GAIN COMFORT

COMPLIANCE REVIEWS

Implementing controls and security requires not only knowledge of regulatory requirements but a practical approach to staying up to date.

Eigen Heald

Get views and analysis from BerryDunn's experts on our blog, Firm Footing.

Be vigilant about protecting your data and avoiding sanctions


New legislation is giving some regulators more authority, increasing potential fines and sanctions for violations

Make it a regular practice to revisit these regulations and check your compliance. Regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Gramm–Leach–Bliley Act, and Sarbanes-Oxley have been in place for several years now, and some companies have grown complacent. When these regulations first appeared, companies set policies and procedures to meet them.

Today, your company may have new personnel, systems, or business operations. Are you still compliant? New legislation is giving some regulators more authority and is increasing potential fines and sanctions for violations.

Protect your data on the cloud, mobile devices, and with outsourced vendors

Advances to mobile technology and cloud computing increase your compliance risk and require your ongoing vigilance. By their nature, mobile devices are easily stolen or lost. Your company needs to protect your data on any device, especially in a "bring your own device" (BYOD) environment. If you are going to the cloud and outsourcing application, hosting, and system maintenance to third-party providers, find out how the provider accesses the cloud, what controls are in place, and whether connections to the provider are secure.

We assist clients with a variety of compliance reviews, including:

  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA) security and privacy reviews
  • VISA Payment Card Industry (PCI) standards