REGULATORY COMPLIANCE SERVICES
What would happen if your company fails to comply with federal, industry, or international regulations related to risk mitigation? Loss of revenue, negative publicity, and fines, which could serve as a roadblock to remaining competitive in the marketplace, may result from non-compliance.
Churchill & Harriman offers a comprehensive suite of assessment and compliance services that can help identify the areas of non-compliance and provide practical, cost-effective solutions so you can meet required deadlines and ongoing requirements with confidence. We have in-depth knowledge and practical experience working with both federal and industry-specific regulations including:
Sarbanes-Oxley Act of 2002 - Affects all publicly traded companies and requires published financial statements that fairly represent the financial position of the organization be certified, (Section 202), and an assessment of the effectiveness of related internal controls be provided (Section 404). Depending on the section, non-compliance penalties range from the loss of exchange listing, loss of Directors & Officers liability insurance to multimillion-dollar fines and imprisonment.
Food & Drug Administration (FDA) 21 CFR Part 11 - Establishes criteria for pharmaceutical companies regarding the consideration that electronic records and signatures have become generally equivalent to paper records and handwritten signatures.
Health Insurance Portability and Accountability Act (HIPAA) -Regulations intended to protect and simplify the exchange of personal healthcare information. Full compliance requires that impacted health companies understand the threats and liabilities to protected health information and implement a variety of safeguards and security best practices.
European Union Data Protection Directive - Affects companies with operations in the European Union and other countries with similar statutes/directives defining safeguards and procedures required for the collection, storage and transfer of personally identifiable information. Non-compliance can prevent companies from sharing personal information for employees/customers/suppliers with European and other foreign affiliates legally.
SERVICES
Assessment Strategy - Ensure your organization has a strong understanding of the applicable regulation/directive and develop a corporate or enterprise-wide strategy to identify, remediate, and validate non-compliant technology, policies and procedures.
Remediation & Validation - Determine the specific changes needed to comply with the regulation, from upgrading technology to the development of policies and procedures that reflect these operational changes. Perform a comprehensive review of these changes and verify their impact on your business and validate compliance.
Training & Awareness - Coordinate training and awareness sessions for deadline readiness and continued regulatory compliance.
Maintenance - Periodically analyze and monitor your business to ensure you maintain compliance with the applicable regulatory standards.
For more information on Churchill & Harriman, please Click Here.
Engaging Your Vendors
Integrating the BITS Shared Assessments Program Elements
Into Your Vendor Management Program
