It happened again this morning. I got an alert from a law firm I follow telling me that there is yet another new privacy law. This one is in Colorado, a state that now joins Virginia and California in creating requirements for consumer access to their data under threat of penalty. There’s a new draft European directive on third-party due diligence requirements which we need to follow, sanctions that seem to change every day – not to mention the decisions of the courts and prosecutorial guidance that functions to create de facto requirements on our programs. It can feel completely overwhelming trying to find out about and keep the information straight.
Where can you find information you can trust that will be helpful? Here are some tried and true sources to help.
Law Firm Alerts
Many law firms publish alerts when new laws come into force or are in the final stages of being passed. It’s critical to get on one or more law firm’s lists. I am a former Gibson Dunn attorney, so I’m particularly partial to them, especially for their FCPA/Anti-bribery materials. At many firms, you can sign up for their alerts without being a client. You can even choose the practice areas for which to get alerts.
There are some fantastic industry blogs that will help you to navigate new laws. Subject-specific blogs can be highly useful. I like the FCPA Blog and Tom Fox’s blog for anti-bribery and Michael Volkov’s for sanctions/trade compliance. More generally, the Society of Corporate Compliance and Ethics (SCCE) has a terrific blog with a huge number of contributors, as does the Health Care Compliance Association (HCCA) (if you’re working in health care). We here at Compliance Kristy also provide updates on new laws as they come out. Matt Kelly’s Radical Compliance blog follows the laws affecting the profession as well.
Compliance Week and Compliance and Ethics Professional magazines are a great source of information on new laws. Other than sanctions laws, most regulations take time to work their way through legislatures, meaning there is time to digest them. Equally, many laws don’t come into enforcement for several weeks, months, or even years, giving practitioners time to prepare. Magazine articles typically have greater depth than email alerts, so they can be particularly helpful.
The SCCE has a searchable database with a wealth of information called COSMOS. Members should look into its content. If you’re a lawyer, you may have access to Westlaw, Lexis Nexis, Reuters, or the Practising Law Institute’s (Practising is the English spelling) materials that highlight new laws and their requirements. Data Guidance is outstanding for privacy-related law information.
Many of the aforementioned people and organizations host webinars, including many big law firms, consulting firms, SCCE, HCCA, and Compliance Week. As a bonus, many of these organizations offer continuing legal education credits or continuing education credits for the compliance-related certifications (e.g., Certified Compliance and Ethics Professional – CCEP).
Another great source of webinars about new laws is the technology companies. Groups like Steele/Diligent, NAVEX Global, Compliance Line, and Convercent regularly put on webinars. Send them an email and they’ll be happy to add you to their lists.
Larger consulting firms often send emails when new laws are proposed or passed. Many times these newsletters contain information that will help you to respond quickly with practical suggestions. Like law firms, their aim is to get you to call them to help you. Regardless, the information can be invaluable on its own.
Whether virtual or in-person, new laws are a perennial hot topic for conference sessions. Check out the agendas before you pay for the conference to make sure there are topics relevant to you. The SCCE, HCCA, and Compliance Week conferences are particular favorites. Some of the technology companies, like Steele/Diligent and Convercent, have client conferences as well where new laws are often discussed.
Compliance-related podcasts have become the new hot thing. Not all podcasts focus on new and upcoming laws, but most have episodes focused on new laws. Try the Great Women in Compliance podcast, Compliance Perspectives podcast, Tom Fox [week in review], or Compliance Reloaded. The last one is usually in German!
Social Media Links
Open up LinkedIn every day to see what folks in the profession have found useful. You can check the general feed, or you can join specialty groups that post specific types of information. There are groups dedicated to everything from anti-money laundering to conflict minerals.
A key job of a compliance officer is keeping abreast of the new legal and regulatory developments. Many sanctions prosecutions begin simply because the business didn’t know about their obligations and did not have a screening mechanism in place. By knowing what is coming, you can prepare your executives and your program