Compliance in the Corporate World



Similar documents
Security in Fax: Minimizing Breaches and Compliance Risks

HIPAA: Healthcare Transformation to Electronic Communications. Open Text Fax and Document Distribution Group May 2009

Reduce Costs and Improve Efficiency by Automating Oracle Document Distribution. Open Text Fax and Document Distribution Group October 2009

Whether your organization is small, medium or large, OpenText RightFax meets these

1 Product. Open Text is the leading fax server vendor in the world. *

Whether your organization is small, medium or large, OpenText RightFax meets these

Automatic Routing of Inbound Faxes with Open Text Network Fax Servers

White Paper. Document Security and Compliance. April Enterprise Challenges and Opportunities. Comments or Questions?

Are your multi-function printers a security risk? Here are five key strategies for safeguarding your data

Implementing Fax over IP in your Organization

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

The Impact of HIPAA and HITECH

Meeting Compliance and Privacy Requirements. Distributing paper documents electronically in an age of increased regulatory pressures

Compliance in 5 Steps

HIPAA: Health Care Transformation to Electronic Communications

7 Ways your Fax Machine is Putting You at Risk for Identity Theft. How is your company protecting private information in everyday transactions?

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Design of Database Security Policy In Enterprise Systems

Rackspace Archiving Compliance Overview

Healthcare Insurance Portability & Accountability Act (HIPAA)

Frequently Asked Questions

OpenText Fax Servers and Microsoft Office 365

The True Impact of Documents on Business Today

White Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia

HIPAA PRIVACY AND SECURITY AWARENESS

WHITE PAPER Choosing a Fax Solution Deployment Model. Choosing a Fax Solution Deployment Model. 1 P a g e

CoSign for 21CFR Part 11 Compliance

Contents. Best Practices Guide. 3 Physical Records: The Ongoing Compliance Challenge

Regulatory Compliance Requirements with VERITAS Enterprise Vault and Microsoft Windows Server Technologies

Solgenia Facsys. Fax and HIPAA Compliance

Document process management solutions for MiFID compliance

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

HIPAA Compliance & Privacy. What You Need to Know Now

White Paper Achieving SOX Compliance through Security Information Management. White Paper / SOX

MEETING COMPLIANCE REQUIREMENTS WITH DOCUMENT MANAGEMENT SOFTWARE BY JAMES TRUE

Spambrella Archiving Service Guide Service Guide

White paper. Why Encrypt? Securing without compromising communications

The Right Choice for Call Recording Call Recording and Regulatory Compliance

Compliance and Industry Regulations

Dematerialisation and document collaboration

Information retention and disposal guide. Date: 31 October 2014 Version: 2.0

White paper September Realizing business value with mainframe security management

WHITE PAPER Automating Document-intensive Tasks with Workflow Software

Security Considerations

Dedicated IT Support. BEFORE You Need It. Save Time, Money and Headache.

The Role of Password Management in Achieving Compliance

Four keys to effectively monitor and control secure file transfer

Adopt and implement privacy procedures, train employees on requirements, and designate a responsible party for adopting and following procedures

Newcastle University Information Security Procedures Version 3

OpenText RightFax Express

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

ecopy and the Health Insurance Portability and Accountability Act (HIPAA)

Why Use Electronic Transactions Instead of Paper? Electronic Signatures, Identity Credentialing, Digital Timestamps and Content Authentication

Open Text Fax Gateway Specifications and Implementation Scenarios

MASSIVE NETWORKS Online Backup Compliance Guidelines Sarbanes-Oxley (SOX) SOX Requirements... 2

GFI White Paper: GFI FaxMaker and HIPAA compliance

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Ubiquity of Security Compliance and Content Management

How To Ensure Financial Compliance

Multi Support Next s. Taming your rogue business s for secure knowledge sharing, transaction efficiency, and bulletproof compliance.

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Protecting Your Data On The Network, Cloud And Virtual Servers

IBM ECM Employee Lifecycle Management August HR best practices: Managing employee information from hire to retire

Addressing document imaging security issues

The Evolving Threat Landscape and New Best Practices for SSL

The biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance

Archiving for the Financial Industry

LRS Output Management Solutions

Choosing a Fax Solution Deployment Model

Active Directory Auditing The Need and Result

How to Pick Up Speed. Document Management for Health Care

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Managing Governance, Risk and Compliance with Enterprise Content Management

Efficient Paperless Records Management

White Paper Achieving HIPAA Compliance through Security Information Management. White Paper / HIPAA

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Securing Critical Information Assets: A Business Case for Managed Security Services

Enterprise Data Protection

Integrated archiving: streamlining compliance and discovery through content and business process management

