Put Regulatory Compliance on Your Radar

“Once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return.” – Leonardo da Vinci

Even though Leonardo never got to experience the magic that is soaring among the clouds, he’s not wrong. Many people enjoy the experience of flying and seek to recreate it by building their very own aircraft. With all of the technology and resources available today, it’s more doable than you think.

When you build an airplane, there will be certain engineering, design, and construction standards that you need to follow. There are those elements required for every sort of aircraft: you must have essential parts (think wings, an engine, landing gear), submit plans to the Federal Aviation Administration to approve your airworthiness, and follow the Major Portion Rule. However, much of how you build an aircraft is up to you. You get to choose the kinds of materials you use to build your plane, the different features you want it to have, the timeline in which you’ll build.

In this sense, creating a contingency plan that keeps your business HIPAA- and HITECH- compliant is similar to how you go about building your own airplane.

HIPAA and HITECH are both laws put in place to protect sensitive patient data. Essentially, HIPAA lays the basis for privacy and security of health-related information, while HITECH enforces HIPAA in terms of electronic health records.

Both HIPAA and HITECH regulations require that you have a business continuity (or contingency) plan in place when disaster, natural or man-made, strikes. There are certain specifications for a contingency plan that are required and ones that are addressable.

If a specification is required, it means that a business must have that specification implemented as a part of their plan with absolutely no exceptions.

If a specification is addressable, it means that it must either be implemented, a substitute for it must be implemented, or a compelling reason is documented as to why a business elected not to implement it.

So, what kinds of specifications are there? Being aware of some of the most common required and addressable elements is the first step in creating an actionable plan for regulatory compliance:

Risk Assessment – REQUIRED

In order to be compliant, you must conduct a thorough assessment of potential vulnerabilities and how critical they are.

Testing and Revision Procedures – ADDRESSABLE

The idea behind this specification is to make sure that plans are in place to periodically test and revisit your contingency plan, test for new risks, and revise documentation if necessary.   

Data Backup Plan – REQUIRED

Maintaining regulatory compliance means having a plan in place to retrieve exact copies of protected health information in the event of a disaster (large or small). This plan must be documented and updated whenever something affecting it changes – a new software, server, regulation, etc.   

Applications and Data Criticality Analysis – ADDRESSABLE

The purpose of this analysis is to determine the data and software applications that are most important to your business operations. This will help your company determine which applications and data to restore first in the event of a catastrophe.

Disaster Recovery Plan – REQUIRED

In the case of a catastrophe, HIPAA and HITECH compliance regulations require your business to have a plan in place in order to restore any lost data, applications, and system functionality. This kind of plan should be designed to get your business back up and running quickly and encompasses the resources, actions, and materials required to do that.

These are only a handful of required and addressable elements that make up a compliant business continuity plan. There are many more. And with HIPAA and HITECH regulations consistently in flux, new regulations frequently arise.

The best way to ensure that your business is up to par on regulatory compliance specifications is to enlist the help of a professional compliance consultant. We’re happy to be that expert. Even if you choose to go with a different service provider, we cannot stress enough the importance of making sure your business is compliant, enough. Violation fines can range from $100 to $1.5 million per violation, and the reputation damage from receiving one (let alone many) has the potential to ruin your business.

Thus, regulatory compliance is not something to brush off. To avoid future headaches, start getting your contingency plan in place today.


Score a Touchdown with a Compliance Risk Assessment

Back in 2007, a widespread cheating scandal shook Florida State University. More than 60 student-athletes were involved in a fraud case for violating the National Collegiate Athletic Association (NCAA) academic standards. While not all the students were Seminole football players (varying FSU sports programs were affected), a large number of them were.

According to the NCAA’s report, a learning specialist, an academic advisor, and a tutor took various tests and wrote papers for the athletes. There were also a significant number of athletes who took an online music course that allowed them to pass by cheating.

The result? 23 football players were prohibited from competing in the 2007 Music City Bowl, including several of the team’s starters. FSU was also placed on four years’ probation and lost scholarship funding. The real kicker, though, was that 12 games in which ineligible players competed were retroactively removed from the record. Unfortunately for coach Bobby Bowden, this ruined any shot he had to beat Joe Paterno and top the coaches’ all-time wins list at the time. Sorry, Bobby. Cheaters never prosper.

