VanRein Compliance Podcast

Send us a text Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on X Follow us on Facebook

Send us a text We explore why vendor oversight is a critical yet often overlooked aspect of compliance programs, examining how third and fourth-party vendors present the greatest risk to your company's data security. Our conversation dives into strategies for building effective vendor management systems that go beyond superficial checkbox activities. • Third and fourth-party vendors create cascading risk levels for your business and customer data • Vendor oversight requires continual relationship maintenance, not just initial vetting • Security certificates like SOC 2 must be verified for currency and validity • Companies frequently fail in vendor management during staff transitions • Documentation is essential: maintain a supplier register with contracts, certifications, and contacts • Track artifact expiration dates for compliance certificates, insurance, and penetration tests • Proper offboarding procedures are crucial when ending vendor relationships • Homework: review your top five vendors, confirm their compliance posture, and document relationships Take these items back to your organization and dive into examining your vendor oversight program. Simple steps like documenting relationships, tracking certifications, and establishing clear escalation paths will significantly strengthen your compliance posture. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on X Follow us on Facebook

Send us a text The episode emphasizes the importance of maintaining a compliance program as an ongoing effort rather than a one-time task. It covers the evolving nature of regulations, risks of neglecting compliance, implementation best practices, and the critical role of vendor management. • Compliance is an ongoing commitment, not a one-time task • Regular audits and updated policies are crucial for effectiveness • Employee training must be continuous to mitigate risks • Neglecting compliance can result in severe financial and reputational damage • Vendor management is essential to safeguarding sensitive data • Technology can aid compliance efforts, but human oversight remains key • Staying vigilant ensures preparedness for evolving legal requirements Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on X Follow us on Facebook

