Thursday, May 22, 2008

ESI Compliance for Credit Unions

According to Google's "Message Encryption for Financial Insititutions", data privacy and regulatory compliance have become top priorities for financial institutions. However, not all companies have the right personnel and budget to implement a what is now considered essential for the industry. Regional banks and credit unions are subject to the same laws and standards as larger financial institutions, but they do not have the same resources to implement an encryption solution on their own.

As mentioned in the "ESI Trends" report by Kroll Ontrack (resources), there is a severe lack of understanding, preparedness, and enforcement by organizations regarding how to manage their ESI and the need for an electronic evidence strategy. Less than half of companies have a policy in place on how to deal with ESI in litigation, investigations, and regulatory matters.

We designed our ESI Compliance for Credit Unions program following the Kroll Ontrack guidelines. In this program, we address the specific credits unions' needs, which includes HIPAA, Fair Credit Reporting Act, and rule 748 .

Our program addresses both the technical and the legal aspects of ESI compliance. It achieves the following goals:
  • establish an overall ESI policy;
  • clarify roles: who establishes policy, who implements it, and who is accountable in case of failures;
  • help the general counsel to keep up-to-date with all relevant regulations;
  • educate and assist the technical personnel with policy implementation.
Such service is especially important for credit unions which often lack sufficient resources to dedicate to the vital ESI policy questions. By concentrating on the issues common to credit unions, Top8 brings efficient and concentrated help effort to those who need it.

No comments: