1 / 16

Compliance Solutions

Compliance Solutions. Fortis Enterprise Document Management Westbrook Technologies Inc (August 2007). Regulatory & Compliance Landscape. Corporate Governance Sarbanes Oxley Accounting practices Transparency and ethics SEC regulations IRS, Labor, State Certification Legislation

adora
Download Presentation

Compliance Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Compliance Solutions Fortis Enterprise Document Management Westbrook Technologies Inc (August 2007)

  2. Regulatory & Compliance Landscape • Corporate Governance • Sarbanes Oxley • Accounting practices • Transparency and ethics • SEC regulations • IRS, Labor, State Certification Legislation • Records retention • Records availability and retrieval • Public Information and records • HIPAA, FERPA • State public records legislation • OSHA, EPA, FDA • CFR21Part11, GMP, NDA, Clean Water, Clean Air • Federal Reserve • Check 21

  3. Business Challenges • Ensure corporate policies and practices are being followed. • Ensure corporate governance regulations are being followed. • Document retention • Document integrity: • Who can view documents and when • Audit access/viewing of sensitive documents • Who can modify, alter, discard documents • Security over modification, versioning, deletion • Block overrides, workarounds • Records retention • Retention schedules • Destruction schedules • Disaster recovery • Impact on core business • Minimize impact to ongoing business processes and functions • Minimize cost and risk

  4. Compliance: Common Ground • What are the key issues – how can document management help? • Compliance in the bigger picture is a business practices and business ethics issue  EDM can be a very major supporting system

  5. Compliance: Fortis Key Features • Capture: • Capture, index all regulated documents • Office: • Put all Office document (MS Word, email) under revision control and retention • Versioning: • Track/control modification of documents • Maintain version histories and record of who modified • Security: • Manage access, revision, destruction rights • Audit trail • Index/retrieval: • Auditing, discovery, access • Archiving: • Records management, disaster recovery

  6. Fortis integrated to Line of Business (LOB) Systems • Fortis Office captures office documents (created and revised) systematically and manages their retention. • Fortis integration with ERP, CRM and SCM systems links financial documentation with financial and business transactions. • Fortis Approveit provides auditable approval cycles for invoices, receivables, payables, expenses. • Fortis ERM systematically captures and archives reports for financial and business systems.

  7. Fortis: Compliance Benefits • Ensure document control and retention. • Facilitate document auditing and discovery. • Enforce business processes: • Workflows • Security models • Retention policies • Responsiveness to business changes: • Flexible security, capture, workflow models • Ability to audit • Archive security and disaster recovery capability

  8. Sarbanes Oxley Act - Penalties • Failure to maintain financial or audit workpapers (for 7 years): • Felony penalty: Up to 10 yrs in prison • Destruction or alteration of papers or records: • Felony penalty: Up to 20 yrs in prison • Securities fraud: • Criminal penalty: Fine and/or up to 25 yrs in prison • Violation of any SEC provisions: • Penalties increased to up to $25 million fine and 20 yrs in prison • State of limitations increases: • 2 yrs from date of discovery and 5 yrs from date fraud committed • Lack of auditing vigilance: • Audit firm can have registration suspended or revoked • Civil penalties

  9. Sarbanes-Oxley Act • Internal processes • All audit-related documents, including working papers, must be retained for 7 years. • Selective retention of emails • All associated financial documents (paper documents, electronic documents) • Document management – a compliance tool: • Document control, security control • Internal controls - documentation • Internal controls - workflows • Dashboard: • Visibility of controlled documentation • Business process documentation • Security and access auditing Overview How Document Mgmt is Applied • Impacts Publicly Traded Firms • Corporate Governance • CEOs and CFOs personally responsible for quality of internal reporting.

  10. HIPAA • Pertains to providers and insurers • Requires guaranteeing privacy of patient medical and personal data • Accessibility of information must be strictly limited to those with a “need to know” Overview How Document Mgmt is Applied • Capture all patient records • Place patient records and charts within a security model • Secure retention • Control access by document type and by patient • Document retrieval • Record retention, archiving • Remote and indexed retrieval • Patient file portability with security model maintained

  11. OSHA • Health testing data. • Plant safety 21CFR11 • As built. • Mgmt of change. Overview How Document Mgmt is Applied • Place health testing data within a records management environment. • Secure retention. • Control access by document type and by patient. • Record retention, archiving. • Remote and indexed retrieval. • Capture plant-wide documentation. • Manage versioning, revision, change approvals. • Retrieval by plant systems and events.

  12. FDA • Good manufacturing practices. • Manufacturing procedures. • Lot documentation and auditing. • Testing data Overview How Document Mgmt is Applied • Place lot documentation in a document management environment. • Capture all lot records, testing. • Manage by lot, by timestamp, by plant. • Record retention, archiving. • Archiving, retrieval, retention. • Capture plant-wide documentation. • Manage versioning, revision, change approvals. • Retrieval by plant systems and events.

  13. NJ OPRA(Example of State Records Management Laws) • Open access to public information • Minimum access hours • Response time • Web access a preferred mechanism • Ensure privacy of citizen’s personal data Overview How Document Mgmt is Applied • Capture, manage, retain public records • Security model • Control access to personal information • Control to information types exempted from public access • Document retrieval • Web publish public document portal • Powerful indexing and retrieval • Archiving and disaster recovery

  14. Compliance: Fortis Customer Examples • Saucony, Inc.: Sarbanes-Oxley • Establish and audit internal controls. • Disclosure of “material events” within 48 hrs • Merchant Services Inc.: FTC Records retention • Risk, Fraud & Chargeback transaction mgmt • FTC records retention compliance • Risk and fraud investigation speed • HTI Inc.: OSHA Health records and documents • Mobile industrial health risk testing records • OSHA 30 year record retention compliance • HIPAA / OSHA privacy rules • Dassault Falcon Jet: FAA safety and records-keeping rules • Aircraft Services Engineering • Engineering information management and retrieval • FAA service and documentation requirements

  15. Fortis Customers – cont. • MT Business Technologies: IRS, DOL • IRS required records keeping • DOL employee records retention • Union Hospital: HIPAA • Security and privacy complaince for HIPAA • Retrieval of 2.8 million medical records • Sotheby’s UK: Custom / export compliance • Proof of ownership, import/export paper trail • UK customs and excise compliance • Banner Health Hospitals: Credentialing • Physician credentialing and updating • Compliance with state licensing, DEA • Agfa Medical Devices: Non-conformance • Comply with FDA recall regulations

  16. The Fortis Value Proposition • The Fortis document management provides strong business benefits: • Improved work processes • Better and faster access to crucial business information • Better performance in functions such as customer service and accounts payable • Eliminate paper storage costs and overhead • Improve disaster readiness and recovery • At the same time as those business benefits are being realized; Fortis achieves regulatory compliance: • Control over document retention, modification, destruction • Powerful search to achieve discovery, auditing • Enforce workers to follow designed business processes • Security to ensure privacy • And: • Safeguard intellectual property • Guard against business espionage

More Related