Firms should prepare for sweeping changes
POSTED: Sunday, July 12, 2009
Despite the rhetoric, Republicans and Democrats agree on many things. One issue obvious to all is that new legislation often results in major changes to business processes and, consequently, computer systems. What with President Obama's agenda and now a seemingly insurmountable majority in Congress, most expect to see sweeping new legislation in the coming years. Businesses and government agencies should be aware of such legislation and how it might affect their processes and procedures, or risk having to scramble for patchwork solutions.
Many believe the bellwether of legislation causing business process change is the somewhat misnamed Health Insurance Portability and Accountability Act of 1996, better known as HIPAA. Ostensibly intended to protect health insurance coverage for workers and their families when they change or lose their jobs, HIPAA is better known for its provisions to ensure privacy of people's medical records.
HIPAA's provisions caused a myriad of business process changes, and not just in the health care industry. In addition to affecting health care providers, anyone who comes in contact with a person's medical records must abide by a strict set of procedures. This includes anyone who might come in contact with records that might have even a hint of medical information. Information which may have been treated casually in the past now needs to be protected very closely. Tremendous changes in computer systems were required.
Closely following on the heels of HIPAA was the Sarbanes Oxley Act, also known as Sarbox or SOX. Enacted in 2002, SOX set higher ethical standards for all U.S. public companies and imparts criminal penalties for wrongdoing by officers and directors of these organizations.
For both HIPAA and SOX, businesses and government agencies scrambled to accommodate the provisions after they were signed into law. Most organizations were not proactive.
Given these two prominent precedents, organizations should keep a watchful eye on upcoming congressional legislation. Changes in energy, health care policies or TARP administration, among others, could affect the way you do business.
The impact of such changes is unknown now, but that doesn't mean nothing can be done. With respect to computer systems, operational software should be examined to determine its flexibility. For software that was developed in-house, do you have the resources to effect changes? If you are in the process of acquiring a new computer system, waiting might seem like a good idea, but as long as the new software conforms to industry standards, you should be OK.
John Agsalud is the director of professional services, Pacific region, for Decision Research Corp. Reach him at 949-8316, ext. 171., or at .(JavaScript must be enabled to view this email address).