In the wake of corporate scandals, compliance requirements have forced companies to address the way in which they handle corporate documents (both paper and electronic) and their associated information management infrastructure.

 

Financial services companies are revisiting their document retention policies based on specific compliance requirements such as Sarbanes-Oxley, Gramm-Leach Bliley, the Security Exchange Act of 1934 (SEC 17a), Anti-Money Laundering (AML), etc. in order to insure required documents are retained for the specified period of time and are immediately accessible.

We are living in a time when our nation and the world have been shaken by numerous businesses being probed for corporate improprieties such as wrongful accounting methods and records management fraud. It has become an almost current event to pick up the daily newspaper and read of another organization that has been accused of intentionally disposing critical business documents. As a result, government agencies are developing and expanding regulations for how organizations must manage their business content i.e. documents and records.

 

In today’s world nearly everything produces a record-whether it is a document, an e-mail, instant message or a transaction. Records can prove innocence or lack of intent. In the event of a dispute, solid records management and electronic document management practices offset what could be considerable costs for legal discovery and audits by making relevant business records readily available. The difference could be millions of dollars.

 

While the challenge of being compliant may require any number of changes in your business practices, acquiring a Document Management system should have a high priority due to the quick payback on dollars invested as well as meeting the compliance requirements.

 

RETURN ON INVESTMENT

The cost reductions and productivity improvements typically offered by implementing a Document Management system among which are:

 

	Reduction of Storage space- 20,000 pages can be stored on 1 GB of hard drive space.
	Simultaneous and Remote Access to Documents- Sign on using the WEB 24/7. Look at the same documents your colleagues are seeing.
	Efficiency-Avoid time searching for or filing and re-filing of documents. Eliminate the clerical costs of these tasks.
	Disaster Recovery-Electronic documents can be backed up and copies made for off-site storage. This cannot be done with paper based records.

The compliance benefits are:

 

	Lowered cost of producing documents and records when required
	Elimination of ad hoc legal discovery
	Automatic policy based retention by record type

Document Management, Workflow and Electronic Forms Systems are compliance “enablers” they are not of and by themselves a substitute for complete compliance framework, which by definition, would encompass policy, procedure, and the technology solution to support the framework.

 

Outlined below are the predominant compliance acts and the industries they affect.

 

HIPAA
Impacting every facet of the medical industry including insurance, healthcare entities, hospitals, doctors, pharmacies and patients is the Health Insurance Portability and Accountability Act (HIPAA). The first target for HIPAA compliance was due on October l6, 2002.

 

The remaining segments of HIPAA compliance including the use of unique identifiers, security and health information privacy became effective April 2003.

 

Perhaps the most significant aspect of HIPAA that heightens a need for Document Management Workflow and Electronic Forms systems is the privacy portion giving a patient the right to know who has had access to their health records and for what purpose. By tracking user interaction with the electronic documents as it occurs, this data can be made easily and inexpensively available when required.

 

SARBANES OXLEY

 

Sarbanes-Oxley impacts financial information capture, use and reporting. Additionally, Sarbanes-Oxley amended Title 18 of the U.S. code making the records-based obstruction of justice and tampering provisions applicable to all businesses public and private. The language of the act is pretty clear as it relates to documents. “Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document or tangible object with the intent to impede, obstruct or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case shall be fined under this title, imprisoned not more than 20 years or both.”

 

In the face of such risk, organizations simply must have the tools to manage the documents and records the organization produces. Automating the Accounts Payable process as an example, improves compliance. By centralizing processing of vendor invoices and using electronic approval processes rather moving the paper around, organizations can more accurately state liability in a specific financial period and avoid liability understatement or manipulation of an expense into a future period.

 

DOD 5015

 

DoD 5015.2-STD defines the basic requirements based on operational, legislative and legal needs that must be met by records management application (RMA) products that are acquired by the Department of Defense (DoD) and its Components.

 

This Standard is issued under the authority of DoD Directive 5015.2, “Department of Defense Records Management Program,” April 11,1997, which provides implementing and procedural guidance on the management of records in the Department of Defense. This Standard sets forth mandatory baseline functional requirements for Records Management Application (RMA) software used by DoD Components in the implementation of their records management programs; defines required system interfaces and search criteria to be supported by the RMAs; and describes the minimum records management requirements that must be met, based on current National Archives and Records Administration (NARA) regulations.

 

EC

 

Compliance for Financial services firms typically starts with their e-mail. The SEC 17a-4 rule [for brokers and dealers] stipulates they must store their specific records, that are account transactions, for a specific period of time. In terms of retention, the regulation stipulates three years, but see a best practice being seven years... and generally what customers are driving for. Also, the rules stipulate the data has to be stored on a medium where it can’t be changed, or modified, or deleted, for the set period. E-Mail archiving that is integrated with the document management system can provide significant benefits.

 

FDA CFR 21

 

The Food and Drug Administration (FDA) is the regulatory authority for a wide variety of industries including Pharmaceutical, Food, and Medical devices. The FDA has outlined steps in its initiative to modernize the regulation of manufacturing and product quality This initiative aims at ensuring that regulatory review, compliance and inspection policies are based on state-of-the-art science, and do not impede rapid adoption of new technological advances by the regulated industries. It also promises to enhance safety and quality in manufacturing while increasing efficiencies. Its achievements reflect valuable advice provided to FDA through many public workshops and meetings, and written comments from experts and interested parties in academics, industry, and other groups.

 

OTHER

 

The Gramm-Leach-Bliley act addresses safeguarding an individual’s information. Specifically, they state that an organization must identify reasonable foreseeable internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer information or customer information systems. The Patriot Act targeted at deterring terrorists defines that banking institutions must verify the identity of their customers and that they must maintain records of the information used to verify the customers identity.

 

ABOUT VIRIDIS

 

Viridis provides a state-of-the-art, web based integrated suite including document imaging, electronic document management, workflow, and records management. Viridis serves a wide business spectrum including broker dealers, financial advisors, medical, oil and gas, real estate, insurance and other organizations. Viridis plays a vital role in helping companies of all sizes save money and improve productivity by managing the storage, organization and retrieval of relevant information through their simple desktop interface.

For information contact
Cale Teeter
cell (713) 907-5887
office (713) 984-2900
email cale.teeter@e-viridis.com