What every business needs to know about compliance

by Craig Temple

Compliance is perhaps one of the most widely discussed and poorly understood issues in the business world.

It’s a vague, catch-all term for a very specific set of regulatory issues that are of very real consequence to your business.

Because of the high-profile political discourse surrounding issues like healthcare, banking regulation and enterprise tax fraud, a disproportionate amount of focus is often placed on these areas of compliance. Chances are when you hear the phrase, it’s in reference to the Health Insurance Portability and Accountability Act (HIPAA) or the Public Company Accounting Reform and Investor Protection Act – better known as Sarbanes-Oxley or SOX.

This can lead many small and midsize businesses to mistakenly think that compliance isn’t something they need to pay much attention to. However, just because you’re not a publicly traded company or in a heavily regulated industry such as healthcare doesn’t mean that you’re in the clear.

Compliance is something every company needs to account for to some degree, and insufficient preparation or poor records management can prove incredibly costly and disruptive to your business. More to the point, ignorance of the law is never a viable defense when the regulators come knocking.

Implementing a comprehensive system for capturing and storing these records digitally can save an incredible amount of time and money in the event of an audit.

Know your obligations

In the simplest terms, compliance is the practice of adhering to a set of state, federal and industry-level regulations designed to govern how your business operates and maintains records. It ranges from simple issues such as how and where you display mandatory employee information posters within the workplace, to more complex considerations such as filing annual statements and adherence to equitable hiring practices.

Unfortunately there’s no global wisdom that can be imparted to ensure every business understands the issue. This is because the responsibilities of your business can vary widely depending on factors such as your industry, the state(s) in which you operate or the size of your workforce.

The best way to start is by getting information from the regulatory entities themselves. The U.S. Department of Labor has a fairly comprehensive resource page designed to assist small businesses in understanding their regulatory obligations. There are also helpful industry organizations such as the Payment Card Industry Security Standards Council (PCI SSC), which provides guidelines for how companies process, store and transmit credit card information.

Maintaining compliant payment and transaction records can prove particularly challenging for businesses such as retailers which deal with a large volume of cash transactions or paper receipts. While specific requirements vary by industry, the U.S. Small Business Association recommends retaining invoice and receivables records for at least five years. Implementing a comprehensive system for capturing and storing these records digitally can save an incredible amount of time and money in the event of an audit—especially when the alternative is sifting through five years of loose receipts and cash register tapes.

The Occupational Safety & Health Administration (OSHA) also provides guidelines and information that can prove invaluable to understanding the specific safety regulations of your industry. Fortunately the categorization is quite granular, so whether you’re running a nail salon, a landscaping business or a fireworks display company, they’ve got you covered.

The issue of compliance is often both complex and opaque for a small business owner.

Enterprise content and document management

Your organization has a lot of information — our document management solution can help.

View the solution

Develop and implement a compliance plan

Once you have a better understanding of your compliance requirements, it’s time to protect your business by ensuring you adhere to them correctly. Putting a clear and actionable plan on paper and educating your employees on their role in the process can limit the risk of infractions going forward.

When developing a compliance plan, it’s important to solicit guidance from the experts you already rely on for other elements of your business. Chances are you are working with accounting, IT and legal professionals in various capacities. They can be indispensable resources for ensuring that you are prepared and compliant in each of their respective areas of specialization.

You’ve likely noticed that records and document management is a major thread across most areas of compliance. Simply put, if you are keeping important files in a paper-only format you are putting your business at risk. Digitizing these records can ensure that your vital information is protected and easily accessible, while providing added benefits such as improved productivity and reduced paper costs. If you’re ready to take it a step further, implementing a document management solution will enable an incredible degree of control and protection over your information.

The issue of compliance is often both complex and opaque for a small business owner. It can feel overwhelming at times, but thankfully you can protect your business simply by educating yourself and your employees, leveraging expert resources and being deliberate and proactive about the way you maintain your records.

If you’re worried that unruly records management may be putting your business at risk, there’s a better way. We can do the hard work for you so you can focus on running your business.

Craig Temple, Director of Software Marketing, Ricoh USA, Inc., is responsible for the organization’s software and services portfolio. Prior to Ricoh, Temple held various leadership positions in sales, marketing, and business development for healthcare image and information companies, and also has an extensive history of developing distribution channel relationships. Temple has a Bachelor of Science degree in Electrical Engineering from Rochester Institute of Technology.