Unlock the secrets of ISO compliance with us as we sit down with David Forman, a seasoned ISO auditor and the co-founder of Mastermind Assurance. David pulls back the curtain on the unique role of ISO auditors and how their work stands apart from other assurance programs like SOC 2 and HITRUST. With his vast experience, David provides a clear breakdown of ISO standards, particularly focusing on governance requirements and control sections within management systems like ISO 27001. This episode is essential for anyone looking to understand the ISO certification process and its global impact. Explore how data breaches, from the early 2010s to the pandemic era, have fundamentally altered consumer awareness and corporate security practices. David and our hosts delve into major incidents like the Equifax breach, discussing their profound influence on security compliance. We dive deep into the intricacies of SOC 2 and ISO 27001 certifications, highlighting the paths from SOC 2 Type 1 to Type 2 and ISO's Stage 1 to Stage 2 certifications. If you’re curious about how companies can transition between these frameworks to enhance their security credentials, this segment is a must-listen. Navigating multiple compliance frameworks can be a challenging task, but David shares invaluable strategies for making this transition smoother, from HIPAA to ISO 27001 and beyond. The importance of a flexible governance program, stakeholder buy-in, and addressing pain points like GDPR and AI-related risks are all covered in detail. We also touch on emerging standards such as ISO 27701 for privacy management and ISO 42001 for AI management. Don't miss this treasure trove of insights and practical advice for anyone involved in the world of compliance. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Unlock the mysteries of SOC 2 compliance with Kate Williams, our expert CPA and certified SOC 2 auditor from Maxwell Locke & Ritter. Kate turns what could be a tedious topic into an accessible and engaging affair. We cover the ins and outs of the SOC 2 framework, its inception, and why tech companies big and small need to sit up and take notice. Kate's unique blend of humor and deep industry knowledge illuminates the audit process and the strategic value of SOC 2 reports, leaving no stone unturned in this critical discussion. The tech landscape is evolving, and with it, the pressures faced by startups to achieve SOC 2 compliance. In a candid conversation with Kate, we dissect the nuances between SOC 1 and SOC 2 audits, and the difference between Type 1 and Type 2 reports. The insights offered go beyond mere compliance; they're about seizing opportunities and navigating the challenges of resource allocation for early-stage companies. This chapter reveals the true value of compliance investments and when it might be wise to challenge the status quo. We wrap up with a deep dive into the darker side of tech – data breaches, their repercussions, and the subtleties of off-boarding processes. By sharing stories of security slip-ups and the importance of structured documentation, Kate emphasizes the need for robust cybersecurity measures. She also clarifies the distinctions between SOC 2 and ISO certifications, ensuring our listeners are armed with the knowledge to protect their companies from becoming another cautionary tale. Tune in for a conversational, yet enlightening session that's anything but a dry lecture on compliance. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Jen and James Schultz of Answer Midwest join us to share the rhythms of their 30-year marriage, both at home and at the helm of their family-business. Imagine intertwining the threads of romance and entrepreneurship, crafting a tapestry of mutual respect, defined roles, and shared visions. Our guests recount their transition from college sweethearts to business co-pilots, offering listeners a real-life roadmap to blending love with livelihood. We crack open the playbook on maintaining individuality while sharing a common goal, discussing how to preserve personal space amidst a shared professional landscape. Jen and James, along with my own experiences with my spouse Rob, provide insights into setting boundaries and respecting the professional-personal divide. We delve into the nuanced choreography of couple-run businesses, the importance of independence, and the delicate art of not letting shop talk overtake pillow talk. Rounding out our conversation, we celebrate the legacy of Answer Midwest, where family, support, and wisdom intertwine to foster growth and innovation. We applaud the Schultz's for mastering the 'Space and Grace' mantra within their enterprise, and we encourage you, our dear listeners, to draw inspiration from their journey. Join us for a heartening look at the power of partnership in business and life, and perhaps find the spark to ignite your own story of success and togetherness. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Ever wondered how the pumpkin spice latte you love so much could possibly lead to a profound conversation about data privacy? Your hosts Rob and Don, are here to make that transition smooth! In this episode, we'll be sharing tales from our lives, dabbling in band competitions, football games, and even our views on the overpowering pumpkin spice craze. But the real kicker comes when we shift gears to unbox the intricate world of privacy policies, cookie policies, and Data Processing Agreements (DPAs). Does the legal jargon in these policies make your head spin? Fear not! We simplify these essential terms, highlighting the crucial aspects every organization needs to consider - data usage, possible sales, and even advertising methods. We walk you through the maze of global and state privacy laws, helping you craft a policy that perfectly fits your needs. Learn why ignoring cookie banners could land you in hot waters legally, and why accepting all cookies should never be an option. Let’s unravel the complexities of data privacy together and make sure our personal information stays safe. Join us for this peculiar blend of fun and function - it's a ride you won't want to miss! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Ever thought about how to build an unshakeable trust with your vendors? Ready to harness AI without fearing the risk of breaching data security compliance laws? That's exactly what we'll be uncovering in this latest episode. We kick things off with a nostalgic trip down memory lane, reminiscing about the delightful Texan tradition of crafting homecoming mums. We also share our experiences from the HITRUST Collaborate Conference in Dallas and discuss the importance of community support in events like the big band competition. Nothing says trust like a reputable certification. In this chat, we unravel the intriguing aspects of High Trust certification, guiding you through the journey towards achieving it. Get familiar with the E1 audit, a cornerstone in building the fundamentals of HITRUST, and its application across businesses of different sizes. From control mapping to vendor risk management, our discussions navigate you through crucial conversations that could help mitigate risks vendors may pose to your business. AI is changing the world - but at what cost? We tackle the often murky waters of AI usage, discussing the evolving landscape of certifications like SOC2, ISO, GDPR, and HIPAA. As we examine the High Trust AI Assurance Program and SOC2 auditors, we explore how your organization can use AI responsibly and securely. From assessing the cost of ransomware attacks to considering the potential benefits of becoming self-insured, we leave no stone unturned. Before we sign off, we reflect on the importance of having AI policies and discuss potential consequences of not having one. So, tune in, engage, and don't forget to connect with us on LinkedIn! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Ever wondered what it's like to navigate the maze of HITRUST certification for healthcare data security? Well, you're in the right place! Join us, Dawn and Rob, as we unravel the complexities of HITRUST, HIPAA compliance, and the various levels of HITRUST certification. We'll walk you through the cost, the importance of customization, and the crucial steps required for an effective implementation. Documenting everything is key in this process, and we're here to tell you why! As we delve into the nitty-gritty of Control Mapping and Disaster Recovery plans associated with Hytrust implementation, we keep things light and seasonal. Embrace the spirit of fall as we celebrate the arrival of pumpkin spice season and the approach of Halloween. We share our experiences of Texas-style Halloween, complete with trailer-ride trick-or-treating and neon bracelets. It's a delightful mix of in-depth discussion and fun banter that you wouldn't want to miss! Keep listening because next week, Rob will be bringing back insights from the Hytrus Collaborate 2023 in Dallas. So, buckle up and enjoy the ride! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Ready to uncover the latest healthcare industry shake-up? Costco, the retail giant, has decided to leap into the healthcare industry with a telehealth service, and we'll be your guides through this significant transition. Riding on the wave already set by Amazon, Walmart, and Sam's Club, Costco's foray into the market promises affordable and easy-to-access virtual primary care visits, lab testing, and even virtual mental health services through Sesame, an online platform. The implications of such a move in the healthcare industry, particularly for those with high deductible plans and the uninsured, are vast and transformative. But here's another twist - ever wondered about the vital role of the Business Associate Agreement (BA) in the realm of telehealth? Strap in as we navigate through the complex world of BA, laying bare the need for meticulous security measures, frequent risk assessments, and diligent breach reporting. We'll illustrate its importance in training and educating both covered entities and business associates, and the criticality of trust when handling precious customer and patient data. Join us, as we analyze what the Costco-Sesame partnership means in the context of BA compliance and what it implies for the healthcare industry's future. It's a conversation you won't want to miss! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

