man holding megaphone with dozens of purple speech bubbles

The Auditor’s Role in Advancing Communications

Posted by - October 26, 2017
Part 3 in a Series Exploring the “Auditor of the Future” In this series, Protiviti’s Jim DeLoach and Brian Christensen have put forth 20 potential ways the Chief Audit Executive or internal audit lead can advance his or her relationship with the audit committee. Parts 1 and 2 focused on…
man drawing line graph showing increase

9 Ways Auditors Deliver Tangible Value

Posted by - October 19, 2017
Part 2 in a Series Exploring the “Auditor of the Future” Part 2 of this series from Protiviti’s Jim DeLoach and Brian Christensen discusses several ways auditors can add value to the organization beyond the scope of the audit plan. with co-author Brian Christensen Read Part 1 here. Last week,…
woman working with binder and calculator in foreground

Audit’s Increasingly Critical Role in GRC

Posted by - October 13, 2017
The Need for Aligned Assurance Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and…
Increased risk of ransomware attacks coupled with confusing guidance from regulators

How the OCR’s New Guidance Rule Re-Examines Ransomware

Posted by - August 29, 2016
A “breach” is defined as “the acquisition, access, use or disclosure of PHI in a manner not permitted under the HIPAA Privacy Rule.” In opposition to a traditional breach, ransomware causes the data to be too secure, even from its authors and users. The OCR’s guidance provides intel on the…
Who should take charge of data privacy?

Privacy is Too Important to Be Left to the Lawyers

Posted by - July 21, 2016
Privacy has become a critical business function. But companies go wrong when lawyers – rather than operations/IT and marketing personnel – take the lead. The nuts and bolts of privacy involve operational, technical and customer-engagement decisions – and it’s business leaders from these disciplines who must make and implement such…

Best of 2015: ACA Preparedness: Get Ready – The Train Is Coming

Posted by - December 29, 2015
Starting this year, employers with 50 or more full-time employees are required to provide affordable health insurance coverage under the ACA, and to track, manage and report the company’s health insurance data. Begin establishing a reliable and smart compliance tracking and reporting process now to stay on schedule to meet…

Do OSHA and HIPAA Rules Stand at Odds?

Posted by - October 20, 2015
Compliance managers understand the need for stringent protection of employee medical and health information. Managers may not understand, though, that in many cases, requirements to assemble information about workplace injuries and illnesses outweighs the need for such protections. So where do OSHA reporting requirements and HIPAA rules part ways?

ACA Preparedness: Get Ready – The Train Is Coming

Posted by - August 13, 2015
Starting this year, employers with 50 or more full-time employees are required to provide affordable health insurance coverage under the ACA, and to track, manage and report the company’s health insurance data. Begin establishing a reliable and smart compliance tracking and reporting process now to stay on schedule to meet…

The Hidden Nexus Between Compliance and Reputation

Posted by - December 11, 2014
The health care industry has been no stranger to the consequences - reputational and financial - of non-compliance over the past few years. The entities that have managed to maintain good standing with the OIG have also enjoyed a continued positive public reputation. Those that have been found guilty of…