Giva Blog
Help Desk, Customer Service, Cloud & Security Insights, with a Side of Altruism!

Giva's Compliance with EU & Switzerland Safe Harbor Framework

Giva Safe Harbor Compliance

In October of 1998, the European Commission created a Directive on Data Protection, which prohibits transferring personal data to non-European Union countries that do not meet a certain level of privacy protection. The EU felt this was necessary as it and the United States approach handling data privacy in different ways.

In order to allow US companies to quickly comply with EU standards, the European Commission and the U.S. Department of Commerce worked together to provide a framework by which organizations could certify their compliance. The program is called the U.S.-EU Safe Harbor program, and certifying to the framework allows U.S. organizations to join this program.

With Switzerland, their Federal Data Protection and Information Commissioner also worked with the U.S. Department of Commerce to create a separate "Safe Harbor" framework, for the same purposes as the EU "Safe Harbor" framework.

Giva values the privacy of its users and visitors, and Giva respects the privacy definitions of not only the U.S., but the other organizations around the world that have decided upon their own standards they feel are best for the people they represent. With this, Giva has completed the self-certification process as defined in the Safe Harbor framework for both the European Union and Switzerland.

For more information about Giva's Safe Harbor compliance, please visit our Privacy Policy page.

CSR Starts from the Top

As Corporate Social Responsibility (CSR) has assumed a greater place in contemporary business dialogue, discussion has been increasingly centered on the importance of senior executives in its implementation. While ideally socially responsible endeavors are practiced at all levels of a firm, it is clear that a business cannot become a leader in CSR if its decision-makers are hesitant about the benefits of corporate responsibility. Certainly, it helps a company's charitable practices if its CEO is personally altruistic. The example that executives at Microsoft have set has helped establish the CSR culture present throughout the entire company. But increasingly, the most important role executives play in CSR is their ability to anticipate its long-term payoffs. Rather than viewing corporate responsibility as a short-term cost, wise leaders understand its long-term payoffs such as the boost it provides to a company's reputation, employee morale, and sustainability in certain locales.

A look at IBM's 2008 Global CEO Study provides greater insights into how CEO's view their own roles. Each understands his or her role as an individual capable of looking at the company as a whole. This means they are able to understand trends and their customers/stakeholders' interests. Across the biennial CEO studies three external areas continue to assume greater importance: socioeconomic factors, environmental issues, and people skills. Each of these areas is linked to CSR, meaning CEOs are increasingly recognizing its importance to their entire business. Most importantly, senior executives are able to take a look at their entire supply chain and enterprise, giving them the opportunity to implement CSR values throughout the business. While socially-conscious employees may be able to improve the behavior of their departments, no one has the resources to enact policies throughout the company like those at the top. Given their holistic view and ability to rally workers, top executives are absolutely essential for the growth of CSR.

Non-Profit/Business Partnerships

As social challenges merge with business challenges in the contemporary world, corporations are beginning to look for opportunities to engage in shared value initiatives. Increasingly, shared value projects involve partnerships between NGOs (non-governmental organizations) and businesses designed to address common issues. When these partnerships are formed correctly, they can be instrumental in tackling some of the toughest problems currently faced by the business community.

Successful partnerships occur when each party complements the strengths of the other. Businesses are able to provide a conglomeration of resources that many nonprofit organizations lack. They are able to implement change on a massive scale. This opportunity allows nonprofits to expand their impact and take on initiatives that require many resources. Businesses also provide a natural discipline that ensures all agreed upon solutions are sustainable in the private sector. For their part, NGOs are able to fill certain knowledge gaps in the private sector. Some understand specific cultures and relationships in under-served markets, while others are attentive to the specific needs of different communities. Often NGOs are called upon to evaluate unknown areas of the market. Valuations of areas like biodiversity are critical for businesses looking to transform their supply chain.

The partnership between Coca Cola and the World Wildlife Fund (WWF) is exemplary of a successful shared value relationship. The WWF began working with Coca Cola in 2007 to conserve freshwater resources. The partnership has been extended through 2020 and will now focus on 11 key regions of freshwater basins. The two parties have also elected to expand the initiative to other conservation areas. By 2020 Coca Cola hopes to reduce carbon embedded in drinks by 25%, begin implementing plant-based renewable packaging, and ensure all ingredients are sustainably sourced. The WWF's detailed knowledge of biodiversity, ecosystems, and climate change is an essential tool in each of these projects. By developing environmental models and a system to evaluate the tradeoff between conserving biodiversity/ecosystems and minimizing costs, the WWF hopes to embed environmental sustainability into decision making. Coca Cola hopes to demonstrate the business case for investing in natural capital. The two parties have much to gain from the joint venture. If their actions are successful, society will gain too.

