Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

OpenText SlideShare – Mitigate Compliance Risks through secure information exchange


Published on

Business organizations around the world exchange information on 24/7/365 basis. This needs to be secure to meet certain legal, regulatory and corporate compliance requirements. In addition to being complaint, certain industries need to meet audit requirements

This SlideShare discusses the challenges around compliance, what are some of the governance requirements and the options to overcome the compliance and governance risks through secure information exchange solutions. Visit OpenText to discover more

Published in: Technology
  • Want to preview some of our plans? You can get 50 Woodworking Plans and a 440-Page "The Art of Woodworking" Book... Absolutely FREE ♣♣♣
    Are you sure you want to  Yes  No
    Your message goes here
  • Get access to 16,000 woodworking plans, Download 50 FREE Plans... 
    Are you sure you want to  Yes  No
    Your message goes here
  • The #1 Woodworking Resource With Over 16,000 Plans, Download 50 FREE Plans... ♣♣♣
    Are you sure you want to  Yes  No
    Your message goes here

OpenText SlideShare – Mitigate Compliance Risks through secure information exchange

  1. 1. Secure Information Exchange to Mitigate Compliance Risk
  2. 2. OpenText. ©2016 All Rights Reserved. 2 Security and Compliance Challenges Control • Automating the document delivery process • Centralizing document delivery and receipt Protect • Safeguarding document confidentiality • Protecting information against tampering and alteration Track • Limiting and monitoring access to information • Audit trails of what was sent, received, and viewed Defend • Providing secure storage, historical data, and managing document destruction
  3. 3. OpenText. ©2016 All Rights Reserved. 3 Expensive Fines Loss of: • Stock Price • Brand Image • Market Share • Reputation • Customer Confidence Legal Battles The Risks of Non-Compliance are Real
  4. 4. OpenText. ©2016 All Rights Reserved. 4  Data Protection & Privacy Rules  Regulated Records Retention  eDiscovery Requirements  Information Integrity & Authenticity  Reporting Obligations Governance is a Growing Focus More than 100,000 rules and regulations and growing HIPAA Evidence Act DoD 5015.2 ISO/IEC 27001 Sarbanes-Oxley Act Federal Rules of Civil Procedures FDA 21 CFR Part 11 FOIA Dodd Frank FATCA Conflict Minerals Disclosure Presidential Memorandum: Managing Government Records Directive FINRA Rule 2210 FDASIA FSMA Patriot Act KYC/KYV FERC 18 CFR Parts 35 & 284 SEC 17a-4 SÄHKE2 Basel III Accord GoBD BSI PD5000 MiFID II and MiFIR MoReq 2010 EU Data Protection Directive EU Pharmacovigilance Solvency II E-Verwaltung Personal Data Protection Code APPI VERS Promotion of Access to Information Act POPI AML/Anti-Corruption Law 12846/2013 Income Tax Act Information Technology Act National Security Legislation Amendment Bill Telecommunications (Data Retention) Act
  5. 5. OpenText. ©2016 All Rights Reserved. 5 Industries Most Affected by Regulations
  6. 6. OpenText. ©2016 All Rights Reserved. 6 How Compliant is your Organization? Do you have control over who, how, and where documents are being delivered? Are you relying on paper- based document delivery processes? Are you confident that information is being received by the right people? Do you have a defensible audit trail of your communications? Is your organization’s and your customers' confidential information kept private?
  7. 7. Common Regulations
  8. 8. OpenText. ©2016 All Rights Reserved. 8 Sarbanes-Oxley  Sarbanes-Oxley is the US government’s response to corporate financial scandals  Corporations must monitor, track, and manage the creation and reporting of all financial information required for governmental reporting  Corporations must establish and maintain an internal control structure and certify its effectiveness  Corporations cannot delete records of transactions or related documents pertaining to the financial performance of the company  Executives that knowingly sign falsified reports and anyone who destroys audit records can receive up to 10 years in prison and fines  Destruction, falsification, and/or alteration of documents in federal investigations and bankruptcy proceedings can lead to sentences of up to 20 years in prison and fines  IT managers must enforce document retention policies
