GroupWise Email Complaince and Regulation
Maintaining a competitive edge while staying compliant with industry regulations demands you have the right tools in place, but keeping current with technology can be a challenge. Marvin Huffaker has the knowledge and skills to identify deficiencies within your compliance framework, suggest corrections and implement upgrades to keep your business risk minimized.
For compliance or litigation readiness, from encryption to retention, your business needs a solution in place that lets you easily store, manage, access and retrieve business sensitive information quickly and conveniently. Marvin can setup, configure and manage a customized solution to fit your business needs.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
In 2009, the Health Information Technology for Economic and Clinical Health Act (HITECH Act) extended HIPAA Title II Privacy and Security Rules beyond health care providers and other covered entities to include independent contractors, defined as “business associates”. This means your business could be subject to HIPAA requirements simply by working with a health care organization.
Regarding the security of Electronic Protected Health Information (EPHI), all organizations subject to HIPAA requirements must:
- Retain relevant documentation for 6 years from the date of creation
- Make documentation available upon request
- Review documentation and update as needed
Sarbanes- Oxley Act of 2002 (SOX)
SOX was designed to ensure accurate financial disclosure of all U.S. publicly traded companies and those with a U.S. presence. To comply, organizations subject to SOX must implement and report internal accounting controls to the Securities and Exchange Commission (SEC) maintaining:
- High availability of external and internal portals (ensuring rapid disclosure)
- Retention of relevant financial records for 5 years from the date of creation
- Ability to defend records management program, including comprehensiveness, retention, and accessibility.
The Federal Rules of Civil Procedure (FRCP)
The FRCP requires most private and public organizations to:
- Be able to produce emails requested as evidence in a federal court case in their native format.
- Have a clear understanding of where their data is stored and how to retrieve it in a timely manner.
- Honor a legal hold by halting any previous purging practices until the legal matter is settled.
- Prove authenticity of the communications in question (i.e., that they are tamper-proof).
Why else would a business need E-mail Retention? In addition to maintaining compliance with legal and regulatory requirements, e-mail retention reduces infrastructure costs (less storage requirements), improves overall system efficiency, reduces data loss and makes it easier for end users to locate specific documentation.
Organizations that are subject to HIPAA regulations or Sarbanes-Oxley are required to have an e-mail retention policy in place. But all businesses need a retention strategy. Whether you’re looking for litigation readiness or searching for an archiving solution, having a retention plan and following it is critical.
Gwava Retain (Now part of Micro Focus)
For cost effective and flexible storage options, Retain from Gwava offers email archival solutions that make searching, locating and publishing easy and hassle-free. After all, data is worthless if you can’t retrieve it and Retain lets you quickly locate the data you need to view or export. It’s secure, it’s fast and it’s effective. With flexible platform options, Retain runs on Windows, Linux and hybrid operating systems.
For Micro Focus GroupWise. Gwava has earned a solid reputation for providing excellent solutions for GroupWise for over a decade and at Marvin Huffaker Consulting, we strongly recommend Retain for seamless integration and compatibility with Novell. Plus, Retain is the only archiving product fully integrated with the full e-mail management suite from Gwava.
If you decide you would like to learn more about Gwava Retain and how it can benefit your business, feel free to contact one of our qualified technicians to discuss your options. We have the skills, expertise and experience to setup, configure and manage Retain for your business as a cost effective, flexible and fast storage and retrieval solution.
HIPAA encryption compliance requires any electronic correspondence that has Personal Health Information (PHI) included in it to be encrypted. Simply put- confidential data needs to be protected. And just as important as what comes in is what goes out. Sensitive e-mail must be secure both inside and outside the organization, properly archived, time-stamped, indexed, tamper-proof and be available when requested.
Whether you send PHI regularly or simply use e-mail to deliver sensitive financial information or communicate disciplinary action, a reliable encryption product gives you the freedom to communicate safely and securely, and maintain compliance.
Sophos SPX Encryption
For an uncomplicated alternative to traditional e-mail encryption, we recommend Sophos SPX Encryption for meeting data protection and privacy guidelines. Compliance is made easy with simplified administration and a seamless user experience.
With SPX Encryption, workflow doesn’t get interrupted and users can access encrypted messages on all smart phone platforms. And with no encryption infrastructure required on their end, users can reply with an encrypted response.
Legal Discovery and Litigation Needs
Is it likely your business will be involved in litigation now or in the future? Unfortunately, the answer is yes. Luckily, you can take proactive steps to make the process as smooth as possible with e-mail retention and archiving solutions. Believe it or not, e-mail and other electronically stored information is often used as part of the discovery process in court proceedings, making it absolutely critical that organizations rigorously manage electronic communications.
Remember, the subpoena is not the right time to start thinking about an archive strategy. If you are not prepared, attempting to recover mail is a time-consuming and costly process that involves recovering months, even years of data from backup tapes or other medium.
The right archival solution prepares your business in advance for easy search and retrieval of any required data, taking the hassle out of recovery so you can continue business as usual.
It’s simply not an accepted excuse that your business didn’t understand the requirements or was unable to retain e-mail. If you cannot produce the required e-mail documentation, you are held accountable. It’s as simple as that and critical you have a plan in place.
Trusted Expertise and Proven Solutions
For compliance and beyond, when you’re ready to implement, trust Marvin Huffaker to set up, configure and manage your archiving and retrieval solution. With years of trusted expertise, Marvin can get you where you need to be to efficiently and effectively provide compliance or defend your business in the event of litigation.