Are lack of regulations encouraging the tampering of corporate documents?
Are lack of regulations a reason for tampering of corporate and institutional documents?
(Part 1 of 2)
There are enough and more regulations with regard to information privacy and security. However, a deeper look at the industry shows gaping holes in regulations with regard to document security across corporations. Since documents are in effect, containers of information, it is only logical that enough and adequate safeguards are put in place to ensure document security. That will prevent document tampering and misrepresentation of information provided in the documents.
Businesses are governed by regulations. These regulations are specific to certain functions of a business largely with a focus on protecting customer data and privacy. The Sarbanes-Oxley Act that helps protect investors from fraudulent financial reporting by corporations or Health Insurance Portability and Accountability Act (HIPAA) that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge, or Gramm-Leach-Bliley Act (GLBA) that among other things, also requires financial institutions to explain how they share and protect their customers’ private information.
A cavalier attitude to document security?
Documents are in effect containers of information, it is only logical that enough and adequate safeguards are put in place to ensure document security
Ironically, there aren’t regulations which govern document security in particular. This leaves organisations to look at this aspect by themselves. There are laws against fraud, but almost all of them are post-facto event laws. There are no common or unified rules on how inter-organisation document security can be achieved as a preventive measure. This leaves the onus on the organisation itself but thankfully there are easy ways to achieve this without compromising on business functionality and efficiency.
This puts an increasing need for corporations to secure documents at the source. Even simple documents like payslips are used by external entities to verify service records and check loan eligibility. Similarly, an invoice or a certificate is used by some entities for transaction processing and it’s important to maintain the information integrity of these documents. The verifying entities may not be known upfront to the issuing organisation and hence all the more reason that anyone is able to verify the information on demand. Tampered or fake documents are fraught with risks and can lead to significant economic losses as well as affect the reputation of organisations.
In the past, these documents were primarily printed on paper. In those rare cases where it was transmitted electronically, the document was converted to a PDF format with password protection or scanned into an image file. At that time, few felt the need and importance to ensure the security of the documents during its creation, transmission, and validation. The situation is of course totally different now and there is a proliferation of electronic documents given further impetus by the current pandemic which has restricted face to face interactions.
Precisely why regulatory frameworks or regulations for document security gains significance…
It is essential, however, to note that irrespective of regulatory mandates and regulatory bodies, businesses need to look at ways of ensuring document security starting today. This, in effect, helps protect their bottom lines and ensure the profitable growth of the business as well as their reputation.
How can organizations adopt document security in such a scenario? Continued on our next post…
You may also like