Choosing an Imaging Application for a Compliant Environment
|
For Further Information:
Francine Marlenée
Public Relations Specialist
Voice:
(562) 988-1688, ext. 211
Fax:
(562) 988-1886
E-mail:
fmarlenee@laserfiche.com
|
|
|
August 23, 2004 - By Jeffrey Green
Director of Compliance for Financial Solutions
Laserfiche Document Management
Regulations and industry rules share some common traits that serve as important identifiers when narrowing a list of document management applications. Three critical features—open architecture, a non-proprietary image format, and user rights management capability—are essential to choosing a document management solution for a compliant paperless office.
In our compliant age, images are more important than ever before. Paper files are not trustworthy, causing long searches, inefficiency, and lost records. In the worst cases, they can cause jail time.
Document management is a key driver of any compliant environment. But there are a lot of document management vendors out there, a lot of software packages, and a lot of confusion. The three critical features mentioned above are important differentiators.
Of course, it is important to understand that there is no single plug-in for any set of compliance regulations in any industry. Compliance is a process, not a product. On any level, compliance requires detailed study of office work habits and multi-level buy-in from executives, I.T. personnel and end users.
The first step towards a compliant system is determining how document management can make the process of retrieving, distributing, and archiving information easier and more secure. Any organization considering this change needs to sit down and study specific regulations as they apply to their organization. Today, regulations are diverse and far-reaching. Examples include the Corporate Reform Act of Sarbanes-Oxley, the Financial Modernization Act of Gramm-Leach-Bliley, HIPAA, and most notably, the USA PATRIOT Act, which requires companies to keep easily-accessible logs of all business associates.
Compliance demands image archives permit open-door access while maintaining lock-and-key control over all content. Administrators must have the ability to quickly recall and generate detailed lists of information, but they must also prove that end users cannot access sensitive files. Each of the critical features plays a role in securing an image archive while giving users (and auditors) the ability to access all the information they need when they need it.
Open Architecture
Legacy management databases are full of information, which often dates back decades. When image-enabled, databases become one-stop audit shops, providing the ability to build a definitive paper trail simply by searching within a specific date range or departmental variable. Any effective imaging solution must interact smoothly with a legacy database. It is especially helpful when system administrators can program a direct link to the imaging system within the database interface. Open architecture is essential for such integration.
From pilot project to organizational roll-out, any imaging system must be able to grow with the project. An imaging system must integrate with multiple legacy databases in many departments. It’s also important to consider whether the expansion will create a burden on the I.T. department. An effective imaging solution will package integration tools with the software, letting the I.T. staff worry about specific compliance issues instead of intense programming.
A Non-Proprietary Image Format
Technology evolves at leaps and bounds. Who's to say what the image-reading standard will be in twenty years? Highly sensitive documents need to be accessible in any environment, whether the power goes out or the organization changes operating systems. For peace-of-mind, administrators should insist on single-page TIFF Group 4 files, which can be read by any Windows computer. Single-page TIFF Group 4 files also facilitate more efficient retrieval, as they lead users directly to the page they are searching for, rather than the first page of a document that could be hundreds of pages long.
With a non-proprietary format, electronic documents, e-mails, and scanned paper can be managed alongside one another, sent to remote offices, and viewable within the same screens. The eye-readability of a digital archive is greater when all formats can be accessed from a single location.
Imaging systems should also give administrators the option to transfer volumes of documents to CDs. The CDs should have self-contained software for reading the documents from any computer. With this functionality, records managers can quickly burn a CD of documents from a requested date, hand it to an auditor, and allow the auditor to review the file from his laptop.
User Rights Management Capability
Accountability and usability are keys to the modern office. Companies must balance security and access.
Can the administrator prevent employees from looking at personnel records from another department? Can the administrator universally grant permission to account executives who need to see every document, while denying permission on sensitive records to the rest of the company? Can the administrator configure these settings based on document type? All of these controls are crucial for administrators to prevent illegal transfers of information.
Report generation is key to industry audits, as well. Some industries are audited monthly. A sampling of some of the specific reports administrators must be able to generate in the event of an audit: date of last transfer of archives from an active database, a re-indexing of the database based on specific criteria (such as which user logged the transaction), or a list of user log-ins. Effective document management software must include the ability to generate these reports, and more.
Companies must have a bird’s eye view of their operations, but must also be able to monitor small details simultaneously.
In the ideal compliant environment, users are completely unconscious of the administrator’s work. Everything is in the logical location when they need it. They never see information they’re not supposed to see, and they are never unable to retrieve information critical to their jobs. Their job duties are defined and reflected in the administrator’s control of the system.
Jeffrey Green delivers informative presentations on technology’s role in the contemporary financial services organization. Emphasizing the importance of a well-defined compliance process, his interactive sessions weave years of digital records management experience with an extensive background in financial services. Attendees learn practical information to help them thrive under today’s competitive and compliance pressures as governed by SEC, Sarbanes-Oxley, HIPAA, USA PATRIOT Act and other regulations. Please visit www.Laserfiche.com or call (800) 985-8533 to attend a presentation near you.
|
