Tuesday, February 24, 2009

Shortcuts to 201 CMR 17.00 (and all other) compliance

Really? Of course not. There are no shortcuts. Well, maybe one- if you already have a secure environment, supported by appropriate policies and practices, then the path to any compliance project will be easier.

OK, returning to the real world, let's assume the worst case (and most likely) scenario- you are pretty much starting from scratch.  Where to start?  That's easy, stop doing it wrong.  I don't mean you have to immediately fix everything you are doing wrong, but you need to stop heading in the wrong direction.  You may need to change the way you store data, and you may need to develop a training program, and those will take some time.  Any new projects, however, you can start right- so stop and think before any new purchases or projects.  My wife has a saying for this kind of situation- "when you are in a hole, the first thing to do is stop digging" (that's pretty good advice for a lot of situations).

I'll offer up more practical suggestions in future posts, but this one really is a pretty good starting point.  Stop doing it wrong.