SOX / HIPAA/DPA compliance in India 1188



  • I would appreciate if you could provide some some info on achieving SOX / HIPAA/DPA compliance by BPO companies operating in India servicing US/UK clients.

    1. Road Map to SOX / HIPAA/DPA compliance
    2. Who is offering this service in India
    3. Cost of certification.
      Kind Regards and thanks…


  • Don’t spam the board please. Can you delete the other two threads that you created for the same subject.
    Thanks.



  • Thanks Denis.
    As he didn’t respond, I’ve done it for him, and moved it to the appropriate Forum.



  • Denis, I am sorry and Thanks sysadmin for deleting my duplicate postings. I was thinking that I would get some reply from someone at the earliest. I will avoid posting duplicate messages hereafter. Kind regards…



  • Span,
    Well I cannot tell you the name of any specific agency or person providing this services. However, recently Infosys and Bank of Panjab or Panjab National Bank(not sure which bank) have done the sox compliance. You can approach them for further guidance. The mentioned bank, although, has nothing to do with Sox as far as indian law is concerned, however, they are proactively doing this after getting impresssed by the law.
    Radhey Radhey



  • Thanks for your lead…Kind Rgds…



  • I would appreciate if you could provide some some info on achieving SOX / HIPAA/DPA compliance by BPO companies operating in India servicing US/UK clients.

    1. Road Map to SOX / HIPAA/DPA compliance
    2. Who is offering this service in India
    3. Cost of certification.
      Kind Regards and thanks…
      Can’t comment too much on HIPAA but unless the specific BPO company was listed in the US (i.e. required to submit 20-F to SEC) then there woul dbe NO REQUIREMENT TO COMPLY WITH SOX.
      What the BPO’s will need to do is provide a degree of comfort around their ability to control what they do for their clients. With this in mind you might want to look at some of hte threads on here around SAS 70 and outsourced service providers.


  • Its the question of controls outsourced to a subsidiary or service provider in another country.
    Its the parent organization which is getting SOX certification so decide first whether the organization in other countries are in scope for SOX or not.
    Pls refer to the ealier post by many senior members in this forum which covers this topic adequately.



  • Could someone please let me know:

    1. Which are the Indian companies that are SOX compliant
    2. What the deadline/timeline is
    3. Is applicable on which industries (IT firms for example)
      Thanks…


  • Hi,
    You might try writing to Sejal H., Sejalh at haribhaktigroup dot com. Her firm provides SOX assistance services in India.
    Regards,
    Milan


Log in to reply