Three Noteworthy Regulatory Run-ins During 2014

Rules and regulations stamps next to stack of papers
Companies in regulated industries like healthcare or financial services are facing increased pressure to remain compliant — a challenge when organizations face volatile factors such as new security vulnerabilities, staff’s failure to follow company policy or a third party’s negligence. The result is an increasing number of regulatory run-ins. Here are a few noteworthy incidents that made headlines in 2014.

Health Insurance and Portability and Accountability Act


During the Heartbleed epidemic, Franklin, TN-based Community Health Systems had 4.5 million of its patients’ personal information stolen. Not only was this the largest Health Insurance and Portability and Accountability Act (HIPAA) breach of 2014 but also the second largest HIPAA breach ever.

Sarbanes-Oxley Act


The CEO and former CFO of a computer equipment company, which went bankrupt in 2009, were charged with violating the Sarbanes-Oxley (SOX) Act. The CFO hid the fact that the company didn’t have adequate inventory controls and manipulated accounting records in order to increase the amount of money the company could borrow.

National Credit Union Administration


During a National Credit Union Administration (NCUA) examination of Palm Springs Federal Credit Union, an unencrypted flash drive containing credit union members’ personal data went missing. The NCUA later announced that the drive was lost due to the investigator himself failing to follow NCUA’s policies for protecting sensitive data.

To read more about how to cope with regulatory pressures, read our post “Compliance Concerns Are Rising — Here's What You Can Do About It.”