Compliance products offer secure access, streamlined operation

As regulation in the insurance industry continues to grow, insurers increasingly are finding themselves facing what seems like an overwhelming task in trying to bring their processes and operations into compliance with a plethora of requirements.

HIPAA, GLB, Sarbanes-Oxley and a group of other regulations that aim to make consumer information more private and secure also make the job of a company’s compliance that much harder. In response, the technology community is developing software that can help make data gathering, storage and retrieval more reliable and secure, and can make the reporting process easier.

o Mobius Management Systems has announced a new version (2.2) of its ViewDirect Total Control Integrator (TCI), Web-services-based software “for cross-repository, cross-platform access to content in any format from any source.”

According to Rye, New York-based Mobius, the software is especially useful to insurance companies, most of whom have data stored in multiple repositories, having been created from different sources–scanned images, documents created within the company, and documents created by outside parties such as doctors and law enforcement officials.

ViewDirect TCI allows carriers to trace documents and data related to each customer by conducting a single search query through one Web interface, similar to a Google search, says the company. It provides a software layer that enables access to multiple, disparate sources and that streamlines customer service response and access to records for regulatory compliance.

“The ability to consolidate content across multiple, disparate sources is a top priority for organizations struggling to control costs and streamline operations in an environment roiled by regulatory requirements that govern the storage, retention and access to corporate information,” states David Winkler, vice president of product marketing at Mobius.

“Content integration streamlines operations and reduces costs in many functional areas of the organization by providing a complete picture of a customer, a product or a transaction through the consolidation of information in disparate systems,” the company notes.

“ViewDirect TCI is comprised of enabling software that meets all enterprise content, including e-mail records management; Web site, digital asset and document management; workflow and imaging; Internet; enterprise report distribution; and a compliance module that ensures the accuracy of enterprise information,” says Mobius.

The base price for the product is $80,000, plus $20,000 per adapter, says a company spokesperson. Each adapter allows TCI to “speak with” a separate repository, such as FileNet, IBM OnDemand, Microsoft SharePoint, etc. Further details are available at www.mobius.com.

o Orchestria also has announced a new version of its compliance software, Orchestria 4.0, which delivers new functionality in existing product areas, including the pre-built policy library, policy infraction detection capabilities, breadth of channels monitored, flexibility of workflow and scalability.

The updated policy library now contains policies in key areas including regulatory compliance, intellectual property protection, employee behavior standards, consumer best practices and financial controls, says New York-based Orchestria. The new version also offers enhancements in policy accuracy via reductions in “false positives”–falsely identifying a communication as non-compliant.

According to the company, the new product includes productivity enhancements designed to “radically increase the effectiveness and efficiency of the e-mail review process.” The result, says Orchestria, is “a process which truly reduces the amount of non-compliant communication.”

The company says it also has optimized data and processing capabilities to allow Orchestria 4.0 to apply multiple policies across multiple channels.

Pricing ranges–according to the number of channels and the number of seats–from $100 to $400 per user, a company spokesperson says.

o Altiris, Inc. announced that its Altiris SecurityExpressions 3.3 audit and compliance software now can be used by security professionals to determine if their systems measure up to Center for Internet Security (CIS) benchmarks for: increased protection against intrusions or attacks; verified secure systems configuration prior to network deployment; ongoing system conformity to security configurations; reporting for upper management; and protection against regulatory prosecution or sanction.

According to Salt Lake City-based Altiris, SecurityExpressions is a compliance solution for Windows, UNIX and Linux desktop computers, laptops and servers that helps ensure systems are in compliance with the corporate security policy. Key audit areas are system security configuration settings, security patches, antivirus status, personal firewall status, industry-known vulnerabilities, unauthorized software and unauthorized hardware.

Fred Pinkett, vice president of product management for Altiris, notes that “SecurityExpressions 3.3 further simplifies the task of running system security audits, helping to ensure that even remote users can be brought easily into compliance with an implemented system security policy. Organizations also now have the flexibility to perform a basic system security assessment or run a full audit for system security policy compliance, depending on their needs.”

Pricing is $39 per desktop/laptop and $895 per server, with volume discounts available, says a company spokesman. Further details are available at www.altiris.com.

o Fiserv, Inc. has announced its Nautilus solution for compliance with the Sarbanes-Oxley Act–Nautilus SOX.

The Act, officially known as The Public Company Accounting and Investor Protection Act of 2002, sets rules of corporate governance and financial disclosure for public companies, as well as penalties for executives involved in corporate fraud.

The Nautilus SOX product uses document management technology for enterprise-wide compliance with the act, as well as “similar provisions that the National Association of Insurance Commissioners is expected to embrace for non-public insurers,” says Brookfield, Wis.-based Fiserv.

“Nautilus SOX provides an automated, searchable system for documenting internal controls and business processes to help ensure SOX compliance,” the company continues. “Users can create, collaborate, log, execute and conclude business transactions in a structured, efficient environment.” Users can access information on a process or project immediately, including all outstanding issues, approvals, status, etc., Fiserv adds.

According to the company, the product’s pre-defined indexes and templates help in monitoring and recording all internal and external events related to SOX compliance–”from risk assessment to controls testing and remediation.” Notifications and scheduled reviews also can be set up to ensure that important deadlines are met.

A live demonstration of Nautilus SOX is available at www.fiservinsurance.com/webinar. The company declines to provide pricing information.