Increased security and compliance efforts at BBT protect church members.
What does it mean for a non-profit organization like Brethren Benefit Trust (BBT) to be compliant in this day of increased regulations, including more recent laws like HIPAA and HITECH that protect personal health information, and the Pension Protection Act of 2006? We’re finding out.
Last fall, BBT hired a consulting company that specializes in helping organizations assess compliance needs and risks. BBT has numerous compliance mandates that are regulated by state and federal laws. All BBT staff met with representatives from the consulting firm over a two-day period as they learned about the data managed through the Brethren Pension Plan, the Brethren Foundation, Brethren Insurance Services, and as staff of the Church of the Brethren Credit Union.
Senior BBT staff members have since met with the lead consultant for a few more meetings to assess threats and possible outcomes. This is leading the organization to create a number of policies and procedures intended to make BBT fully compliant with applicable laws and with top standards of business.
One example is the need to ensure that confidential information is not left unattended on computer screens, fax machines, printers, or in file cabinets that are accessible to staff from other departments or others beyond the BBT staff. BBT’s office space was configured within the Church of the Brethren General Offices in Elgin, Ill., at a time when privacy regulations were not as stringent. Now that these regulations are so much more strict and directive, BBT must assess how best to meet the guidelines of today.
The BBT staff have identified risks and are in the process of writing drafts of new policies and procedures, and anticipate the need to make changes in how data is handled, and changes to the accessibility of office space. In truth, changes have already begun--confidential e-mail is encrypted, as is data on laptops and memory sticks; faxes are becoming segregated by department; perimeter doors are locked; and video cameras are set up in key areas.
With compliance issues permeating the work, BBT is at the point of needing a coordinator of compliance initiatives. Thus, in late January the creation of a new position was announced--a chief operating and compliance officer.
Why the combination of a compliance position with that of a chief operating officer portfolio? Over the past two-and-a-half years, BBT has worked hard to improve customer service and product offerings and to strengthen relationships, while also responding to an economic crisis and the subsequent recovery. All of these tasks were more short-term and reactive. It is now time to move our planning from the immediate to the future. Strategic planning and thinking, a review of policies and procedures, and an evaluation of all of BBT’s positions are in order.
As part of strengthening and growing BBT’s ministries, we are engaged in several other special activities. The search for a permanent chief financial officer will soon begin. A mid-level manager position in the finance department has been filled, and a help desk/programmer for the Information Technology department is being sought. The Brethren Pension Plan Task Force also met on Feb. 25 in Mechanicsburg, Pa., to consider ways to strengthen the plan for decades to come. The online portal for Brethren Foundation continues its beta testing prior to being launched for all Foundation clients.
Among these new and special initiatives, the BBT staff continues to support members, clients, and the entire Church of the Brethren denomination. Thank you for the opportunity for us to continue to be in your service.
-- Nevin Dulabaum is president of Brethren Benefit Trust.
No comments:
Post a Comment