HIPAA HITECH Compliance: HIPAA Reform, Part One

Previously HIPAA was only enforced at the Covered Entity level, (e.g. Hospitals, Insurance Companies, Healthcare Providers, etc) and the covered entity may have had contractual obligations with their third party providers. New provisions include "Business Associates" in the compliance regulations. These BAs are considered to be any organization that’s responsible for the storing, accessing, or processing of Protected Healthcare Information (PHI) and normally includes organizations such as third...

Read More »
0 Comments »

What You Should Do to Prepare for a SAS 70 Audit

Has your organization decided that a SAS 70 is in your future? Or, has a customer made it known that they will require you to complete one? Either way, it sounds like you need one. And the first step is to do proper planning and documentation of policies and procedures so that you can assure success in completing your SAS 70 Type I or Type II audit.

What should I suspect from a SAS 70 Readiness Assessment?

Simply put a comprehensive review of your organizations internal policies, procedures, and...

Read More »
0 Comments »

SAS 70 Audits: Type I and Type II

There are two types of SAS 70 audits (Type I and Type II).  Many organizations are not certain which audit best fits their needs or is required for their companies objectives.  The basic fundamental of a SAS 70 Type I audit is an audit report that provides an opinion on the description of the service organizations controls as of a point in time.  This snap shot audit provides a description of controls at the service organization that is validated by an independent auditor.

SAS 70 Type I audits...

Read More »
0 Comments »

International Standards Are Taking Over SAS-70

International standards will be replacing SAS 70 audits soon. These new standards will bring more flexibility and responsibility for service organizations. We've laid out some information below to help you understand the change. For more information, please contact us.

The International Auditing and Assurance Standards Board (IAASB) felt a need for a common auditing standard to address the varying differences in each countries audit requirements.  As a result the IAASB formed and issued the...

Read More »
0 Comments »

SAS 70 Compliance is Changing - Are you ready?

A sneak peek inside the standard changes.

Statement on Auditing Standards No. 70 (SAS 70 Audits) – These somewhat common reports are an internationally-recognized third-party assurance audit designed for service organizations.  It has become the most widely-accepted compliance initiative that provides service organizations a benchmark to compare their internal controls and processes against industry best practices. SAS 70 was originally created in 1992 and over the past five to ten years become...

Read More »
0 Comments »

SOC Reporting Definitions: SOC Report Type 1 vs Type 2

What are the differences between a Type 1 and Type 2 SOC Report?

We've seen numerous organizations confuse the TYPE of report with the type of SOC standards to which they should adhere.

Clarifying the differences between SOC standards:

  • A SOC 1 report is for service organizations that impact or may impact their clients financial reporting.  
  • A SOC 2 or 3 report is for service organizations that hold, store or process information of their clients, not financial reporting significant (e.g. would not...
Read More »
0 Comments »

IRS Modifies Flex Spending Account Rules for 2014

Many employers offer employees a flexible spending account (FSA) benefit as part of their cafeteria plan (operated in accordance with Internal Revenue Code Section 125) that is part of their overall employee welfare benefits plan. FSAs allow employees to contribute up to $2500 per year on a pre-tax basis which can be used for approved types of medical expenses that are not otherwise covered by insurance.

One of the downsides of an FSA from the employee’s standpoint is the "use it or lose it"...

Read More »
0 Comments »

How to Avoid Department of Labor Audits of Your Qualified Plan

I recently attended a conference of pension plan professionals, and one of the topics of conversation was the Department of Labor's (DOL) increase in examinations of tax qualified retirement plans. The DOL can wreak havoc on a tax qualified plan in many areas, including the assessment of civil penalties on the plan, the plan sponsor, and responsible persons at the plan sponsor. Sometimes these can lead to criminal prosecutions. Plan examinations are often time consuming, expensive to conduct,...

Read More »
0 Comments »

Department of Labor Amnesty Updates for Deliquent Filers

Recognizing that many employers were unaware of their responsibility to file an annual return for various types of retirement and welfare employee benefit programs, the Department of Labor (DOL) created the Delinquent Filer Voluntary Compliance Program (DFVCP) in 1995.  DFVCP allows an employer who has not filed required Form 5500s to file all required Form 5500s for a particular program at one time, and pay a reduced one-time penalty.  The penalty amount will vary depending on the number of...

Read More »
0 Comments »

Accounting Insights (Part 2 of 2) - Proposed Accounting Rule Changes: Proposed for 2013 or Later

Lease Accounting

As we have previously discussed in other venues and publications, an FASB Exposure Draft was issued in 2010 that would significantly change lease accounting.  Briefly, virtually all leases would be considered a form of financing and even today’s operating leases would become capital leases.  An intangible asset consisting of the “right of use” of the asset equal to the lease liability is recorded at inception.  Because debt would go up and what is presently rent expense would...

Read More »
0 Comments »