Security Information Lifecycle

Streamline Enterprise Records Management. Laserfiche Records Management Edition

Somansa Data Security and Regulatory Compliance for Healthcare

A Special Guide on Document Management

InstaFile. Complete Document management System

engage. empower. evolve. SARBANES-OXLEY COMPLIANCE

Information security controls. Briefing for clients on Experian information security controls

K-Series Guide: Guide to digitising your document and business processing. February 2014 LATEST EDITION

Ensuring HIPAA Compliance with eztechdirect Online Backup and Archiving Services

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Preparing for the HIPAA Security Rule

ELECTRONIC PRESENTATION AND E-SIGNATURE FOR ELECTRONIC FORMS, DOCUMENTS AND BUSINESS RECORDS ALPHATRUST PRONTO ENTERPRISE PLATFORM

WHITE PAPER. ecopy and the Health Insurance Portability and Accountability Act (HIPAA)

Self-Service SOX Auditing With S3 Control

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

Document Imaging Solutions. The secure exchange of protected health information.

STERLING COMMERCE WHITE PAPER. Four Keys to Effectively Monitor and Control Secure File Transfer

Page 1 Disclaimer: None of the provisions of this document constitute legal advice. If you need legal advice on the provisions of the laws listed,

A California Business Privacy Handbook

Transcription:

Compliance in the Corporate World How Fax Server Technology Minimizes Compliance Risks Fax and Document Distribution Group November 2009 Abstract Maintaining regulatory compliance is a major business issue facing organizations around the world. The need to secure, track, and store information for compliance purposes is critical because the risks of noncompliance are very real. For years, businesses have relied on fax communications in day-to-day operations. Now there is more pressure to closely manage fax communications and document processes. It s not surprising that organizations are turning to fax server software technology to address compliance requirements. This white paper addresses the area of fax communications and the steps you can take to make your organization compliant. Solutions to support compliance that combine fax and document management capabilities into a single, complete offering are available. Open Text Fax and Document Distribution solutions enable organizations to improve security, increase efficiency, and support compliance.

2 White Paper Contents Executive Summary... 3 Compliance in the Corporate World... 4 Regulations are everywhere... 4 Understanding the effects on business processes... 4 Managing Compliance... 5 Risks of non-compliance... 5 Security and compliance challenges... 6 Developing a Compliance Strategy... 7 Using Fax Server Technology to Ensure Data Privacy... 8 Legal issues... 8 Security issues... 8 Solutions for supporting compliance security issues... 8 Integrated Fax Server Solutions for Supporting Compliance... 10 Open Text Fax Server, RightFax Edition... 10 Open Text Fax Appliance, FaxPress Edition... 10 Open Text Document Server, Alchemy Edition... 10

3 White Paper Executive Summary Constantly evolving government regulations and standards are impacting how businesses around the world manage their information. Information is ubiquitous whether paper-based or electronic and the requirements for effectively securing, maintaining, and auditing information for compliance can be complex. Simply stated, compliance with regulatory standards requires conforming to a policy, specification, standard, or law that has been clearly defined. As each new regulatory standard is introduced, organizations such as yours have to consider the impact to your current document management processes and figure out the optimal means to meet compliance requirements.

4 White Paper Compliance in the Corporate World Regulations are everywhere Regulatory compliance is a business fact of life, with new government regulations and standards being introduced on an ongoing basis. The impact of regulatory change is felt globally as organizations are required to conform to new regulatory changes taking effect in every region. Industries most affected include financial services (banks, non-bank mortgage lenders, loan brokers, financial or investment advisers, debt collectors, tax return preparers, insurance, and real estate settlement service providers), healthcare, legal, and government entities. The landscape is one of constantly changing compliance requirements. Corporate ethics violations and scandals have resulted in tighter legislative regulations in the United States, such as Sarbanes-Oxley. Privacy concerns are addressed by the Gramm-Leach-Bliley Act as well as the Health Insurance Portability and Accountability Act (HIPAA). European Union legislation has resulted in considerable regulation including the Data Protection Act 1998 and the Freedom of Information Act 2000 enacted in the UK. Regulations across the globe require that businesses rethink information management processes. Understanding the effects on business processes In most organizations, paper documents, emails, faxes, and other office documents are typically stored in file cabinets, in employee desk drawers, on desktop PCs, in file servers, or archived in file boxes located in offsite warehouses. As businesses strive to go paperless, it is challenging to corral all of the existing information and maintain control. Whatever processes you have in place may need to be modified so that your organization is not exposed to compliance risks.

