Grant Thornton’s Warren Stippich outlines important factors and initiatives needed to advance the internal audit function.
Tone at the Top: Ethical Dilemmas
What rationalization does a company make to justify a corporate culture where ethics are ignored? In recent years, greed, fraud, and a lack of ethical conduct have led to the collapse of many organizations. A variety of internal and external pressures can lead companies down the wrong path. And once the first misstep is taken, [...]
The Biomet SEC Complaint: Lessons for Management on the Prevention of Corruption
In today’s post we revisit the Biomet deferred prosecution agreement. As you may recall, one of the major failings of the company, which led to the violations of the Foreign Corrupt Practices Act were those of the company’s internal audit department. I asked my colleague Henry Mixon, CPA and FCPA internal controls specialist, for his [...]
Tone at the Top: Rest Assured
Serving on an audit committee is one of the most challenging, prestigious and fulfilling roles a business professional can play. It provides the opportunity to give back by sharing knowledge gained and lessons learned firsthand. And yet, the job’s inherent responsibilities can result in a very serious case of sleep deprivation. The results of the [...]
Behind the Standards: Clarifying SAS 70’s Confusing Departure
March 16, 2012 by 3 Comments
The demise of SAS 70 audits raises questions, confusion and a dose of drama. To gain clarity on the auditing standard’s replacement and its alternatives, it helps for service providers and their customers to understand what went on behind the scenes that caused in this change
How To Reduce HIPAA and HITECH Compliance Risks
Jo-Ellyn Sakowitz Klein, senior counsel at Akin Gump Strauss Hauer & Feld LLP, provides five steps entities can take to reduce HIPAA and HITECH risks. She also reviews five common compliance pitfalls to avoid.
Audit Committees in the Private Sector: Essential or Excessive?
It is often said that being on an audit committee is a part-time job with full-time responsibilities. It’s no wonder when you consider the broad and critical role that the audit committee plays. In essence, every audit committee’s role is to stand objectively in the gap between management, the external auditors and the people who [...]
7 Things Companies And Their Ethics And Compliance Teams Can Do Better
During the past few decades while working in various compliance roles, I have been fortunate to witness the impact of ethics and compliance programs that grew from the dedication and ingenuity of the corporate teams that worked hard to design them. Several factors come to the forefront when looking to implement or, in some cases, [...]
The HIPAA Audit Police: Friend Or Foe?
Without a doubt, our private information is very personal to each of us, and yet, given the nature of the world today, it is held in many public forums. The reality that nothing is private has never been truer; nevertheless, one has every entitlement to the expectation that personal information will not be misappropriated. To [...]
Is The Cloud Right For HIPAA Compliance?
Ever since the stimulus package passed in 2009, the reach of regulatory requirements has been extended to reach beyond healthcare providers to include all the business associates, such as accountants, lawyers, IT providers, etc. who work with these providers.
With this extension in the law, organizations are not only reliant on the services they provide each other, they are now also reliant on each other to be compliant. In effect, anyone and everyone that touches protected patient health information is accountable and could be penalized for their failure to comply with the HIPAA/HITECH regulatory requirements.
Naturally, the depth and breadth of the requirements raise a concern for businesses that consider moving some or all of their operations to the cloud as an alternative to their traditional on-premises IT services, and that’s the issue of losing control over their data.
