Training and the FDA – What do they want?

The FDA requires medical device and drug manufacturers to train their employees. Training must occur for all types of regulated activities from internal quality management software procedures/policies to CFR requirements. The agency expects companies to establish comprehensive procedures that not only detail how the staff will be trained but also complies with the QSR record keeping requirements.

Regulatory Change Management Starts From Top Management

If you observe the results of various regulatory compliance surveys across multiple industries, the results of most of the surveys are pretty similar, however some of the results were quite disturbing. When asked about top management’s perception towards regulatory change management and regulatory compliance, management viewed it as a necessary evil and you would see comments such as:

Five Steps to Select a Safety Management System

Every company has a different way of going about selecting solutions that will work best for the organization, but there are five useful steps for all companies to abide by, at least as a starting place, to effectively select a safety management system. They are as follows:

NPDES Electronic Reporting Rule

Environmental Protection Agency (EPA) signed the final electronic reporting rule which requires NPDES regulated entities to file certain reports and permit related data electronically instead of filing paper reports by using EPA’s NPDES Electronic Reporting Tool (NeT) and NETDMR (for DMR data) portal or the equivalent state version of it.

Why Automation Means Fewer Control Violations Involving Audits

In today’s complex and regulated environment for financial institutions, there has never been more pressure on finance leaders to ensure integrity in internal auditing and controls. Boards of directors want assurance that official financial statements are squeaky clean, with every piece of data in tables and in footnotes double-checked. There’s zero tolerance for funny business, such as a business unit booking revenue in one-quarter while pushing related costs to the next.

Avoid Risks Through KYV or Know Your Vendors Phenomenon

I believe I have made up a new Acronym for Compliance, KYV – Know Your Vendors.

The reason why knowing your vendors is important is the associated Risks that they bring to your Financial Organization. From the Vendor that “waters your plants”, to “delivering your lunch”, if your financial Institution has not fully vetted these vendors, your Company is at Risk.  Examiners not only review your clients but apply the same Compliance regulations to any of your existing vendors that have access to your buildings.

Cutting Compliance Costs and Making Regulatory Management More Efficient Amidst Rising Regulatory Scrutiny

As compliance professionals, we are constantly trying to balance compliance and risk headcount needs with available resources ($) due to the constant and significant increases in the regulatory environment. More often than not, the cost center nature of compliance drives our institution’s executive management to reject additional requests for headcount due to lack of resources allocated in the budget. This creates a dilemma for compliance officers as we are expected to “do more with less” while maintaining the same level of compliance and oversight prior to these significant regulatory changes and impacts on our business.

Competency and Compliance Learning Management System

How are you Managing and Assessing Performance?

Companies are looking for ways to improve performance while simultaneously reducing cost and risk, and ensuring compliance.   Through strategic planning, and in alignment with human resource management processes, companies are setting individual and group goals that align organizational culture, structure and strategies with business targets.  The setting of goals is often followed by the implementation of performance management system to make certain the goals are consistently being measured and evaluated in an effective and efficient manner.

Cyber Security is Always a Journey

How can an Integrated Risk and Compliance Management system help you avoid the same fate as Noble Energy?

It isn’t exactly news that the EPA is ramping up its NEI programs, with one of the core focuses being the Energy Extraction Enforcement Initiative and “Next Generation Compliance”.  Over just a few years it more than doubled inspections and evaluations with over 150 enforcement actions as a result.

One of the most recent enforcement actions was against Noble energy earlier this year, who agreed to a $73 million settlement to resolve claims brought by the EPA and the State of Colorado.  According to the EPA, “the settlement resolves claims that [the company] failed to adequately design, size, operate and maintain vapor control systems on its controlled condensate storage tanks.” ^(a)  The settlement order falls in line with the EPA’s new focus on “Next Generation Compliance”.

What is “Next Generation Compliance”:

1. Promulgation of regulations and permits that are easier to implement
2. Promotion and use of advanced emissions/pollutant detection technology
3. A move away from paper, shifting to electronic reporting
4. Promotion of transparency by making information more accessible to the public
5. Promote the development and use innovative enforcement approaches to achieve more widespread compliance – in other words, data analysis, and business intelligence.

In light of that definition, companies in the energy extraction space can get ahead of the curve by implementing an Integrated Risk and Compliance Management system like Predict360.  Predict360 fills in many of the gaps that the EPA and state agencies are looking at upstream companies to address, specifically:  electronic reporting, transparency or visibility across the organization both internally and publicly, and data analytics\predictive and proscriptive data analysis.

(a)  http://yosemite.epa.gov/opa/admpress.nsf/bd4379a92ceceeac8525735900400c27/d555b20d0c44fadd85257e2f0044d4b8

Integrated Governance, Risk Management, and Compliance (GRC)

Is integrated GRC an all-or-nothing proposition?

The challenge of integration often relates to cultural boundaries within an organization rather than conceptual or technical issues. GRC processes are unique in relation to operating processes. Changing markets and a continuing stream of new laws and regulations spanning decades have driven an ad hoc and reactionary evolution of new policies and procedures in many organizations. Often, internal and external pressures result in these changes being completed at such a pace that the “new” policies and procedures are added onto the existing structure. Ultimately, this ongoing spiral of change has led to complex accountabilities, the growth of silos, inefficient communications, decreasing organizational transparency and poor data that you can’t trust to make critical decisions – all leading to a higher cost of risk and compliance.