5 White Paper Managing Compliance With more pressure to closely manage fax communications, organizations have to assess what processes are in place versus what can be improved for compliance demands to secure and retain information. To determine if your organization is on the right track for compliance, start by asking these questions: What are the benefits of solving the business challenge? Do you have control over how and where documents are being delivered and to whom? Are there safeguards in place to prevent people from tampering with the information? Is information actually being received by the right people? Are you sure that confidential information is kept private? Do you have an audit trail for your corporate communications? Do you have secure storage for the documents? Do you know the rules regarding when document destruction is allowed? Once you ve answered these questions, you have a baseline with which to start building a compliance strategy. Risks of non-compliance Built in to most regulations are requirements to protect and control the information flow in an organization. The risk of non-compliance is very real. In the US, there are laws and regulations that can have civil or criminal penalties attached. Some regulations hold not only the corporation but individuals within the corporation such as the CEO or CFO personally responsible for compliance violations. Consequences range from fines levied to criminal prosecution and even jail time for executives, depending on the severity of compliance breach. For example, Sarbanes-Oxley noncompliance violations can result in a fine of up to $1 million and a jail term of up to ten years for any corporate officer who doesn t follow the rules, even if inadvertently. In turn, the fallout of compliance violations can affect the health of the business, especially if violations result in the loss of the company s good reputation, the tarnishing of the company s brand image, and potentially the loss of market leadership.

6 White Paper Security and compliance challenges To comply with regulations, you must be able to provide documented proof that your organization is in compliance with the standards that govern your business, which can be challenging to implement. To minimize risk, your organization must look at how to put these processes in place: Automating the document delivery processes Centralizing information delivery and receipt Safeguarding document confidentiality Protecting information from tampering/alteration Limiting information access Tracking and monitoring access who and when Providing secure storage, historical data, and managing document destruction Given these measures, it s no surprise that the number one driver for replacing fax machines with a network fax server is often regulatory compliance.

7 White Paper Developing a Compliance Strategy Developing a document strategy to support compliance initiatives is a logical first step, and it starts with engaging your IT team in establishing guidelines for the top five IT compliance issues. Top five IT compliance issues facing organizations today: 1. Process control: Examine the controls you need to have in place to make sure the information in documents is verifiably received by the right people. Controlling who has access and where and when documents are delivered is part of a solid compliance plan. 2. Information integrity: Business documents that are uncontrolled are potential security threats and can put your business at risk. The following are a few examples: Accounting documents such as purchase orders, purchase requisitions, proofs of delivery, order confirmations, and invoices All contracts with customers, employees, and vendors Employee documents including nondisclosure agreements, insurance claims receipts, health claims and health records, human resource paperwork, and expense accounts Corporate documents such as stock trade confirmations, account statements, and bank statements To protect your business from such risks, many documents (including the examples above and several more) must be unalterable. For this, you need safeguards in place to prevent information tampering. 3. Privacy: A cornerstone of many regulatory requirements is protecting the confidentiality of information, so it is vital that information is kept private. Controlling who has access and when they have it is a necessary piece of the compliance strategy. In the typical organization, paper faxes are sent and received via fax machines usually located in open areas, outside of the control of your computer system. Anyone can view or take faxes or accidently discard them before the intended recipients receive them. Without some form of access control, there is no privacy or security. 4. Tracking, reporting, and audit trail: Regulations dictate that businesses physically protect information and provide a history of what has happened to the information and which personnel have had access to it. Paper-based documents present a daunting challenge to even the most organized management system. 5. Document storage: Storage is an issue most organizations face not only for compliance but relating to the facilities and hardware expense to store documents. Providing secure and long-term document storage is a priority for any compliance strategy. The problem with storing paper-based files in folders and filing cabinets is the lack of control and privacy and the difficulties in tracking down information for audit trails.

8 White Paper Using Fax Server Technology to Ensure Data Privacy Legal issues In most cases, signatures on documents received by fax and scanner are legally binding. Many countries including the US, the EU, and Australia have determined that electronic signatures (when recognized under the law of each jurisdiction) have the same legal consequences as the more traditional forms of executing of documents. Electronic Signatures in Global and National Commerce Act and E- Sign Act are examples of US legislation governing electronic signatures. Because fax documents are legally binding, the need for safeguarding them becomes even greater. Security issues Fax servers enhance security by eliminating existing non-secure stand-alone devices while providing a centralized document delivery and storage hub. Some fax server software offers an extra layer of protection with encrypted and certified email delivery options that require passwords to access information, as well as provide electronic verification of receipt for better authentication. These features help diminish the risk of confidential information falling into the wrong hands. Documents are delivered to intended recipients in tamper-resistant formats, protected from corruption, and allow you to take advantage of your network s established security system. Solutions for supporting compliance security issues Centralized delivery: Fax server software acts as a centralized document delivery hub. Each step of the document delivery process is managed electronically, with dialing and routing rules that control how and where faxes are sent and received. Information can be exchanged electronically, in real-time directly from your applications without manual intervention. This makes it easier for IT to manage, track, and control how information is disseminated within your organization and beyond your corporate walls. Integration: For organizations that already use a document management system or database for long-term document storage, fax server software can integrate with other systems to meet electronic document retention requirements. Fax server solutions readily integrate with Customer Relationship Management (CRM), document management, email, Enterprise Resource Planning (ERP), workflow, and other software applications you use to operate your business. Tamper-resistant: With fax server software, faxes are received directly to enduser mailboxes, so paper documents aren t sitting out in the open. When a fax arrives in your inbox via a fax server, the document is tamper resistant it cannot