Compliance Playbook

The moral of this story also applies to how your business handles maintaining compliance. You can’t phone it in when it comes to making sure your organization meets these critical standards. Especially when HIPAA penalties can range from $100 to $50,000 per violation. If that sounds scary, that’s because it is.

Essentially, there are two parts to staying compliant. Properly securing your network and using the right software.

There are correct ways to secure your network and then there are incorrect ways. 31% of consumers said they discontinue their relationships with an entity following a data breach,” so it’s important to do it right. You need a strong firewall, data encryption, antivirus software, strong passwords, and data backup, among other more organization-specific things.

Selecting software programs for your company is similar. There’s software that’s HIPAA-compliant, and there’s software that isn’t. Typically, the programs that are tend to be a bit more expensive. Some businesses see this and opt for the cheaper ones. While this is okay for records and information that don’t fall under HIPAA protections, if you’re caught using this software with ones that do, it’s not going to be good for your company’s reputation or pocketbook.

These are some of the rules of the game that take extra time and practice to master and put into motion in your organization.

Creating Your Perfect Play

If you’re thinking, “Uhh, that’s a lot to think about. I don’t want any fines. How do I know if I’m doing this compliance thing right?”

Simple. You hire an IT consultant who is familiar with compliance. They will provide your company with a compliance risk assessment that details everything you need to remedy in order to achieve compliance and minimize your risks. They’ll also be able to tell how to fix the problem areas that may be uncovered.  

According to KMPG, “Keeping policies current with changing regulations is the number one challenge for 47% of organizations.” Compliance regulations are complex and frequently change. It can be exhausting to keep up on your own. These experts are up-to-date on the latest standards and uniquely able to advise your business based today’s compliance requirements relevant to your business.

How you store your data, handle communication, and secure your network are all a part of maintaining compliance. That being said, we strongly recommend that you talk with an IT consultant and get a compliance risk assessment.

We’re happy to be that expert. But even if it isn’t us, we highly recommend that you speak with one. Staying compliant will keep your business in the game scoring and off the sidelines sulking.

I’ve moved to the Cloud, now what about that useless server room?

Before you turn out the lights and turn off the AC unit, I’ve got a few suggestions for how a room, once critical to your operations, can become even more important to your business.

Wine Bottles

Wine Storage

Think about it, the room is climate controlled, secure and close by. You can store those spendy wines you covet, which just happen to be the same ones your in-laws ask to take home when they visit. Now you can say sorry! All that pesky wine is at work, but I’ve got a great bottle of soda for you. Fresh vintage too!

There is one caveat here, be sure you quickly find out who has a key to the server room. After a little while, the wine value will be greater than any of the technology you had in the room to begin with, so you’ll need to make sure it’s secure or the wine may be disappear like your servers!

Chill Room

Chill Room

Well, it does have a dedicated HVAC system to keep it nice and cool. Setup a couple couches, play trance music and dim the lights. Your staff will soak up the relaxation as well as continue to learn from embedded knowledge. After all, those servers were there for so many years, there must be leftover energy from all the applications that were migrated away. This is the perfect spot for your team to chill and gain knowledge!

Rent Storage Space

There are storage businesses everywhere and now you can actually make money from the space that used to cost you thousands of dollars. Your staff can bring in their stuff, store it and if they don’t pay the fee’s you can auction everything off! Even more revenue!


Want a wine storage locker or a chill room? Call KME Systems, we can help you migrate to the cloud and even help renovate the old server room…

When Microsoft needs help, they call KME Systems!

All kidding aside, KME Systems was honored by Microsoft to be the spotlight company for the western regional call for Microsoft partners on May 5, 2017. Every month, Microsoft does a great job of informing their partners so they stay equipped to take care of their clients.

KME is honored to be partner of the month and give back to the partner community with some of our knowledge. You must know your stuff to speak on this call and we are honored to be chosen.

