Traditionally, compliance in software and data has been top-down and event-driven – someone from outside of Technology, in response to some regulation, policy, or request, gets involved in how software operates, which open source components are used, or what data is stored or processed where. Not only does this approach fail to scale as the world is awash in more and more software and data, but it also frequently results in reactive damage control and re-development.

When everyone who works to build software or data understands what is or isn’t permissible – and knows when to ask for help proactively – the ensuing product is much less likely to contain problematic code or information. It’s not safe to assume that this is the case, however (though training can certainly help). More likely, many of the people writing code or handling data are unaware of the full spectrum of contractual or regulatory obligations that relate to their work.

Software compliance is a broad topic, ranging from internal policies and procedures to open source licensing across jurisdictions.  Software can clearly create efficiencies and enterprise value, but it’s critical that software does so without creating undue risk.  For example, open source software often plays a critical role in product development or infrastructure, but few organizations are proactively managing open source strategy in a compliant way.  Unintentional license violations can lead to serious issues, so making sure that your organization is compliant is an important task.  

GDPR. PIPEDA. CCPA. HIPAA. 152-FZ. CC-BY-SA.   You’ve got that all straight, right? When the focus is on writing code or creating a data product, the numerous (and sometimes onerous) regulations and obligations may fall by the wayside. Our training program highlights important compliance standards to consider when handling data (even if it’s data developed by someone else!). Proper training ensures that products are developed free of issues that could lead to liabilities.