We kick off this week's episode of the VanRein Compliance pod by diving into the thrilling world of marching band season and its captivating musical diversity. We even spill some tea on Taylor Swift's unexpected influence on the NFL and her worldwide reign. But, we're not all fun and games. We put on our serious hats to explore the intriguing trend of declining union membership in the U.S. over the past decade, and its impacts on industries nationwide. Be prepared to come away with a deeper understanding of the stark contrasts between unionized and non-unionized companies, particularly in terms of profit margins and employee compensation. That's not all! We also venture into the complex labyrinth of state privacy laws, with a special focus on Delaware's Personal Data Privacy Act, which is set to change the game in 2025. We've got your back, breaking down what it means for businesses dealing with Delaware residents. If you've been keeping tabs on the rising number of HIPAA violation reports, we provide guidance on the correct process to report a violation either to the government or a company's privacy officer. You'll gain clarity on identifying legitimate violations and the essential details to include when you file a complaint. We wrap up by emphasizing that facts are the unsung heroes of data security and compliance. Don't miss out on this riveting discussion. Tune in and get ready to expand your knowledge! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Ever wondered how to navigate the ever-evolving landscape of HIPAA audit requirements and cybersecurity threats? This episode takes you on a thrilling journey where the stakes are high, and the races are fast - both in the realm of F1 racing and the world of healthcare audits. As we rev our engines, we chat about the latest F1 races in Singapore and Italy, sharing our top picks for teams and drivers. We also dive into the nitty-gritty of the new HIPAA audit requirements, focusing on the shift towards more cybersecurity-based threats. Buckle up as we shift gears and delve into the heart of cybersecurity threats. Drawing from the HHS OCR's list, we discuss the top five threats businesses face today - from social engineering and ransomware to data loss. But fear not! We also lay down the roadmap to navigate these threats with their ten recommended mitigating practices. We illuminate the potential risks, the effective countermeasures, and the importance of being proactive rather than reactive when it comes to cybersecurity. As we cross the finish line, we explore the terrain of strong compliance practices and securing your environment. We highlight the value of encryption, identity and access management, data loss prevention, disaster recovery, and asset management. We also underscore the significance of antivirus and anti-malware software, robust passwords, and wifi security. And in the spirit of staying ahead of the curve, we evaluate the implications of new laws emerging from the recent election cycle. So, join us for this adrenaline-packed episode; let's navigate the racecourse of cybersecurity and HIPAA audits together. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Who knew a deep dive into the world of HIPAA could be so much fun? Buckle up, because we're taking you on a lively journey into the intricacies of HIPAA violations, highlighted by the recently released audit guidelines from the OCR. But wait, there’s more. We're not just your average HIPAA aficionados - we're Rob and Dawn, hosts of the Van Rein Pod, back from a hiatus, and bringing you a whole new style of podcasting, complete with audience applause! In between the laughs, we're getting personal. From the trials and triumphs of our teenage son's high school marching band season to the stinky saga of our skunked dogs, we keep the banter flowing. Then, we switch gears without missing a beat to enlighten you about unauthorized access and its impact on the healthcare sector. It's a whirlwind of entertainment and education, and we promise, you won't want to miss a minute! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Welcome to the VanRein Compliance Podcast where we dive into the latest and greatest in Data Compliance, Technology, and family-owned businesses. This week Rob and Dawn dive into ChatGPT and what it means for Data Compliance and your business. Dawn also dives into the Dog problems and why 2023 is the year of AI. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Welcome to The VanRein Compliance Podcast: the Podcast that will secure your business with a clear plan to reduce your risk. This week our hosts Dawn and Rob Van Buskirk discuss how to create your Legal Life Plan with Amanda Batsche; In this week's episode, we unpack the following topics: You can learn more about Amanda watch a free introductory webinar to Legal Life Planning and how to get your own Legal Life Plan at her site www.batschelaw.com . Connect with Amanda on Instagram @batschelaw or Facebook Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Welcome to The VanRein Compliance Podcast: the Podcast that will secure your business with a clear plan to reduce your risk. This week we show you what the job duties of a Compliance Officer are and the one question you need to ask your business. We also discuss what the difference is between Privacy Officer, Compliance Officer, Security Officer, and even a Police Officer! And the ONE question you need to ask... Every week The VanRein Compliance Podcast will help you simplify compliance, secure your business, and reduce your risk all while having some fun. Thanks for joining us! Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