One of the focus points this month is VoIP and Skype for Business has come a long way. You can now make and take calls from Skype, have voicemail, etc. It’s always improving and is becoming a great fit for some of our clients. We’ve been deploying VoIP since 1998, so have a bit of experience…

Truly partnering with Microsoft brings many benefits to KME and our clients. Most MSP’s simply resell Office365 and move on, however KME maintains strong ties to Microsoft so we can make sure our clients take full advantage of the technology they are paying for.

Here’s a real-world example. We started working with a building firm that had Office365. They knew it cold or so they thought! They were using email, Word and Excel all the time and getting great results for over a year. So, I said that’s great!! And followed up with asking how they were using Delve, OneDrive, Sharepoint, Yammer, Skype, OneNote, Project, Planner and PowerBI. I got a blank look from the 4 folks in the room.

“How much extra is all that stuff and what does it do” they almost said in unison. “It’s included in your bill now” was the first answer and then I proceeded to show them how these other applications might help them out. I also discussed a planned, proven process to train all their team members so they got real utilization and actual time savings make everyone less frustrated and more efficient.

It’s a great story for new clients to hear. We genuinely improved a firm’s processes by learning more about them, showed the thought leaders inside the firm what was available, then developed a training plan to make sure they got real usage going. All because we stay engaged with Microsoft and take the time to really learn what they do and how they can help a client

Do you need help from KME like Microsoft? Give us a call, we’re here to help

4 Reasons You Need Better Network Security

As a business person you may not understand all that much about network security. You know it’s important, and you know that a breach can be bad for business, but do you understand why network security should be one of your main priorities? Network security is about more than just safeguarding corporate data, it’s about helping your business to thrive — and you can only do that with the right security in place and the right measures to stay protected.

Your network secures your business

Modern businesses keep and share all of their most important documents, records and data on interconnected workstations and servers both inside and outside your company. If you don’t sufficiently protect your network, it’s as good as sending an invitation to hackers to come and help themselves to that critical information. KME Systems knows how today’s hackers are constantly probing the network security of companies, looking for weaknesses they can exploit to gain access. With our help, you can safeguard confidential data such as customers’ personal details, corporate secrets and more, ensuring that hackers can never compromise it.

Regulatory requirements

Depending on your industry, you may also be subject to regulatory requirements that specify how your network security must be protected and maintained. These policies designed for the safety and security of trusted organizations are compulsory for any company that stores customer data electronically. KME Systems will help ensure to your organization is always one step ahead in meeting these requirements, meaning you avoid any crippling fines that might derail your business progress.

Increased network performance

One symptom of being hacked or otherwise threatened is a slowdown in network traffic that can also hurt your business. With strong network security in place that quickly resolves any disruptions and proactively prevents future intrusions, your network will always be ready to perform. KME Systems can ensure less downtime and reduced lag, leading to better productivity today and bigger profits for you in the long run.

Competitive advantage

AT KME Systems we make a point of helping our customers thrive. By creating an effective network security system, we’re providing you with a competitive edge. Consumers place great importance on how companies treat their data – they want to know it’s safe and secure from hackers and other threats. That’s exactly what we do, because we know that when you ensure your customer’s data is always protected, you’ll quickly build a reputation as a trustworthy brand they can rely on.


We didn’t become one of the leading managed services providers of network security by accident. We are leaders because we care about our customers and we know how to protect them. Talk to us today, and we can work together to protect your business and take it to the next level.

How to Avoid Becoming the Next Hacking Victim

Cyber attacks are so common now that hardly a week passes without news of another major network security breach involving a high-profile company. Well-known brands like Target, Sony and Yahoo have all fallen victim to security breaches in the last few years.

But hackers don’t just limit themselves the market’s major players – they will, and do, attack companies of all sizes, exploiting their weak defenses to infiltrate and steal valuable corporate data. In fact, smaller businesses are seen as much easier targets, because they usually lack the robust defenses that large enterprises routinely use.

So why should you worry about being next? The costs of a network security breach can be enormous, sometimes even crippling. One study from the National Cyber Security Alliance reports that around 20 percent of small businesses fall victim to a cyber attack each year, and of these, just 40 percent are still around six months later.

Can your business foot the bill from a major cyber security breach? Not likely.