Revolutionizing the Simplicity of Regulatory Change Management

Imagine that you are about to take a drive to a place you have dreamed of going your entire life. Your suitcases are packed in the car, and all you have to do is put your key in, turn the car on, keep an eye on the dashboard every now and then, and drive. Your focus is on the road ahead that leads to your final destination and the quickest, safest way to get there. This is simplicity at its best.

Why Reducing Your Cost of Compliance can Save you Money

Everyone knows staying compliant saves money. It prevents hundreds of thousands of dollars in regulatory fines. Beyond that, it seems that compliance only costs money. Time, effort and dollars go into keeping your organization compliant. If this is how you feel about your compliance program, there’s probably room for improvement.  A compliance program should be saving your organization money.

What Would Set you Apart from Other Oil Producers?

I had a conversation with a friend of mine who lives in Midland, Texas. She’s married to an Executive in the Oil and Gas Industry and lives on property that is being drilled by a different oil company.  She expressed her frustration with what property owners have to deal with when it comes to not owning mineral rights and how the companies can just “poke holes anywhere they want.”

Training and the FDA – What do They Require?

The FDA requires medical device and drug manufacturers to train their employees. Training must occur for all types of regulated activities from internal quality management software/policies to CFR requirements. The agency expects companies to establish comprehensive procedures that detail how staff members will be trained, but also complies with the QSR record keeping requirements.

Think Ahead of the Curve – Regulatory Compliance Software Choice

Emergency medical technicians and medical trainers are on call at an array of sporting events, from Little League tee ball to the Superbowl. The event organizers do not anticipate participants to pull an ACL or spectators to pass out due to heat exhaustion; however, EMTs attend just in case. Due to the historically risky nature of sporting events, many leagues and associations, from professional to intramural, require EMT to be present before the umpire can yell, “Play ball!”.

The ACA & Healthcare Outpatient Services Impact Perspective

“Risk Shifting”

With the adoption of the Affordable Care Act (ACA) and shift from quantity to quality-based reimbursement models, the healthcare landscape is shifting dramatically as to how providers are paid for their services.  The outpatient market is seeing a dramatic adjustment in the volume of services based on this market demand.  According to a Health Facilities Management article (Health Forum, a subsidiary of AHA®): 

Report: US Power Sector CO2 Levels Down to 1990 Levels

A new NRDC report shares a positive picture about “reduced emissions” of major air pollutants like carbon dioxide, mercury, sulfur dioxide (SO2) and nitrogen oxides (NOx) by nation’s 100 electric power producers, accounting for 85 percent of US’s power production. These include top names like Duke, Southern, Exelon and many others.

Essential Elements of an Effective Whistleblower Hotline and Reporting Program

The Whistleblower Programs, established by regulators like the Securities and Exchange Commission (the “SEC”) in accordance with the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 that provides monetary incentives to people who report possible violations of the federal securities laws to the SEC, have made it is essential for organizations to implement an effective internal hotline program and incentivize employees to use that hotline.

Information Cyber Security Compliance: How Safe is Your Information?

How detrimental would an information security breach be on your organization?

Lets go back in time!

In July 2013, a data breach at the Department of Energy leaked information affected about 150,000 employees. After a great length of extensive research, an investigation cited a lack of urgency around information cyber security Management software as the violator.

Key Elements of an Effective Regulatory Change Management Program

Due to the increasing number of regulations and the constant changes to those regulations, the cost and complexity of doing business is increasing. In order to stay ahead with changing regulations, organizations require an effective automated and integrated regulatory change management program.

Is Your Document Management System Effective?

One of the biggest challenges for organizations today is the ever-increasing number of rules and regulations, and the pressure to conduct business ethically. With the increasing number of policies, procedures and documents required to ensure compliance, a manual, complex, and inefficient approach to policy and document management is no longer an option.

Proactive Enterprise Risk Management Approach

The U.S. Corporations risk management processes are under increasing regulatory and private scrutiny. The complexity, number, and velocity of risks are increasing and managing the myriad of changes in risk are becoming extremely difficult. Organizations are constantly firefighting and trying to mitigate risk by taking corrective actions. This reactive approach not only increases response time but it might even force these organizations out of business.

SEMS Element #2- Safety and Environmental Information

360factors announces the acquisition of Rosengarten, Smith & Associates, Inc. (RSA) environmental compliance services, environmental remediation and compliance services with offices in Austin, Corpus Christi and Houston, Texas.

Simplicity At Its Best, Using An Integrated GRC Software Solution

When it comes to performing the same types of tasks day after day, week after week, year after year, it is easy to see how easily someone can begin to overlook or skip certain procedural steps.  There are many reasons this could happen, however, I have noted that human error tends to be the cause in one way or another.  This has less to do with the individual and more to do with the fact that there is a lot of information that has to be viewed on a regular basis.  Without an automated process, this can be difficult.

Think Ahead of the Curve – Regulatory Compliance Software Choice

http://www.360factors.com/regulatory-compliance-software/

Emergency medical technicians and medical trainers are on call at an array of sporting events, from Little League tee ball to the Superbowl. The event organizers do not anticipate participants to pull an ACL or spectators to pass out due to heat exhaustion; however, EMTs attend just in case. Due to the historically risky nature of sporting events, many leagues and associations, from professional to intramural, require EMT to be present before the umpire can yell, “Play ball!”.