SAS 70 Audit for Third Party Administrators
By Ben Osbrach, National Risk Advisory Leader
Third Party Administrators (TPAs) perform critical functions for many organizations by processing insurance claims or certain aspects of employee benefit plans. Whether it’s health care administration, insurance claims processing, utilization reviews or processing of benefit plans (i.e. retirement plans, flexible spending accounts, etc); TPAs handle sensitive data that if misstated posses a financial and/or regulatory risks to their clients. Increased demand for security, privacy and regulatory compliance has escalated the need for TPAs to become SAS 70 compliant. SAS 70 is playing an important role for service organizations by establishing credibility and trust with their clients and as a marketing tool to enter new markets or expand existing market share.