+ 1 570-842-8144

Sarbanes-Oxley Compliance

The Sarbanes-Oxley Act (SOX) was instituted in 2002 after a series of corporate scandals that could have been prevented had better financial and IT controls been in place. The goal of SOX is “to protect investors by improving the accuracy and reliability of corporate disclosures.”

The Act requires that the annual reports of public companies include an end-of-fiscal-year assessment documenting the effectiveness of internal control over financial reporting and that the company’s independent auditors attest to, and report on, the assessment. It was designed with the goal of implementing accounting and disclosure requirements that:

  • Increase transparency in corporate governance and financial reporting.
  • Formalize a system of internal checks and balances.

SOX was enacted to create a consistent standard of care for an array of public businesses, as well as private companies in some cases, in the interest of customers, employees, vendors and any relevant third parties. Companies that need to comply with SOX requirements include the following:

  • All publicly held American companies
  • Any publicly traded international companies that have registered equity or debt securities with the U.S. Securities and Exchange Commission (SEC)
  • Any accounting firm or other third party that provides financial services to either of the above

Penalties for non-compliance can include fines, removal from listings on public stock exchanges and invalidation of D&O insurance policies. Under the Act, CEOs and CFOs who willfully submit an incorrect certification to a SOX compliance audit can face fines of $5 million and up to 20 years in jail.

ATIBAs SOX compliance team members will support and strengthen your compliance strategy by providing a review of your organizations’ internal controls which will include any computers, electronic infrastructure, network hardware and any other technology-based components through which financial data passes.

Our team will provide an assessment report that will describe the scope of the assessment performed, outlines your controls, identifies control gaps and documents recommendations that will improve your organizations’ control environment so that you can implement the appropriate changes prior to your annual audit. Contact us today to learn more about how we can assist in your compliance efforts!

Medicare & Medicaid Regulatory Compliance

Managing Medicare and Medicaid regulatory compliance can be challenging, especially for new healthcare plans. We have experts on our team who have led compliance efforts for some of the largest healthcare insurers in the country! They can help you establish new compliance programs or validate and strengthen the effectiveness of your current program.

Review our ‘Healthcare Services’ page to learn more about our Medicare and Medicaid compliance capabilities, including our expertise with Medicare Advantage (MA/MAPD) Plans with or without Part D benefits and Medicare Medicaid Plans (MMP).

Contact us for assistance in identifying your compliance risk and strengthening your compliance programs!

HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires that organizations defined as a ‘covered entity or a business associate’ that handles electronic protected health information ‘ePHI’ implement reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI. The HITECH Act also requires that organizations must have established procedures in place to report breaches of ePHI data within specific timelines.

If you are a covered entity organization that experiences a data breach and it is determined you did not have the required safeguards in place, the consequences can be quite expensive. Depending on the circumstances, both financial penalties and criminal penalties may apply.

Our goal is to help you mitigate your compliance risk and safeguard the ePHI data you hold that if exposed, could cause harm to your clients and to your reputation.

ATIBAs compliance experts can help you manage your risk; we will perform a HIPAA compliance assessment to determine the maturity and effectiveness of your ePHI policies and procedures. Upon completion of the assessment, we will deliver a report that defines the processes, procedures and related controls currently in place that support your HIPAA compliance as defined by the Security Rule and HITECH requirements, as well as our recommendations to address any weaknesses or gaps that require hardening.

HIPAA compliance assessments are like insurance policies - manage your risk now or risk paying a penalty in the future!


Contact us

Lackawanna County
Elmhurst Township, PA 18444



Business Time

Monday - Friday

9:00 am - 5:00 pm



Call to discuss how we can
help you achieve your goals!

Phone: +1 570-842-8144