REGULATORY & COMPLIANCE: PII, HIPAA, PHI, US-EU SAFE HARBOR
EPC Group provides expert consulting services around your organization’s data that may have specific regulatory considerations, laws and industry specific questions that must be considered because if they are ignored the organization may be open to litigation or penalties.
EPC Group’s approach covers environments that are both on-premise (private cloud), in the cloud (public cloud) or hosted in a combination with resources in both types of environments in a “hybrid cloud” scenario.
EPC Group provides guidance and strategies and asks questions such as:
- What compliance is required under privacy regulations that are specific to your organization?
- Are you storing any Personally Identifiable Information (PII)? PII is information that can be used to uniquely identify, contact or locate a single person or used with other sources to uniquely identify a single individual. Sensitive PII is a combination of PII elements, which if lost, compromised or disclosed without authorization could be used to inflict substantial harm, embarrassment, inconvenience or unfairness to an individual.
- Are you storing HIPAA or PHI data within your organization’s systems? PHI is any information about health status, provision of health care or payment for health care that can be linked to a specific individual. Under the US Health Insurance Portability and Accountability Act (HIPAA), PHI that is linked based on a list of 18 identifiers must be treated with special care.
- Are there any globally specific regulations such as those in the European Union (EU)? US-EU Safe Harbor is a streamlined process for US companies to comply with the EU Directive 95/46/EC on the protection of personal data.
RISK & COMPLIANCE CONSULTING
EPC Group provides over a decade of proven strategies that can help turn risk and compliance efforts into true ROI opportunities to drive sustainable underlying business value. There are emerging and systematic risks that can challenge the traditional strategies and assumptions and as the overall business and regulatory environment continues to quickly evolve, many organizations face unprecedented regulatory scrutiny.
EPC Group will work with your organization and its business leaders to provide means to balance the pursuit of corporate performance objectives all the while maintaining compliance with regulatory requirements. Many organizations are seeking answers that will help them align corporate strategy and culture to protect financial and reputational assets.
This must all occur while balancing and driving both the short and long term performance goals of the organization while managing and achieve regulatory compliance.
EPC Group will provide proven strategies to develop the proper approach to identifying and managing risk in areas such as:
- Driving business performance through convergence of risk and compliance processes and business intelligence (BI)
- Increasing the underlying business value by transforming the business model to be more risk aware and adept
- Improving risk business intelligence (BI) and strengthening decision making and business strategy