3 Requirements for Compliant Financial Services and Healthcare Client Communication

In heavily regulated industries like financial services and healthcare, it is imperative to ensure that everything you send out through the mail or print for distribution follows the letter of the law to avoid being out of compliance and face fines for infractions. When looking for the best partner for printing, mailing, fulfillment, and distribution, there are 3 areas that you should ensure your partner has and/or does:

1. Compliance Training and Certifications – Receiving certifications such as the AICPA’s SOC 2 Type II compliance training and certificate(s), and/or following ISO27001 and HIPAA compliance are absolute must-haves. When your client’s sensitive personal identifiable information (PII) and/or personal health information (PHI) is being submitted to your printing, fulfillment, or direct mail partner, you want to know that they have the proper controls, system setup, and know-how to handle that data properly. Ask that your partner provide you with proof of their certifications, and don’t forget to check in periodically for updated certification proof as they do expire and need to be renewed to ensure they remain in compliance.

• Disaster Recovery Plan – Sometimes the unthinkable happens, whether that’s a flood or a once in our lifetime pandemic, and your partner needs to be prepared. Working in a heavily regulated industry means that you are required to get certain documents printed and distributed in a timely manner, and the law doesn’t look at what was happening externally if you miss those important deadlines. Be sure your partner can provide you with their disaster recovery plan (including data recovery), or at the very least, articulate it.
• Secure Storage – This applies to physical items as well as digital. For digital, the right partner should have secure online file transfer (FTP) through an SSH or SFTP, a secure firewall that’s periodically tested for vulnerability, data security policies, and ongoing audits. They should also have policies for digital file destruction once they no longer need to hold your files. For physical storage, look for fulfillment and print partners who have security cameras and protocols for entry into the building, locked cages for high-value items, and document destruction protocols for items you no longer need. 

At the end of the day, remember that engaging with clients and integrating your direct mail, printing, fulfillment, or kitting programs with compliant practices doesn’t have to be challenging. Of course, every business is different and you likely will have a laundry list of needs for your partner, but if you cover these 3 items to ensure your partner is compliant, it gets you off to a great start. 

Coincidentally (ok, not at all coincidentally, who are we kidding), Kirkwood Direct is well versed in compliance for financial services, healthcare, and other regulated industries. We understand the sensitivity of your and the industry’s regulatory requirements and we guarantee we will execute following all laws and regulations, along with your specific requirements on time and on budget, every time. We hope you’ll give us a chance to show you what an excellent partner we will be for you, you won’t regret it.