As part of its Partner Data Exchange Manager, Adeptia offers a comprehensive Data Compliance solution that allows companies to enforce SOX, HIPAA and PCI-DSS Compliance policies on inbound and outbound data.
Discovery: to discover which files are moved within the company infrastructure and which servers they travel to/from, and by identifying and cataloging each individual transfer step to create information on end to end data flows.
Catalog: to enrich the flows identified during the Discovery phase and to associate SLA attributes with them such as: time/date cut-offs, business level information, triggers and alerts. New flows can also be defined and inserted.
Monitor & Audit: a web based interface for monitoring and control of all data routing activity, the status of the integration with each application in the process flow. Users can select which meta-data attribute is logged in the Audit so that this information is available and searchable in a drill-down report to the IT/Operations users along with full status related to access, integration and transfer of the data.
Report: a batch based reporting tool for data and trend analysis as well as usage and SLA reporting for management and business presentation.
Along with the key features described above, the Data Compliance solution also has built in connectors to integrate with external APIs and SNMP tools.
Below is an example of a B2B Integration process in Adeptia.
Now here's the process flow when Compliance is turned ON.
In this process we can apply the rules related to HIPAA 164.312 regulations around data security and access. For example, during the arrival of the inbound EDI file from a Partner, Adeptia enforces the Access Control policies related to which person/entity has access to the data. Adeptia also addresses the Security policy by encrypting the data.
Some of the other attributes that Adeptia also enforces are rules such as whether the Partner has sent the file in accordance to your mutually agreed upon SLA. Adeptia can look at the data size and match with recent activity to see if there is any drastic change in the file size compared to previous data exchanges. Some of these Compliance rules can also be attached to a notification service that sends out an alert to your IT team in case of any exceptions.
As part of the HIPAA regulation on Transmission security, Adeptia validates the Partner via signed certificates and transmits the data via SSL.
In the process flow there are integration touch-points where data is integrated with ERP and databases. In these steps, Adeptia keeps track of the particular User Access logins being used to connect to the application, specific Database schemas being used to execute the SQL operations and these and other attributes are all stored in the Compliance logs for reporting.
Here are some screenshots of the Compliance Dashboard showing a comprehensive view of end-to-end data security in Adeptia B2B integration process flow. It also provides data points specific to application integration, data volume, data exceptions, partner data exchange SLA exceptions, etc.
Here's a custom view of the Compliance Dashboard for a Manufacturing company.
Adeptia's Data Compliance solution provides Centralized Governance of all your data movement within the company and as part of the process flow lifecycle. Early alarms/notifications can be setup to monitor SLA violations and this also addresses the "preventative" policies needed by your company to handle missed shipment dates, late arrival of parts information, or incorrect enrollment plans from third-party agents.
For more information on the Data Compliance, please refer to http://www.primeur.com/spazio-file-governance