Governance and Risk / Sarbanes-Oxley / FINRA and SEC/ HIPAA
Compliance - Governance and Risk
National and Local Governments continually enact new regulations and laws to provide more accountability, combat corporate fraud, and protect unauthorized disclosure of personal information. Sarbanes-Oxley, Gramm-Leach–Bliley Act, HIPAA, SEC, BASEL II, Freedom of Information Act, and the Patriot Act are examples. Will your organization be ready to comply with these regulations?
* Government regulations that require you to:
* Keep all email records in a tamper proof manner and be able to search and retrieve information for an audit
* Produce emails for Freedom of Information Act disclosure quickly and at low cost
* Random monitoring of emails for financial service brokers with audit trail reviews
* Financial Governance ensuring all business records are intact
* Acceptable Usage monitoring - analyzing email to make sure that inappropriate words are not being used and that specific organizations and persons are not being contacted.
To be in compliance, your organization needs to keep every email for a specified period of time. However, having your employees figure out which emails to keep and for how long is a mistake. Your archiving will never be consistent or accurate. Trying to accomplish that feat “automatically” based on content, department or sender is even more complex and prone to errors and can expose you to personal liability.
Benefits
* Full compliance with all regulations
* Dramatically reduce costs of legal investigations
* Protect intellectual property
* Reduce organization and executive exposure
* Improve employee education about risky behavior
* Increase integrity of information since transactions cannot be deleted from the archive
* Improve productivity by enforcing the Email Acceptable Usage Policy
Compliance - Sarbanes-Oxley
The Sarbanes-Oxley Act of 2002 (Pub. L. No. 107-204, 116 Stat. 745), also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox; is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals. These scandals, which cost investors billions of dollars when the share prices of the affected companies collapsed, shook public confidence in the nation's securities markets.
The legislation establishes new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It also extends to the suppliers to these organizations.
The Act establishes a new quasi-public agency, the Public Company Accounting Oversight Board, or PCAOB, which is charged with overseeing, regulating, inspecting, and disciplining accounting firms in their roles as auditors of public companies. The Act also covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure.
Since so many business transactions are conducted in email - discounts, special deals, deadlines, commitments, orders, cancellations, specification changes, etc. - to truly be in compliance, your organization needs to keep every email for a specified period of time. However, having your employees figure out which emails to keep and for how long is a mistake. Your archiving will never be consistent or accurate. Trying to accomplish that feat “automatically” based on content, department or sender is even more complex and prone to errors and can expose you to personal liability.
Benefits
* Full compliance with all regulations
* Dramatically reduce costs of legal investigations
* Protect intellectual property
* Reduce organization and executive exposure
* Improve employee education about risky behavior
* Increase integrity of information since transactions cannot be deleted from the archive
Compliance - Random Reviews
The Financial Industry Regulatory Authority (FINRA), is the largest non-governmental regulator for all securities firms doing business with the United States public. All told, FINRA oversees nearly 5,100 brokerage firms, about 173,000 branch offices and more than 669,000 registered securities representatives.
These areas that are important for financial services organizations:
* Collect and archive all messages sent and received by licensed traders
* Randomly review a percentage of emails and track the compliance reviewer information
* Review messages with keywords such as guarantee, deal, free, etc.
* Maintain messages in a tamper proof location
* Produce messages upon demand by an auditor or investigator
Benefits
* Full compliance with all regulations
* Dramatically reduce costs of legal investigations
* Reduce organization and executive exposure
* Improve employee education about risky behavior
* Increase integrity of information since transactions cannot be deleted from the archive
Compliance - HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) includes provisions designed to encourage electronic transactions and also required new safeguards to protect the security and confidentiality of health information. Health plans, health care clearinghouses, and those health care providers who conduct certain financial and administrative transactions (e.g., enrollment, billing and eligibility verification) electronically are required to comply with the provisions of the Privacy Rule.
The final rule adopting HIPAA standards for security was published in the Federal Register on February 20, 2003. This final rule specifies a series of administrative, technical, and physical security procedures for covered entities to use to assure the confidentiality of electronic protected health information.
Benefits
* Full compliance with all regulations
* Dramatically reduce costs of legal investigations
* Reduce organization and executive exposure
* Increase integrity of information since transactions cannot be deleted from the archive
|
