The When, What, Why, and How of Compliance
We sat down with Jessica Waltman, brokerSpotlight™, and John McHugh, Citrix, to ask why it is so important to be familiar with the minefield that is compliance. Do you feel lost just thinking about navigating the compliance minefield? Be sure to sign up for our Navigating the Compliance Minefield webinar.
“When somebody says encryption, you think of the image from the matrix with these cascading lines and numbers and encryption is actually more than 2000 years old and we’re here to tell you that compliance does not have to be that complicated.” – John McHugh
At what point does compliance, or lack of, become an issue?
The ABA requires attorneys in their ethics rules to be aware of the risks and benefits of modern technology. It’s actually rule 1.1 under competency, so this is a basic fundamental requirement for attorneys now to know the benefits technology can provide their clients and the risk that are inherent in the use of that tech. Its foundational.
What are some of the consequences of not being compliant with agency standards?
HIPPA requires encrypted email technology – maybe 10% are doing it. Some of consequences include:
- Significant criminal and civil penalties.
- Financial penalties
- Liability of telling your client “your private information was breached”
- This is a huge cost to an agency. When someone is talking about “protected health information” going across people’s desks and computer systems, this puts the most sensitive information like social security numbers at risk.
HHS, who has a memorandum with the IRS and Department of Labor, is ramping up audits. If someone is to be audited by HHS and they find violations, it opens the door to more audits, fines and penalties.
How would a business know if they are up to compliance standards?
Speak with an expert in the field, complete required continuing education through a CLE course or a webinar such as this one. Business need to ask for help if they are not sure if they are subject to a regulatory scheme that could have severe penalties if they violate it unknowingly.
Why Share File to navigate the compliance minefield?
- If you have a requirement that everything must remain encrypted, ShareFile is the answer.
- An automatic disaster recovery plan: because of the nature of a cloud based storage system, if there is ever a fire, a flood or another natural or man-made disaster, you can always have access to your information.
- System Protection: Also because of our cloud based storage system, if you are hit with some kind of virus or malware you can just wipe your computer and start over. All your data will be able to be restored from the cloud.
- Specialized email technology: our one click email encryption, which again protects sensitive information like social security numbers or medical information that needs to be communicated to the client. One click encryption will protect the body of the email as well as the attachments.
Why should attendees use technology to navigate compliance?
- Technology makes everything easier. Maintaining compliance is simplified through ShareFile by adding a day-to-day process that automatically ensures security of your files.
- It helps on the front end by helping maintain compliance but also on the back end in case there is a mistake or error to prevent or limit the damage that could be done.