Keep the bandits out

At KME Systems, our overriding goal is to help your company thrive, but you won’t stand a chance of doing that if your servers are leaking corporate and customer data all over the place. That’s why we make your network security such a big priority. We want to see our customers to succeed — and enjoy longer-lasting relationships with them.

As one of the leading Managed Services Providers in Orange County, we’ll strive to protect your network against everything attackers can throw at it.

Our big secret is that unlike other MSPs, we take time to get to know our clients and help them understand how to take full advantage of their technology.

When we uncover your unique risks and concerns, we prepare a plan to help you defend against the wide variety of cyber threats that could slow down and damage your business — and your reputation — including ransomware, insider attacks and other viruses.

And we go further to proactively avoid these threats by teaching you best practices to minimize the risk of becoming a victim in the first place. We’ll also help get you up and running with the latest antivirus software, firewalls and threat detection software to ensure your network security is as tight as it’s possible to be.

Your depend on your business technology to be successful, that much you know already. But it can also become your Achilles’ heel if your network defenses aren’t up to scratch. Contact KME Systems today and we’ll show you how to avoid becoming headline news for the wrong reasons.

KME Systems Receives 2017 Digium Pinnacle Partner Award

 KME Systems Awarded Digium® Pinnacle Partner Award for Outstanding Sales and Service of Switchvox Business Phone Systems and Asterisk Custom Communications

Annual Awards Recognize Top Digium Partners Worldwide who Deliver Unparalleled VoIP Solutions and Services

March 28, 2017, Lake Forest – KME Systems, a leading provider of VoIP business phone systems and managed IT services, today announced it has been awarded a 2017 Digium Pinnacle Partner award for their performance as an outstanding technology deployment company. This is the third consecutive year KME has earned this award. These Pinnacle Partner awards are presented annually to leading Digium partners who have excelled in developing and growing their partnership with Digium and driving customer success for either Switchvox Unified Communications (UC) or Asterisk Custom Communications solutions. KME Systems is one of the outstanding organizations selected based on 2016 sales and commitment to customer satisfaction.

“Being recognized as one of Digium’s Pinnacle Partner Award is truly rewarding,” said Mark Essayian, President and CEO of KME Systems. “We put a large emphasis on our customer service and doing things right the first time, so it is satisfying to be recognized for the work we do and the great outcomes we achieve.”

The collaboration between KME Systems and Digium Inc. grows the client base of both companies. Cloud-based phone systems and business communication offerings sold through this partnership better accommodate the variable IT needs of the managed IT services provider’s clients.

KME Systems has built their business around four core values – honest, integrity, respect, and ethics – which makes exceptional customer service a natural outcome of their efforts. Members of the KME team hold themselves up to the standard set by their Process for Success, regularly earning them awards like the Digium Pinnacle Partner Award for providing a client experience that is elevated above the rest.

About KME Systems

We started KME Systems in 1993 to help our clients thrive by protecting their reputation and profits.  We constantly work beside your team helping them learn and implement better technology and business processes.  Our goal is to listen to you and develop a constantly improving, joint strategy for success. We call this our Great Outcome and have a passion to deliver the right mix of support, products and genuine care to make you thrive. Simply put, we give a damn the first day we earn your trust and every day thereafter.

For more information on how KME Systems can help your company improve its managed IT services, contact us for a free consultation. Learn more about our capabilities at kmesystems.com or call 949-462-7001.

Make Your Communications Heroic with VoIP

In the comics, superheroes work together to defend the world from evil supervillains. Using the Watchtower, the heroes of the Justice League assemble for global defense. From his Batcave, Batman communicates valuable information to stop villains from carrying out their nefarious plans. However, none of it would be possible without voice over internet protocol (VoIP).

Use VoIP to Direct Your Heroes

VoIP allows you to extend your reach far beyond one fixed location. Need to get in touch with global agents while you’re out in the field? If you opt for a cloud or hybrid system, this is just the beginning of what you can do.

Coffee shops, diners and more can become another secret hideout through the use of mobile applications. You can reach agents on planes and trains, or hold a conference call while on the way to your next mission. VoIP doesn’t tie your business down like traditional PBX systems.

Stay Ahead of the Supervillains

Companies still using traditional PBX systems are spending more while falling behind their competitors that are using cutting-edge technology. Your expenses can dramatically decrease by switching to VoIP, allowing you to stay competitive.