Trends in Business Volunteer Programs

It is interesting to note trends in business approaches to volunteering. A research report conducted by the Society for Human Resource Management (SHRM), a professional human resources membership association, suggests community volunteer programs and paid time-off for volunteering are becoming increasingly popular employee benefits. The Employee Benefits Study, conducted in February of 2013, asked a sample of HR professionals from SHRM’s membership database if they offered or planned to offer a list of 299 benefits. Of the 4000 SHRM members who received the survey 518 HR professionals elected to respond. Their answers serve as an important indicator of employee benefit trends.

The 2013 survey found that 20% of respondents offered some form of paid time-off for volunteering, while 1% planned to offer it in the next twelve months. This is a sizeable improvement from 2009 when only 15% of companies offered paid time-off for volunteering. The study also examined community volunteer programs. It found that 47% of firms had a community volunteer program compared to just 42% in 2009. Taken together, these findings indicate that companies are looking to expand their volunteer schemes.

There are a number of advantages to offering community volunteer programs and paid time-off for volunteering. The advantages of community volunteer programs have been well-documented on this blog and often generate shared-value for the community and the business. They have also been linked to increased employee retention. Paid time-off for volunteering is crucial for those looking to volunteer on top of personal and professional responsibilities. It is a simple way to allow employees to pursue important causes. Overall, this study offers some refreshing news about business approaches to volunteering. It appears an increasing number of companies are recognizing the benefits it offers to the workplace, the brand, and the community.

Are You HIPAA Compliant? - The Rise of Healthcare Data Breaches

A recent report by the Identity Theft Resource Center should heighten the level of concern of a number of healthcare companies. According to statistics compiled in 2013, the healthcare sector now accounts for 43.8% of total reported data breaches. That is the most of any sector. The reason is likely two-fold. First, the healthcare industry is subject to some of the strictest reporting requirements in the U.S. economy. These strict regulations force healthcare companies to publicly report information on all large data breaches. Second, hackers are increasingly recognizing healthcare companies as a valuable source of personal information. Hacking accounted for over a quarter of reported data breaches in 2013. Healthcare companies must become more aware of these external threats.

The Health Insurance Portability and Accountability Act (HIPAA) along with other federal requirements make strict security measures and data encryption methods a necessity for healthcare companies. Failure to implement these standards leaves these companies vulnerable to an attack. Companies are subject to federal punishments if a data breach occurs due to relaxed security measures. These include large fines and financial penalties. Given that the healthcare industry is now a popular victim of hackers, healthcare companies cannot afford to assume their security measures are sufficient.

Thankfully, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. For more information visit 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant? - Healthcare Information Safety

A recent report from the Washington Post offered some sobering news about the safety of information in the healthcare industry. According to the United States Department of Health and Human Services (HHS) 3.6 million patient records have been stolen from health firms via hackers since 2009. This statistic does not include the most recent hacking of Community Health Systems which lost 4.5 million records to a group of Chinese hackers earlier this year. Large data breaches are not the only concern. In 2012, HHS received 21,194 reports of small data breaches from healthcare companies.

Healthcare companies should be wary. According to a 2013 study conducted by the Healthcare Information and Management Systems Society only 69% of health security professionals said their company had established a data breach plan. The organization concluded that the healthcare industry has only reached an "average level of maturity" on security issues. This statement should be concerning to healthcare companies. Strict regulations in the Health Insurance Portability and Accountability Act (HIPAA) and further provisions tied to the 2009 stimulus require healthcare companies to comply with firm security measures. Companies that fail to comply with these measures and are subject to a data breach face many severe consequences. Large financial penalties are in place and companies often suffer backlash.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. For more information visit 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant?

Earlier this year medical records of 4.5 million patients were stolen from Community Health Systems (CHS) by a sophisticated group of Chinese hackers. According to the Washington Post the names, birth dates, telephone numbers, and social security numbers of patients were copied and transferred from the company's systems. This information has been protected under the Health Insurance Portability and Accountability Act (HIPPA) for the last decade. As required by federal law CHS notified all impacted patients and provided them with free identity theft services. The company’s liability insurance was expected to absorb the major financial impacts of the data breach. Their mandated Security and Exchange Commission Filing stating the consequences of the breach was published on August 18 and can be found here.The Health Insurance Portability and Accountability Act requires all companies contributing to healthcare services to protect patient’s personal health records with strict security and data encryption measures. Companies that suffer a data breach due to relaxed security measures can be found in violation of federal law. Penalties are strict. Significant fines that can jeopardize a company's financial standing and reputation are charged per incident. According to the FBI, the digitization of medical records has encouraged hackers to increasingly target healthcare companies. Strong security measures that align with strict HIPAA regulations are now required of all healthcare providers.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. Click on: 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Sustainability Indexes

Companies are increasingly recognizing the benefits of strong corporate citizenship. As investors have become more attuned to the necessity of sustainable business practices there has been a growing demand for indexes and rankings that highlight global firms with strong sustainability records. In particular, three indexes provide an interesting look at how corporate responsibility is quantified and what non-financial characteristics are important in firms.