  9. 9. OpenText. ©2016 All Rights Reserved. 9 Gramm-Leach-Bliley  Regulates the disclosure of “non-public information” by financial entities  Financial institutions must:  Respect the privacy of customers and protect the security and confidentiality of customers’ non-public personal information  Protect against any anticipated threats to the security or integrity of customer records, and protect against the unauthorized access to, or use of, such records or information  Publish and disclose their policies regarding use of client personal information on a regular basis  Financial organizations cannot:  Disclose non-public information about their customers  Use or share the information except to perform a service on behalf of the client, with their permission
  10. 10. OpenText. ©2016 All Rights Reserved. 10 HIPAA  HIPAA requires healthcare entities, including hospitals, doctors, nurses, health plans, labs, pharmacies and billing and claims agents to protect the privacy of a patient’s protected health information (PHI), particularly when communicating electronically  HIPAA security rule determines how PHI must be stored and transmitted to:  Ensure privacy, security, and accuracy  Restrict access to PHI  Verify transmission  Report, track, and provide audit trail
  11. 11. OpenText. ©2016 All Rights Reserved. 11 Top 5 Information Governance Issues Process Control Control who has access to information, and when and where the documents were delivered Integrity Uncontrolled business documents are potential security threats Tracking Protect information, provide history of what has transacted, and which personnel have access to it Privacy Without some form of access control, there is no privacy or security Storage Paper-based documents lack privacy, control, and audit trails
  12. 12. OpenText. ©2016 All Rights Reserved. 12 Goals for Supporting Compliance Security Audit TrailIntegration History Centralized Delivery Tamper- Resistant Management Storage Restrict Access Policy
  13. 13. OpenText. ©2016 All Rights Reserved. 13 Electronic Fax Solutions Support Compliance Goals  Fax is a highly secure, point-to-point communication between sender and receiver  Not susceptible to interception or tampering  Not vulnerable to malware, viruses, or hacking  Paperless faxing decreases risk Security Tamper- Resistant
  14. 14. OpenText. ©2016 All Rights Reserved. 14 Electronic Fax Solutions Support Compliance Goals Centralized Delivery  Electronic fax solutions provide centralized delivery for all fax traffic – one way in, one way out  Consolidation ensures visibility across the entire organization  Centralized management provides visibility of access controls and governance adherence Management
  15. 15. OpenText. ©2016 All Rights Reserved. 15 Electronic Fax Solutions Support Compliance Goals Audit Trail History  Defensible audit trail of fax activities  Sent, received, viewed, altered, forwarded, approved  Centralized, electronic audit trail for quick access when needed  Proof of delivery and receipt of content can be legally established and proven
  16. 16. OpenText. ©2016 All Rights Reserved. 16 Electronic Fax Solutions Support Compliance Goals Integration Storage  Integrate electronic fax solutions with back- end systems and applications for secure faxing  Securely import received faxes into integrated systems  Create a digital file cabinet for storage and retention requirements
  17. 17. OpenText. ©2016 All Rights Reserved. 17 Electronic Fax Solutions Support Compliance Goals Policy Restrict Access  Create a faxing environment that adheres to regulatory and compliance policies  Encrypted data storage and cloud-based encryption for data-at-rest and data-in- motion  Permissions and restrictions limit access to content
  18. 18. OpenText. ©2016 All Rights Reserved. 18 Electronic Fax Solutions from OpenText RightFax and Fax2Mail provide enterprise-grade, electronic faxing to integrate fax with back-end applications to decrease the risk of exchanging information to increase security and compliance. On-Premises Fax Server Cloud-Based Fax Service
  19. 19. OpenText. ©2016 All Rights Reserved. 19 OpenText Fax Solutions Compliance and Certifications  Help maintain compliance with:  HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley  Fax2Mail is security certified with:  SOC 1, SOC 2, SOC 2 Type II, SOC 3  PCI-DSS Level 1 certified data center  RightFax is JITC Certified  US Department of Defense certification SOC 1 SOC 2 SOC 2, Type II SOC 3
  20. 20. Learn more