Even the Justice League Needs an MSP

Upgrading your phone system brings a variety of new, easy-to-use features like video calls and screen sharing. But knowing what services will benefit your company’s specific needs can be confusing and time-consuming.

As an experienced managed services provider (MSP), KME Systems will help you learn the ins and outs and find the best system features for your agents to use.

At the end of the day, it’s all about gaining the upper hand and staying on the offense. The best way to do that is through communication. Your business is the Watchtower and your employees, your heroes. Give them the advantage in the field by utilizing a VoIP system.

Contact us, and we’ll get your Watchtower connected with all your agents.

VoIP: A Phone System for the 21st Century

For years, analog telephones and PBX systems have been a staple in the workplace. But it’s the 21st century, and the days of traditional phones are ending. Voice over internet protocol (VoIP) is taking over modern business communication.

So, What Is VoIP?

We don’t want to bore you with too much jargon, but put simply, VoIP is a means of talking to each other using digital signals as opposed to traditional analog signals. The technology can work almost anywhere there is an internet connection.

Equipping your office with VoIP technology like the Switchvox can lead to huge cost savings in the long run. Plus, most networks have the spare bandwidth to carry the extra load with minimal complications – even as your system scales to support your growth.

Become Mobile With the Cloud

By implementing a cloud or hybrid system, VoIP can open the door to nearly unlimited worldwide communication through the internet. However, the technology isn’t just for globetrotters; it can also make a standard 9 to 5 workday more convenient and fluid. With the press of a button, your phones can forward calls to your cell. That means you can go home or out to lunch without worrying about missing an important call.

Imagine having the ability to speak to your employees or clients while working from nearly anywhere in the world with perfect clarity. There’s no need to worry about overages or exorbitant international rates either.

The Bigger Picture: Unified Communications

VoIP is a core component of a unified communications solution, as it allows businesses to integrate a wide variety of collaboration applications across multiple platforms. Brands like Skype specialize in VoIP solutions and integrate easily with other Microsoft applications like Office 365.

KME: A Leader in Communications

As a leading voice in business communications, KME Systems can provide best-in-class solutions specific to your needs. Let’s talk.

You’re Wasting Your Time with Office 365!

Before Bill Gates busts down my door, let me explain.

Office 365 is an incredible business tool. However, many users simply do not understand how to properly use it and hence waste a lot of time in their day.

For example, over 90% of people I train on improving their Office 365 proficiency have no idea you can log into Outlook within a browser. I ask them to log in and do a search in Outlook. It’s fast and has the exact same data as your desktop app. The very same function which would lock up your desktop Outlook app for a considerable amount of time may now be performed within a browser, leaving your desktop app fully available for other use. Plus, you can open multiple Web Outlook pages, allowing for many searches at once. Have you ever performed a search, then written an email, and then had to perform the very same search again?  All that frustration is easily swept away.

Other examples are Delve, Calendar, OneDrive, Sharepoint, OneNote, etc. I demonstrate to our clients how to effectively use these applications to save them many minutes a day.  Some folks respond, saying, “It’s only 5 – 10 minutes saved per week, no big deal!”

Well, it is a big deal.or example in a 30 person company, I can give you back 30 hours a week of productivity.   More billable work, more profits, better customer service, etc.  That’s a big deal to me.

Some don’t truly believe we can save them 5 – 10 minutes a week.  That is when I show them that, by using Sharepoint, Delve and Onedrive, they will never need to manually search for a document again.  Delve shows you all the documents on which you’ve worked, no matter if it’s Word, Excel, Powerpoint, etc. Plus, it also shows you all the documents your team has worked on.  No more wandering your server drives, looking on the “X” or “T” or “S drive”.  It’s all there, locatable in seconds.

So, ask yourself: how much time each day do you waste looking for information?

Step Beyond Office 365

Interested in learning more?  Log in now at portal.office.com and see for yourself what’s available. Then, ask your MSP or IT person to provide a training class on Office 365 utilization. Done right, your team will have less frustration and more productivity – all on a tool you already own, just that you may not know how to fully utilize. Why waste any more of your time?

Agree?  Disagree?  Let me know!