This Weeks Podcast is a Best Of the VRC Podcast and a special one for Dawn and Rob as they celebrate 22 years of marriage! Dawn talks about what works and what did not and Rob discusses the advice that his parents gave him when Dawn and Rob tied the knot. Plus, we dive into how to work together and be married! Listen for the sweet nuggets of success you can use in your life. You can always learn more at VanRein Compliance.com Schedule a free Cyber Risk Review of your business Education for your team: HIPAA, HB300, GDPR, CCPA, FERPA, Diversity Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

Hello and Welcome to the VanRein Compliance Podcast ! This week Dawn and Rob tackle Cyber Insurance! They review what it is, the types of Cyber Insurance you need, and what your Insurance company is looking for. We also review why an insurance Broker is critical to your business to save you $$$. You can reach out to us at Hello@VanReinCompliance.com with your insurance questions. Every week Dawn and Rob provide you with valuable information so you can protect your business and your customer's trust. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

This week Dawn is Solo! Kinda like Hans Solo but Better! She dives into the new 2023 data privacy laws that will impact your business and the recent Texas Cold snap! Dawn will discuss the following laws and what you need to do to prepare your business. California Privacy Rights Act, effective January 1, 2023Virginia Consumer Data Protection Act, effective January 1, 2023Colorado Privacy Act, effective July 1, 2023Connecticut Data Privacy Act, effective July 1, 2023Utah Consumer Privacy Act, effective December 31, 2023Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook

This week we have a special Guest on the VRC Podcast, Ramo Rendon the Director of Harbor Interfaith Services in San Pedro, CA. We discuss the services that Harbor provides the community and the need that he sees daily. We also discuss what inspired him to work for Harbor and serve his community. We also dive into the Top 5 Ways to Help the Homeless Taking time to serve others during this month of giving will make an impact on your community and you. Thank You for Listening to the VRC Podcast! Visit us at VanRein Compliance You can Book a 15min Call with a Guide Follow us on LinkedIn Follow us on Twitter Follow us on Facebook