ComplyChain™ -- Service FAQ

A: ComplyChain is a unique and timely online service for business people who are responsible for automated relationships with partners. We enable them to gain control of regulatory and business risks associated with the exchange of information and the external technologies they depend on. This significantly reduces business and regulatory exposure, dramatically lowers costs and increases operational agility.

A: ComplyChain™ is a trusted authority that sits between organizations, enabling the quick coupling and de-coupling of partners and continual improvement of partner relationships with regard to information controls and compliance. The service is accessed at the ComplyChain.com website which is hosted in a Tier 1 data center. Just as you log on to your favorite website, you can connect to ComplyChain.com and collaborate with partners to manage your shared information controls and compliance issues.

A: As a Supply Chain Manager, your organization looks to you for the creation of strategic value. Often that strategic value involves relying on shared information systems with your partners. While valuable, these shared information services increase your risks, whether they are: (i) loss of secure pricing or customer data, (ii) interruption of services due to inability to access critical information at a critical time, (iii) significant rework caused by poor data quality from partners, or (iv) security vulnerability through partners. Moreover, these risks are difficult to manage because they cross organizational boundaries.

ComplyChain provides the capability to efficiently and effectively work with your partners to establish and manage shared business information controls so that you can “Collaborate with Confidence.” For more information about how ComplyChain™ can help you as a Supply Chain Manager, click here.

A: ComplyChain offers you the unique capability of managing and protecting electronic PHI transactions with your Business Associates, helping to keep you in compliance with HIPAA regulation. ComplyChain assures HIPAA compliance by continuously monitoring the service terms of your Business Associate Agreements and by extending your information controls to your Business Associates’ information systems so that you will be immediately notified of a compliance issue. In addition, ComplyChain automates control of your Business Associates’ information service, dramatically reducing the ever-escalating costs of managing these partnerships.

For more information how the ComplyChain service can help you as a HIPAA Compliance Officer, click here.

A:ComplyChain greatly assists a Merger and Acquisition effort by reducing the costs and risks of integrating the information systems controls of the two participating organizations, and by assuring the alignment of information service quality, security, and regulatory compliance as the organizations merge and change.

For more information how the ComplyChain service can help you Mergers and Acquisitions, click here.

Back to top

Q: Can ComplyChain help align federated business units that have their own independent information, infrastructure, and governance?

A: Yes, if your operating units have automated business processes and information dependencies between them, then ComplyChain can help you. ComplyChain permits teams from different operating units, acquired, or merged companies to plan, negotiate, implement, and monitor a joint information controls framework, which is automated by a compliance process linking their distinct operations.

General

Q: What is the pricing for ComplyChain?

A: Our pricing model is value-oriented and consistent with an insurance-oriented offering. We offer strategic capability at a value-oriented price. The service is billed monthly and you are billed only for what you use.

A: ComplyChain provides all of our customers with the same high quality and value support including but not limited to the following:

Context-sensitive help throughout the application
Computer-based training throughout the application
·Web-based support in the form of a self-help knowledge base plus issues reporting and tracking area (see links above)
For-fee rapid-response email and chat-based support Available 7:00AM to 7:00PM U.S. Central Time Monday through Friday except on U.S. national and banking holidays
For-fee live web-based training by published schedule
Free support for named users during their first month of service
Click here to learn more.

Additional training, support, and consulting services can be customized to meet your needs.

A: One of the great benefits of using our Web-hosted application is that you always have access to the latest version of our applications. Enhancements are sent automatically—without disruption or effort. This eliminates time-consuming and costly upgrades, and you never have to worry about installing or maintaining software.

A: ComplyChain is a U.S.-based business service. Many customers have international partners that they will want to include in the ComplyChain process. ComplyChain is accessible from anywhere in the world via the Web. As long as international companies are able to work with the service in English and there are no foreign restrictions on utilizing the service under our U.S. terms and conditions, then an international company can be a user of ComplyChain. We plan to have an international version in the future and we are constantly evaluating international compliance issues at the request of our customers.

A: A collaborative Business Service Management (cBSM) solution is a business-oriented solution for managing information services to a business. Collaborative BSM also facilitates inter-organizational BSM activities. ComplyChain as a cBSM solution promotes quick and continuous alignment of information service control and compliance issues for business users. Unlike traditional organization- and IT-centric BSM solutions that leave you vulnerable to partner-related compliance and service failures, a cBSM solution focuses on the “edge” of the enterprise, where often the most strategic value exists along with the greatest information risks.

ComplyChain is a cBSM service solution for business people who are responsible for automated relationships as well as regulatory and business risks associated with the information exchange and external technologies with partners. ComplyChain provides a unique set of tools to help partners negotiate, implement, monitor, respond, settle, test, and improve the information service controls that their shared business efforts rely on. ComplyChain also works with your internal SLM or BSM solutions and extends them to your partners.

For more information on cBSM, click here.

A:A shared information process is defined as the automated and coordinated flow of business information and transactions between two or more organizations. Organizations can be distinct business units within a large enterprise or completely unique legal entities. Examples of shared information due to advances in technology include: product design between manufacturer and a component vendor, supply chain initiatives, outsourcing, healthcare Business Associate relationships, partner relationship management, etc.

