home > what now > research > benefits > Compliance

Regulatory Compliance

Achieve compliance with all legal requirements.

Compliance with the broad requirements of government regulations like HIPAA and Sarbanes Oxley demand a combination of many document management features. Rather than providing specifics on the implementation of information privacy and security, HIPAA sets guidelines for IT departments and information management systems. HIPAA affects many document management users because it mandates certain practices involving the electronic storage and transfer of “personally identifiable health information.”

Organizations must ensure that people access information on a need-to-know basis only and that the scope of the information is limited. For instance, system administrators are not likely in need of accessing health information. If they do, an explanation must be stated in writing. These regulations set expectations for document retention policies, disclosure, electronic security, as well as physical site security. HIPAA also demands encryption, password policies and system backups, even though it doesn’t specifically dictate how they should be accomplished in order to be compliant.

Sarbanes Oxley Section 1102 makes tampering with documents illegal. Compliant document management systems must provide permanent, non-modifiable documents to ensure authenticity. Documents protected by these methods are non-reputable and are considered as legally valid as the original. Documents stored in conventional network folders do not guarantee document authenticity. Document management systems with strong encryption ensure data integrity.