Corporate Knights is a Toronto-based media and investment advisory company that works with Solactive, a German index provider, to produce an annual list of the most socially responsible companies in each sector of the global economy. Termed the Global 100, the list scores companies on a series of indicators based on how they rank against their global industry peers. Indicators range from energy and water productivity to tax structure and employee safety and are specific to a company’s industry. To qualify for the list companies must be transparent, disclosing their current business practices to the public. The end result is a comprehensive list that details the top performing companies in each industry. Most recently Westpac Banking Corporation of Australia topped the list. They were the first Australian Bank to join the Australian Government’s Greenhouse Challenge Plus and were the first bank in Australia to create a matching donor program for their employees.

The Dow Jones Sustainability Indices is based on a similar belief in corporate responsibility. As factors such as resource scarcity and demographic shifts become more important in the business community, businesses that are operated sustainably will increasingly be able to capitalize on their value. A partnership with RobecoSAM has led to the creation of the Corporate Sustainability Assessment. This assessment is based on a questionnaire sent to the world’s 2,500 largest companies. It is looking for a company’s awareness of and the steps it has taken to address various economic, environmental, and social concerns. Social concerns include standards for suppliers, corporate citizenship and philanthropy, and labor practices. By addressing sustainability issues a company is seen as insuring its long-term vitality.

The last index series is compiled by the FTSE Group, a subsidiary of the London Stock Exchange. Termed the FTSE4Good Index Series it evaluates companies on a variety of sustainability issues. Strong Corporate Social Responsibility (CSR) practices are seen as a means of mitigating risk and an indication of sound management. The FTSE Group looks into a company’s environmental sustainability and supply chain labor standards as well as other areas of interest. This analysis helps determine the most sustainable businesses.

Although these indexes are primarily a means of evaluating investments they provide essential insights into the area of corporate responsibility. Each is further evidence that supporting communities rather than harming them is a vital business practice. They are further evidence of the evolving landscape of CSR. It is now increasingly seen as a means of reinforcing a brand, building loyalty, and ensuring that one’s business is appropriately situated to address societal challenges.

Creating a Culture of Corporate Social Responsibility (CSR) in Your Company

When thinking of how to create a corporate social responsibility (CSR) culture inside of your company it is important to think about both the values of your company and also what CSR involves. In a general sense, CSR includes the parts of your business that do not have to deal with finance. Alexander Garrett of Management Today describes it as, “ethics; interactions with people inside and outside your company; and how you affect the planet” (Garrett, 1) in his article Crash Course in...Creating a CSR Strategy.

In terms of values, the social work that is done cannot go against what your company believes in. People will see right through your CSR report and begin to distrust your company; this means all of your consumers walk away. In a study done by Shital Jhunjhunwala, Assistant Professor of Finance, Institute of Public Enterprise, entitled Intertwining CSR with Strategy- the way ahead, there were social implications which claimed, “business cannot survive without society’s acquiescence nor succeed without its active support” (Jhunjhunwala, 1). For example, within a tech company, it isn’t wise to claim to love being green and being energy efficient if the products that are being sold use far more energy than other products on the market. This would demonstrate that not only do you not care about the planet, but you also think consumers lack the intelligence to find out that you are lying to them, not the best plan in any scenario.

Furthermore, while CSR initiatives have to start from the top-down, because nothing will be sustainable if the board is not supporting CSR efforts, employees have to also believe in the mission that is being encouraged. If the board decides that they want their employees to get a specific number of hours of volunteer work, ask the employees what they are interested in. If people are more interested in animals, begin a puppy and kitten initiative where they are able to support and volunteer with animal shelters; if they want to help the poor, create initiatives where they are volunteering at a food bank or building homes.

According to Garrett, these initiatives should not only come from employees but also customers and investors. It is important to know what people want from your company (Garrett, 1). One of the ways to do this is to be open with everyone, to never provoke sentiments that your company is untrustworthy. There are many ways to do this such as the use of social media. One of the methods that Garrett suggests is to give clear pieces of your CSR message but then also have ways for the public to see the full scale of all that you are doing. This could be a link online that leads to a full report of the initiatives that your business is taking. Along with being trustworthy comes accepting that the company is not perfect. It could be that the company never recycles and they serve every meal in Styrofoam. The important thing is also explaining how those behaviors are going to change. Let everyone know how you will do better but that it will take time and then explain to them your time frame for meeting different target goals (1).

Is this a step by step tutorial on how to make a perfect CSR culture? No. Every company is different and they will have to start small and find out what works best for their company, one does not simply know the best strategy for a CSR culture right away. This is just where to start, to find out how a CSR culture can work for both the company and society. The right CSR culture will do both and add value and sustainability to a corporation.

 

Newer Entires     1   ...   16   17   18   19   20   21