Monday, October 22, 2018
Poor records practices can damage your reputation and lead to costly fines. Laws like the Sarbanes-Oxley Act (SOX) and the Health Insurance Portability and Accountability Act (HIPAA) require the maintenance of records in an organized way to ensure security and accessibility. Poor records management and storage can compromise confidential records and can tip off legal authorities to dig deeper into your business to single out areas of non-compliance. According to research conducted by AIIM, 28 percent of respondents said that their records management and security practices have been criticized or exposed by an auditor because of poor records practices.
In the same research AIIM found that 41 percent of respondents have no effective retention policies at all. Just because most of your documents and records are in digital format doesn’t mean that you can be lax about their validity period. In order to stay compliant with regulations, it is important for you to know the retention period of your electronic documents and records. Let’s look at the retention period of the following industries:
Businesses that have a retention policy in place, especially those that have a third-party storage provider, should ensure that the backup copies are deleted after the retention period.
Aside from being mindful of retention periods, you should also be vigilant about these threats:
Unauthorized access can result in theft or leakage of intellectual property and the alteration or destruction of information that needs to be retained. The integrity of any document, may it be paper or electronic, is maintained when nothing has been altered, added or deleted. This is critical especially for legal matters wherein you need to ensure the authenticity of a document and protect its chain of custody.
Ensure that confidential electronic documents and records are encrypted, so that even if they are copied or stolen, the information can be protected. It’s imperative that only authorized persons have access to your records.
Phishing emails. Spyware. Ransomware. You should be aware of these threats because these can also impact your compliance.
Secure your own network with a good firewall and security software. It’s also important to train your employees in basic IT security such as creating a strong password for their computers or email accounts and refraining from responding to “phishing” emails.
Laptops, smartphones, tablets and USB drives can hold large amounts of data. If you lose these devices or if these get stolen, the electronic documents or records saved in them are compromised.
Businesses should mitigate the risks by minimizing the confidential data that is stored in these devices. Ensure that mobile devices are protected with strong passwords. Use an up-to-date encryption technology to protect data on mobile devices.
It’s mandatory that you know your legal obligations and regulatory compliance when it comes to storing and managing your electronic documents and records. The strongest driver for establishing a records management system is still compliance for both statutory and industry-specific regulations. If businesses will strictly follow best records practices, they can save up to 25-percent of audit costs, legal costs, court costs, fines and damages.
Rabbit Office Automation (ROA) can help you overcome today’s challenges in a cloud-first world by delivering office automation through digital technologies. With over 30 years of proven track record in providing highly functional, top-quality copier and printing equipment tailored to meet your specific requirements, ROA offers solutions that can eliminate redundancy and efficiency by streamlining your document workflow and helps you reduce waste and environmental impact by using less paper. Talk to our experts today to know your best options.