This in a tweet is why I'd generally suggest that one aim for neutral good rather than lawful good with respect to business.https://twitter.com/paulg/status/1201560813242331136 …
-
Show this thread
-
(I will acknowledge some discomfort that all businesses must be lawful when compliance professionals ask.)
1 reply 1 retweet 13 likesShow this thread -
Some examples of "Technically compliant is the best kind of compliant" from my personal experience, very much not coextensive with that of any current employer:
2 replies 0 retweets 20 likesShow this thread -
HIPAA requires workforce training. Management is not exempt. I was 100% of the workforce at my company when we (the royal we) instituted HIPAA-compliant services. There is no requirement regarding the *form* of your training. You don't have to e.g. buy a course.
1 reply 0 retweets 12 likesShow this thread -
So I locked myself in a room for an hour, trained myself on my responsibilities under HIPAA using our company's standard curriculum which I had written, then had myself sign an acknowledgement that I had received training.
2 replies 2 retweets 38 likesShow this thread -
"You can't have expected that to pass muster." Oh no, voice in my head, I structured it like that because I was virtually certain that no regulator in the United States would have an issue with that approach.
2 replies 0 retweets 25 likesShow this thread -
Similar example: *writes email* Counterparty: "We need an official statement from your company about this." *copies email to PDF file, enters header Official Statement From Company* Counterparty: "Cool."
2 replies 0 retweets 53 likesShow this thread -
Another extremely common example of strategic ambiguity is "What is your address?", where I often got *very* poindextery about "OK so exactly what do you need there?", because some of my addresses were e.g. in Japan and some were not, which sometimes had consequences.
1 reply 1 retweet 11 likesShow this thread -
e.g. "Oh we need the address of your main place of business." Me: "Presumably you're OK with the mailroom?" "Sure." *writes down the PO Box in Chicago not the office in Tokyo*
1 reply 1 retweet 17 likesShow this thread -
(The one time this was extremely not OK was for an insurance company, which needs actual physical addresses for underwriting, but was willing to underwrite the mailroom for risk of fire and then add an additional office in Japan for no additional charge as a courtesy.)
2 replies 1 retweet 39 likesShow this thread
Which, n.b., required asking three carriers (through a broker) "Will you write the policy to include claims incurred at our location in Tokyo in addition to the location listed on the application?" Warren Buffett [0] was like "Sure, that's a thing we do." [0] USLI
-
-
Replying to @patio11
Ya, same in mfg, where we sometimes need to provide a "Certificate of Conformance". It's just a PDF with that title and the sentence that "this item conforms to ..." [std product specification] or [specs in proposal/PO] as appropriate. Still, gets your claim on record
1 reply 0 retweets 1 like - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.