Such shared information processes create information dependencies and information risks with other organizations that must be managed. As information crosses boundaries, one organization depends on the other for information service controls with regard to security, availability, performance, reliability, change management, and other issues. Shared information service controls are joint efforts to manage the activities associated with providing information as a shared service to each other. Effective information service controls are established only by working together with a proven framework of information service controls and in an automated compliance management process. . ComplyChain provides this capability.

A: COBIT has become a generally applicable and widely accepted standard for good Information Technology (IT) security and control practices. It provides a reference framework for management, users, and IS audit, control and security practitioners.

COBIT, issued by the IT Governance Institute and now in its third edition, is becoming internationally accepted as good practice for control over information, IT and related risks. Its guidelines enable an enterprise to implement effective IT governance that is pervasive and intrinsic throughout the enterprise. For more information about COBIT, see our resources page.

Getting Started

Q: How do I get started with ComplyChain™?

A: To get started, simply contact us about our 90-day proof-of-concept offer by email . While trying our service, you will work with our ComplyChain representatives to establish information service controls with 1 to 3 partners in order to see how it benefits your partnerships.

A:To use ComplyChain, all you need is a Windows™ based system with a web browser and access to the Internet. ComplyChain™ works with Netscape™ AOL™ Navigator™ 7.01 or higher, or Microsoft™ Internet Explorer™ 5.5+ or higher.

A:Implementation depends on two variables: 1) the number of partners you choose to start with, and 2) the number and complexity of the controls you choose to implement. Most users can plan and implement ComplyChain with one partner and 20 information controls within 1 to 4 weeks. Most of this time is for communication and organization of resources. ComplyChain supports reusing existing assets for quick information control solutions.

Implementation

Q: What training and implementation services are available?

A: Training is available online and through frequent webinars. Implementation services are offered through our consulting services.

Back to top

Q: Can I take advantage of current controls, agents, remote services, and adapters to provide data feeds to ComplyChain?

A: Yes, the information system controls, agents, remote monitoring services, and adapters used by your organization or your partners’ organization can be repurposed to provide information feeds, which we call "vital signs", for use by ComplyChain. We only handle information service "vital signs," not business information. This is strictly enforced by the use of COBIT™ and is necessary for our continued neutrality as a service and our compliance with regulations monitoring the use of business or customer information. We do not use this type of regulated data.

A: Yes, we have designed ComplyChain functionality, capacity and pricing to be very granular. You only pay for the functionality and capacity your application requires and actually uses. You can grow as your need demands.

Data and Scalability

Q: Is my data safe when I use ComplyChain?

A: ComplyChain does not use any of your business/operational data or information to function. It simply takes "vital signs" of the information services that support your applications and data. Therefore, ComplyChain poses no risk to your data and we cannot violate any information regulations you may be subject to.

Our service contains systems performance information, ComplyChain configuration information, control definitions, and ComplyChain customer contact and billing information. To protect this data, ComplyChain has partnered with a state-of-the-art Tier1 Hosting Service Provider who joins their security expertise with ours.

When you log into ComplyChain.com, you will see a small lock icon at the bottom of your browser display, indicating that a secure (SSL) connection has been established to our server. In addition, the URLs used to access your data on ComplyChain.com are all preceded with https instead of http, which also indicates that a secure connection is being maintained for data access.

ComplyChain employs SSL and can employ VPN by request and payment. We also offer free use of our service to establish shared business information controls to manage our relationship with you.

A: ComplyChain does not use any of your business/operational data or information to function. It simply monitors "vital signs" of the specific information services that support your applications and data. Therefore, there is no risk to your data using ComplyChain and we cannot violate any information regulations you may be subject to.

Our service contains systems performance information, ComplyChain configuration information, control definitions, and ComplyChain customer contact and billing information. To protect this data, ComplyChain has partnered with a state-of-the-art Tier1 Hosting Service Provider who joins their security expertise with ours.

This information is your asset. ComplyChain is committed to keeping your data private and secure and offers free use of our service to establish the shared business controls required. Our privacy policy is extremely thorough and our desire is to protect the privacy of your information. Please read it and contact us if you have any issues with it.

A:No. As stated in the ComplyChain Privacy Policy, "ComplyChain will not review, share, distribute, print, or reference any such Data except as provided in the ComplyChain service and End User License Agreement, or as may be required by law. Individual records may at times be viewed or accessed only for the purpose of resolving a problem, support issue, or suspected violation of the ComplyChain service and End User License Agreement, or as may be required by law. Of course, customers are responsible for maintaining the confidentiality and security of their user identities and passwords.”

For our complete privacy policy, click here.

A: You can receive a complete export of all your company data on ComplyChain by signing up for a weekly export service or writing your own queries in our reporting module. We also automatically archive data for you when you purchase our storage service. For more information please contact us.

A:ComplyChain.com has the capacity to scale to the needs of the largest of enterprises. The architecture behind the ComplyChain.com solution was designed to handle millions of users and we plan capacity very carefully in order to have excess capacity on hand for increases in demand. Please contact us for a comprehensive explanation.

Subscribe to our free e-mail newsletter