VRC: Performance and Partnership

As this is being written, the annual NAEO Conference is beginning to wrap up. This year, friends and colleagues from across the United States and Canada gathered in beautiful San Antonio, Texas. Many of us appreciated the warm weather after enduring a long, tough winter back home. We want to send a special thanks to the La Cantera Resort; the service and hospitality were only bested by the stunning beauty of the Texas Hill Country. More importantly, it was a time for the renewal of long-term partnerships with our clients, many of whom have become like extended family to us.

"Partnerships" and "clients" are terms we use every day in business, but conferences like NAEO serve as an excellent reminder of what lies beneath those words. All the new technology and the dramatic changes in how we work would simply be boring, time-consuming tasks if that was all there was to it. One of the sincere benefits of being part of the VanRein Compliance team is the human connection every member of our team values, nourishes, and supports on a daily basis.

VRC is truly blessed to partner with companies that began as family startups and have grown to multi-generational businesses that now include sons, daughters, nephews, nieces, and cousins. It reminds us why VRC is here: to ultimately serve people. We are here to support, encourage, and coach you through this complex and heavily regulated environment. Our goal is to save you time and stress, while sharing a few laughs and building fond memories along the way. Respect, integrity, understanding, patience, and active listening still matter in this crazy, fast-paced world, and we are honored to be part of your journey.

So, from the bottom of our hearts... THANK YOU.

Experience the VRC Standard

For those of you who still find value in these principles, who operate on a foundation of people-centered, service-minded guidance, we invite you to check us out.  Learn why VRC offers the best experience you can find in the industry.  For us, "setting the standard" rather than just meeting it is a reality, not just empty words.  A "zero-defects" mindset is baked into everything we do to ensure your peace of mind and trust.

HIPAA Corner

Mark your calendars, because significant changes are coming just in time for the long, hot summer.  Acting now will take the burn out of the transition from "addressable" to "required."  It has been more than a decade since the last major update to HIPAA laws.

After months of discussion and speculation, sweeping changes are arriving by the end of May.  The bottom line is that many compliance rules as we have known them are shifting from simple documentation recommendations to mandatory requirements.

This will be an impactful change as your Protected Health Information (PHI) efforts must now directly connect to cybersecurity.  Think of this like a teenager suddenly having to become an adult.  There is a steep learning curve, to say the least.

One of the most significant impacts will be the rigorous testing of your policies, procedures, and plans.  Do they actually work?  How do you know?  Can you answer those two questions effectively?  Have you been part of a tabletop exercise?  Have you conducted a penetration test on your systems?  Have you performed vulnerability scans on your files, work platforms, security systems, or even your email?  These are the types of questions you will be required to answer during an audit.  If you have not performed these tests, you must start now.  If you do not, the Office for Civil Rights is likely to come knocking on your door.  This can create massive headaches for your business, impacting your clients and partnerships while resulting in lasting reputational and financial damage to the company you have worked so hard to build.

VanRein Compliance (VRC) has maintained a "Focus Forward" mindset for more than a year in anticipation of these shifts.  We have worked with all of our clients to position them for a smoother transition, but these changes will still be felt across the industry.

HIPAA audits will be more intense, probing deeper into data collection and protection.  None of this will be successful without knowing exactly where your vulnerabilities exist.  VRC is also proud to announce that we have matured and expanded our abilities to serve you in this complicated new landscape.  VRC is prepared and ready to guide you through this process.  Our Senior Auditor and vCISO, Bennie Cleveland, possesses a depth of experience you simply will not find with most compliance and cybersecurity auditing companies.  An online service alone cannot provide what you need to achieve success with these new mandates.

The time for thinking about your future compliance needs is over.  Now is the time for action.  This is what we mean by moving from paper to performance.

Artificial Intelligence

In partnership with

As if you do not have enough on your plate with major changes to HIPAA regarding the safeguarding of Protected Health Information (PHI) and new cybersecurity mandates, Artificial Intelligence (AI) kicks the complexity up several notches.  AI is now baked into just about everything: your desktops, laptops, mobile devices, and the platforms you use to run your business.

Before calling up Gemini, ChatGPT, or any other AI service and plugging in information, you must take a step back and ask yourself why you need this.  The reality is that whether you want to use AI or not, rapidly advancing technology has already taken that decision out of your hands.

Your next step is figuring out how to use AI as a powerful tool or even a "digital coworker" without sending your business and your livelihood down a rabbit hole of legal disasters.  This is where a solid AI Governance framework becomes essential.

What is AI Governance? It is a comprehensive compliance and cybersecurity framework built on the following principles:

• Secure (protected from misuse and attack)

• Accurate (outputs are reliable and validated)

• Compliant (aligned to regulations and standards)

• Ethical (used responsibly with human oversight)

• Accountable (clear ownership and decision traceability)

These areas of focus are defined by regulations that carry the force of law, and they become mandatory audit items in 2026.  It is important to remember that the HIPAA update coming this May will likely add legal teeth to these measures.  Putting this on the back burner is not an option.  Delaying action creates real exposure to legal penalties, ruins your company’s reputation, and destroys the trust your clients place in you.

Every company dealing with the areas outlined above must future-proof an AI Governance plan, but simply having it on paper will not be enough. VanRein Compliance has been developing AI Governance programs tailored for companies of all sizes. AI Governance is not a one-size-fits-all scenario, and you should not have to pay for something you do not need. You require an expert team with the experience to guide and coach you through this dynamic area of compliance.

Your AI Governance Checklist

• Accountability Structure: Establish clear oversight, responsibility, and policy controls.

• Risk Mitigation: Identify and neutralize AI-specific risks related to PHI, data quality, bias, and transparency.

• Data Protection: Implement strict security practices across all AI and machine learning workflows.

• Legal Alignment: Ensure total compliance with all defined federal and state laws.

VRC’s newly expanded commitment to your compliance and company success provides a level of service you simply will not find with other services or online vendors.  Risk is high; your stress level does not need to be.

It's decision time.  If you do not set the standard, you risk becoming the example.

Sponsor Spotlight

Master ChatGPT for Work Success

ChatGPT is revolutionizing how we work, but most people barely scratch the surface. Subscribe to Mindstream for free and unlock 5 essential resources including templates, workflows, and expert strategies for 2025. Whether you're writing emails, analyzing data, or streamlining tasks, this bundle shows you exactly how to save hours every week.

Subscribe for Your Free Bundle

Smarter news. Fewer yawns

Business news takes itself way too seriously.

Morning Brew doesn’t.

Morning Brew delivers a smart, skimmable email newsletter on the day’s must-know business news — plus games that make sticking around a little more fun. Think crosswords, quizzes, and quick breaks that turn staying informed into something you actually look forward to.

Join over 4 million professionals reading Morning Brew for free. And walk away knowing more than you did five minutes ago.

Try it out

Podcast Essentials

YOUR WEEKLY PODCAST FEATURE

Newsletter Features

COMPLIANCE DISCOVERIES

A VanRein Compliance Reminder