|
While organizations may regard the ever-growing (and ever-changing) list of regulatory requirements as a daunting challenge, the ECM and BPM technologies that can ease compliance can also provide a range of significant business benefits. For starters, any organization that undertakes a strategic compliance initiative will realize many other benefits that come from effective management of information and a better understanding of business processes.
BPM solutions allow an organization's processes to be fully documented and accompanied by transaction audit trails, putting business managers in a better position to make decisions. BPM also documents the policies that state exactly what needs to be done as well as the procedures that specify how policies should be implemented. Organizations can use this information to continuously improve their processes through the adoption of a full life-cycle process management practice (along the lines of Six Sigma), which, in turn, helps maintain competitive advantage.
Another incremental benefit of implementing technologies for compliance is often improved support for litigation discovery. It's not uncommon for companies to settle litigation out of court rather than defend against it because settling is likely to be less time-consuming, less resource-intensive and, therefore, less costly. But companies using ECM effectively can be more assured of being able to access information requested in a legal discovery process. ECM also provides an advantage for gathering information needed for audits or for ensuring business continuity in the event of fire, flood or other disasters.
Finally, the combination of organized content and enhanced and automated business processes provides improvements in operational efficiency by reducing manual processing and routing, reducing paper storage and providing faster access to key documents for customer service. These gains can bring not only millions of dollars in savings for large organizations, but also increased revenue through improved customer satisfaction and retention.
Looking Ahead
With deadlines for compliance fast approaching, organizations clearly need to take action now. Surprisingly, however, a recent poll by the Business Process Management Institute indicated that only 27 percent of those organizations polled are taking steps to comply with SOX, and only 11.5 percent are taking action to do something about HIPAA.
Here are some basic recommendations:
Know your regulations. This includes both those related to public and private companies in general, and those that are specific to your industry.
Develop your enterprise strategy and plan for compliance. Make sure your strategy encompasses both processes and content, since both are necessary to ensure compliance.
Document your retention policies, procedures and schedules. This is important not only to prove to the regulatory bodies that you have them, but also to communicate these policies, procedures and schedules to your employees so they can follow them.
Determine your specific requirements for a technology solution to enable you to implement your enterprise compliance plan and support your retention policies and your processes. Assess your current technology to determine if it meets your requirements and where gaps may exist.
Research the additional technology needed and procure and implement it as required.
With risk reduction now a business requirement, it's likely that these organizations will find good reason to take another look at these technologies. Eventually, most laws will have test cases that provide further enlightenment by showing what the regulator considers a violation. The goal is to make sure that your company isn't the test case.
* Sources used Transform Magazine, AIIM EDoc Magazine and DocumentIQ.
|