9 White Paper be edited without the event appearing in the audit trail. A fax server can deliver documents as unalterable PDF or TIF images over a secure Public Switched Telephone Network (PSTN). Security and management: A document management solution creates a trusted digital archive where you can securely store any document type and then find it quickly. Fax server software digitizes your documents so that the associated metadata can be stored along with your documents in a secure repository. Audit trail: A network fax server allows senders to fax confidential information directly from the privacy of their computers. With a variety of configurable, automatic tracking features to satisfy audit trail requirements, a network fax server guarantees that the details of every fax transaction will automatically be recorded, stored, organized, and available for auditing purposes at any time. Track history: Among other functions, fax server software can track fax history, provide verification of fax delivery, assign access passwords, and route incoming faxes to individuals fax or email inboxes and be the on-ramp to automated workflows. Such features provide a deeper audit trail for protected documents to help satisfy tracking and reporting requirements. Electronic fax repository: A complete document management solution allows organizations to manage business critical documents from beginning to end. Finding solutions that control and manage information created from disparate sources and stored in many different forms is challenging. The challenge can be met by accepting and combining content, organizing it, distributing it via workflow, storing it, and providing secure access to it when and where users need it. Businesses are also turning to document management software to replace the manual process of document handling and record keeping with tamper-proof repositories that act as a digital file cabinet. A document management solution creates a trusted digital archive where you can securely store any document type and then find it quickly.

10 White Paper Integrated Fax Server Solutions for Supporting Compliance Integrating fax directly into your network infrastructure not only accelerates business processes but also allows you to gain control of documents and support security and compliance efforts. The result is a long-lasting, reliable archive solution needed to support organizations' record keeping and compliance goals. Open Text Fax and Document Distribution solutions enable organizations to improve security, increase efficiency, and support compliance. Open Text Fax Server, RightFax Edition Open Text Fax Server, RightFax Edition lets you send and receive faxes directly from the desktop. Fax Server automates the flow of fax, paper, and electronic documents, making it more secure and efficient to deliver information from virtually any application. By eliminating the steps common in manual processes, organizations can reduce their exposure to risk by securely delivering documents in compliance with key regulations such as HIPAA and SOX. Tens of thousands of organizations have replaced their traditional fax hardware and infrastructure with Open Text Fax Server. Open Text Fax Appliance, FaxPress Edition Open Text Fax Appliance, FaxPress Edition is an all-in-one network fax server that offers desktop faxing, production faxing, fax, email integration, workflow application integration, and tools for developing custom fax applications. A complete network fax solution, Fax Appliance includes all the necessary hardware and software for sending and receiving faxes from the desktop, email, and back-end applications. Open Text Document Server, Alchemy Edition Open Text Document Server, Alchemy Edition is an application that stores, retrieves, archives, and even destroys documents based on policies. Think of it as an electronic file cabinet for your organization where you can securely file and find every document, no matter its original source. Document Server is the document management software solution for thousands of small and mid-size businesses, providing document scanning, document imaging, document archiving, fax archiving, and electronic records management capabilities.

11 White Paper About Open Text Open Text is a leader in Enterprise Content Management (ECM). With two decades of experience helping organizations overcome the challenges associated with managing and gaining the true value of their business content, Open Text stands unmatched in the market. Together with our customers and partners, we are truly The Content Experts, supporting 46,000 organizations and millions of users in 114 countries around the globe. We know how organizations work. We have a keen understanding of how content flows throughout an enterprise and of the business challenges that organizations face today. It is this knowledge that gives us our unique ability to develop the richest array of tailored content management applications and solutions in the industry. Our unique and collaborative approach helps us provide guidance so that our customers can effectively address business challenges and leverage content to drive growth, mitigate risk, increase brand equity, automate processes, manage compliance, and generate competitive advantage. Organizations can trust the management of their vital business content to Open Text, The Content Experts. http://faxsolutions.opentext.com Sales: Support: Captaris.Sales@OpenText.com 800-304-2727 Support@OpenText.com 800-540-7292 www.opentext.com For more information about Open Text products and services, visit www.opentext.com. Open Text is a publicly traded company on both NASDAQ (OTEX) and the TSX (OTC). Copyright 2009 by Open Text Corporation. Open Text and The Content Experts are trademarks or registered trademarks of Open Text Corporation. This list is not exhaustive. All other trademarks or registered trademarks are the property of their respective owners. All rights reserved. 09FXDD0045EN

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information