mary Schapiro and Enforcement Director Robert Khuzami also leaves the Commission in a state of transition as it awaits confirmation of recently nominated Chairman Mary Jo White. While financial shortfalls and the need to address numerous new congressional directives present challenges to the SEC, it clearly intends to maintain its aggressive enforcement activities.

Corporate management compliance programs must be robust enough to keep pace with the efforts of the SEC. WeComply can help companies address these issues through its Avoiding Insider Trading, Whistleblowing (Dodd-Frank) and FCPA and Global Anti-Corruption training courses.