Compliance: Am I At Risk?

Well, are you in compliance or not?

If you’re a typical business owner, you’re probably up to your eyeballs running your company and trying to keep your head above water. So you’re typically involved in the day-to-day operation and may find it difficult keeping an eye on the “unproductive” tasks, such as Compliance. Unfortunately, there are hundreds of Compliance regulations that are applicable in today’s business world – but how do you navigate this vast and treacherous sea of statutes?

Like anything else, if this is your main responsibility, then you’re probably aware of what’s needed and you’re up-to-date. Of course, periodic 3rd party evaluations are prudent (please refer to my prior article on this How do you know if you’re truly secure?).

A few of the statutes that may apply to your company are SOX , GLBA, FINRA, HIPAA, the FTC Red Flag Rule, and 201CMR17.00. Sure, that sounds like a lot of mumbo-jumbo, but these statutes are quite serious and are being enforced more fervently every day. While the governmental agencies are trying to make the business world a safer place, there’s no doubt that they are also increasing their revenue by levying fines for non compliance and “trying to make examples” out of those who don’t comply. Unfortunately, the responsibility falls on you, the business owner. If Compliance is not your main responsibility, then it’s time to find the qualified department in your company or outside vendor who can adequately perform this function. By nature, the same department or firm that has set up and maintains your enterprise is disqualified from auditing it.

Compliance is no joke. For example, 201CMR17.00 calls for a $5,000.00 fine for each violation of the statute. Note that a violation is counted as one record in your database that’s non-compliant. So. imagine if you have a database of thousands or millions of records, and just 1,000 are non-compliant? Although sometimes the fine is limited to “only” $50,000.00, the courts are allowed to treble (triple) the damages under some circumstances. For example, The Briar Group in Massachusetts was recently fined $110,000.00 for their non compliance. Could your business sustain such a loss?

Leave a comment

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: