IT and Business Insights for SMB Solution Providers

Don't Overlook Lesser-Known Compliance Issues

VARs typically help clients stay within the more well-known HIPAA and Gramm-Leach Bliley regulations. But there are a host of other laws clients may break if you don't intervene. By Martin Sinderman

At this point, most SMBs are at least somewhat familiar with laws like the Health Insurance Portability and Accountability Act and the Financial Services Modernization Act (better known as HIPAA and the Gramm-Leach-Bliley Act, respectively). Trouble is they're equally responsible for complying with a whole host of other, more obscure, regulations.

IT providers have a crucial role to play in helping clients understand and obey all government directives, not just the famous ones, according to Steve Moore, manager of human resource services for Insperity Inc., a Houston-based provider of personnel and operations services.

Moore cites the Electronic Communications Privacy Act as an example of the kind of regulation businesses can easily break without a channel partner's assistance. The 1986 law protects oral, wire, and electronic transmissions from unauthorized interception, and obliges companies that snoop on employee communications to do so only for legally allowable reasons. “It is permissible for a company to examine email, personal files on workplace computers, and other information residing on a company's network, as long as this activity does not constitute harassment, discrimination, or offensive or inappropriate conduct,” Moore states.

Helping keep technology usage policies within legal bounds is another way channel pros can aid their customers, Moore adds. “Too often, companies violate federal labor laws because of overly broad or vague policies, such as those addressing what an employee can or cannot say on social media sites or blogs,” he says.

Efforts by federal, state, and local governments to tax Web-based services could soon pose an ever greater regulatory challenge for end users, according to Jonathan Marashlian, a partner at Marashlian & Donahue LLC, a McLean, Va.-based law firm serving the communications industry.

“Tax and fee compliance is a major issue, and it's only going to become more prominent as more and more consumers migrate to the cloud while governments are simultaneously straining to tap sources of tax revenue to fill their coffers,” Marashlian says.

That most Internet traffic crosses state lines only complicates matters further, he adds. “Complying with multistate, multilocality transaction taxes and regulatory fees requires a combination of professional services assistance, tax calculation software, and in many instances, the outsourcing of remittance and compliance due to the sheer volume and complexity of the task,” Marashlian notes. Ignore that responsibility, though, and you could all too easily find yourself dragged into a client's audit or enforcement action.

Of course, helping customers meet the full range of their compliance requirements would be significantly easier if details on those obligations were available someplace central and searchable, and maybe someday they will be. Until then, your attorney and peers are likely to be the best resources to consult for advice and information.

About the Author

Martin Sinderman is a freelance writer and frequent ChannelPro contributor in Savannah, Ga.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.