Quick Hits

Some quick hits on stories that interest me, but did not make it to a full post:

SEC Posts XBRL Compliance Guide from The Filing Cabinet by Melissa Klein Aguilar

The staff of the Securities and Exchange Commission has posted a “small entity compliance guide” on its rules that require companies to submit financial statements tagged using eXtensible Business Reporting Language to the Commission and to post them on their corporate Websites.

Data Breach: Identity Theft Risk Insufficient to Support Claims by Hunton & Williams LLP’s Global Privacy and Information Security Law and Analysis

The mere increased risk of identity theft following a data breach is sufficient to give the data subjects standing to bring a lawsuit in federal court but, absent actual identity theft or other actual harm, claims against the data owner and its service provider for negligence and breach of contract cannot survive, a federal judge ruled this month.  Ruiz v. Gap, Inc., et al., No. 07-5739 SC (N.D. Cal. April 6, 2009).

Updating Your Gift & Entertainment Policy by Melissa Klein Aguilar for Compliance Week

In a recent survey of more than 500 compliance and ethics professionals, 46 percent said their organization hasn’t significantly updated its gift and entertainment policy in the last year. Of that group, 20 percent admitted it’s been at least three years since their policies were significantly updated. Observers say compliance executives have plenty of reasons to give those policies a fresh look, not the least being the continued enforcement crackdown on bribery.