Wearable fitness tracker company Fitbit recently announced that its devices are now HIPAA-compliant, broadening the types of businesses it aims to work with. Also in recent GRC news: CFOs report widespread earnings misrepresentation; SEC proposed changes to its administrative proceedings.
Fitbit wearables now HIPAA-compliant
Fitbit Inc. announced earlier this month that its wearable activity trackers now provide HIPAA compliance capabilities. The certification means Fitbit can extend its Fitness Wellness program to HIPAA-covered entities, including corporate wellness partners, health plans and self-insured businesses. The company will also be able to enter into Business Associate Agreements with these entities.
With its HIPAA compliance announcement, Fitbit reps say the company aims to serve more businesses while still securing customers’ most sensitive data. Much of the information tracked by Fitbit devices fall under HIPAA’s definition of protected health information, such as medical history and health insurance data. Information such as names, phone numbers and email addresses are also covered by HIPAA.
Ars Technica reporter Valentina Palladino predicts that the HIPAA certification will make Fitbit’s Fitness Wellness program more attractive to businesses. In addition to Geico, Quicken Loans and other existing corporate customers, Fitbit recently announced a deal to offer activity trackers to Target Corp.’s 335,000 U.S. employees.
Survey: CFOs believe 20% of firms misreport earnings
A recent survey found that many CFOs believe earnings misrepresentation is prevalent among firms. In a poll of 375 CFOs, researchers from Emory University, Duke University and Columbia University found that CFOs believe 20% of firms intentionally misrepresent earnings at any given time, even while these firms observe accounting principles and regulations. Most cases of misrepresentation involve earnings overstatement, but another one-third of firms under-report their earnings or reverse previous overstatements.
The CFOs also gave audit committees a low ranking among a list of factors that could influence earnings quality. “I think you can fool them, but what the audit committee is essentially going to ask is whether the CEO and controller are basically honest people who are going to report faithfully,” said one CFO in a supplemental interview the authors conducted in addition to the main study. The Securities and Exchange Commission‘s (SEC) enforcement process garnered an even lower ranking.
SEC makes moves to update rules governing administrative proceedings
Last week, the SEC made two announcements regarding how it conducts its administrative processes. These announcements arrive in the midst of growing complaints around the fairness of these processes, such as the SEC’s moves to file more administrative proceedings with in-house judges.
In one announcement, the Commission said it voted to propose changes to rules that govern its administrative proceedings. The goal is to modernize the rules to include provisions such as adjusting the timing of proceedings, in some cases extending the time before a hearing takes place. The changes would also allow parties to take depositions of witnesses as part of discovery and require parties to submit filings electronically and redact certain sensitive information in those filings.
According to the SEC, these proposals will simplify the requirements for seeking an SEC review of an initial decision, and offer greater transparency into the timing of the SEC’s decisions in these requests.
In another announcement, the Commission said it is overhauling its internal tribunal, an in-house court that includes federal judges, former SEC officials and business groups. The new set of rules would give defendants in cases sent to the SEC’s own judges similar legal protections provided in federal court, including giving defendants eight months to prepare for a trial as opposed to the current four months; and allowing them to obtain sworn testimony from witnesses and others before a trial.