Joe Murphy, Esq., CCEP, CCEP-I
Senior Advisor, Compliance Strategists
jemurphy5730 @ gmail.com
Roy Snell, CHC, CCEP-F
CEO, Society of Corporate Compliance and Ethics
roy.snell @ corporatecompliance.org
Gerard Zack, CFE, CPA, CIA, CCEP, CRMA
Incoming CEO, Society of Corporate Compliance and Ethics
Charles Elson, Chair in Corporate
Governance, University of Delaware
Odell Guyton, Esq., CCEP, CCEP-I
VP Global Compliance, Jabil Circuit, Inc.
Rebecca Walker, JD, Partner
Kaplan & Walker LLP
Rick Kulevich, Senior Director Ethics & Compliance CDW
Greg Triguba, JD, CCEP, CCEP-I
Principal, Compliance Integrity Solutions
Zsuzsa Eifert, CCEP-I
Group Compliance Officer, T-Mobile
Constantine Karbaliotis, JD, CCEP-I
Andrijana Bergant, CCEP-I
Compliance Office Manager, Triglav
Mónica Ramírez Chimal, MBA
Managing Director, Asserto
Garrett Williams, CPCU
Assistant Vice President, State Farm
Vera Rossana Martini Wanner, CCEP-I
Robert Vischer, Dean and Professor of Law
University of St. Thomas
Peter Crane Anderson, CCEP
Attorney at Law, Beveridge & Diamond PC
Peter Jaffe, Chief Ethics and
Compliance Officer, AES
Michael Miller, CCEP, Executive Director
of Ethics & Compliance, Aerojet Rocketdyne
John DeLong, JD, CCEP
Berkman Klein Center
VOLUME 15, ISSUE 6
When a company is caught doing the wrong thing,
it is usually not one incident in isolation.
See page 19 “ ”
50 Stop debating and start acting: Apply GDPR
in 10 steps
by Patrick O’Kane
The General Data Protection Regulation is here, and it’s time to take action to make
sure your company is compliant.
54 [CEU] Embracing leadership mistakes to drive
by Terry Lawrence
When leaders are free to discuss their mistakes without fear of reprisal, the
organization as a whole benefits from a culture of trust and learning.
57 [CEU] Don’t pay for unnecessary snakes: A case study
by Emmi Bane
By building your values into your practices, compliance becomes naturally
integrated into the design and architecture of your organization.
64 How to build a culture of compliance
by Cansu Eray
How do regulator expectations, the three C’s, personalized experience, and
benchmarking make a compliance program a strategic advantage?
67 Technology risk assessment for compliance:
Data privacy and security risks
by Lauren Connell
As technology‑related threats continue to grow, compliance professionals should
turn to their familiar tools to mitigate risk.
COP Y EDITOR
+1 952.405.7939 or 888.277.4977
DESIGN & LAYOU T
+1 952.567.6222 or 888.277.4977
craig.micke @ corporatecompliance.org
Compliance & Ethics
Compliance & Ethics Professional® (C&EP) (ISSN 1523-8466) is published by the Society of
Corporate Compliance and Ethics (SCCE), 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Subscriptions are free
to members. Periodicals postage-paid at Minneapolis, MN 55435. Postmaster: Send address changes to Compliance
& Ethics Professional Magazine, 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Copyright © 2018 Society
of Corporate Compliance and Ethics. All rights reserved. Printed in the USA. Except where specifically encouraged,
no part of this publication may be reproduced, in any form or by any means, without prior written consent from SCCE.
For subscription information and advertising rates, call +1 952.933.4977 or 888.277.4977. Send press releases to
SCCE C&EP Press Releases, 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Opinions expressed are those of
the writers and not of this publication or SCCE. Mention of products and services does not constitute endorsement.
Neither SCCE nor C&EP is engaged in rendering legal or other professional services. If such assistance is needed,
readers should consult professional counsel or other professional advisors for specific legal or ethical questions.
Patricia Mees, CCEP, CHC
+1 952.933.4977 or 888.277.4977
patricia.mees @ corporatecompliance.org
+1 952.567.6225 or 888.277.4977
FRON T COVER AND PAGE 18:
Photography by Jonathan Grant-Hart, Spark Compliance Consulting Ltd.