Chris Kropac, President of PCI Group discusses why it’s necessary to have a VP of Compliance to PCI Group’s business.

Businesses choose PCI Group because we have established rigid protocols and surpassed industry standards to protect their sensitive information.

As a transactional-focused print and mail provider, PCI Group delivers solutions to industries that must adhere to many regulations. Compliance with these is critical to ensure that our customers don’t incur fines or other ramifications from regulatory governing bodies. Since these laws impact almost every customer, President and Co-Owner Chris Kropac answered why the company employs a VP of Compliance on this episode of Ask the Experts.

“Compliance is a full-time job,” Chris said. That’s because compliance is complex and multi-faceted. There are healthcare-related regulations, such as HIPAA and HITRUST. There’s also FISMA and PCI DSS. It could be challenging to manage all these rules if they were under the guidance of someone that did it as part of their job. The seriousness of this necessitates the need to have a VP of Compliance. 

“The VP of Compliance is critical in understanding what’s coming down the pipe. She also has a counterpart she works with for compliance audits for clients. They may send us a document with questions and then require an on-site visit, so she handles all that,” Chris explained. 

In addition to client audits, our third-party auditor evaluates our compliance with these quarterly. “They come in and do penetration and other types of testing,” Chris added. The VP of Compliance is vital to that relationship and keeps our clients adherent and up to date.