Enterprise Content Management

ECM Software for the Content Creation Workflow.

Enterprise Content Management

For decades, Exela's ECM solutions have provided services and technological support for the content creation and digitization industry. With our enterprise content management system, we provide editing, publishing, and distribution services within the educational, professional, trade, consumer, and legal markets.

Our ECM software and content support services help our clients save time and money throughout the entire content creation workflow, including the editorial process and workflow management. Smooth out your content operations with ECM solutions like these:

Consistent accuracy and quality.

Reduced costs and time inefficiencies.

Reduced vendor dependency.

Content Conversion

Our content digitization services take in large volumes of materials from various sources and quickly produce high-quality documents in numerous formats. With process governance, support from industry experts, and research and citation linking, Exela provides comprehensive content conversion services across varied market segments.

Content Creation Support

Exela’s team of experienced writers and subject matter experts help you find dependable, scalable, innovative ways to create enhanced and interactive content tailored to specific audiences. We produce materials for a wide range of industries by analyzing various types of pre-existing content and producing high-quality, unique content ready for distribution.

Editorial Services

We provide true end-to-end editorial services including project management, pre-editing support, proofreading, copy editing, ASI-certified indexing and taxonomy, abstracting, and graphics work. We work with an XML-first composition workflow and high-quality graphics services to provide the highest level of editorial support.

Industry Credentials

What Rules Govern Your Enterprise’s Data Security?

Blog Image for Hero Section
Marketing
Blog Content

“Competitive advantage relies on keeping information (and processes) secure,” notes Mario Carneiro, Exela’s Manager of Data and Technical Security, so the first rule of data security is keep your data secure. That’s also the second rule of data security. That means doing whatever it takes to maintain the integrity of your systems and the data housed within.

Here’s why security is the transformation you should be talking about.

In addition, however, data security is governed by a complex web of laws, rules, regulations, and policies (for this purpose, we’ll refer to them collectively and individually as “rules”). The purpose of such rules is to prevent abuse of information to which an enterprise has access, Carneiro explains. Which rules apply depends upon the nature of the data being protected, the applicable industry, the unique characteristics of the company in question and even different departments within the company, and who and what has jurisdiction over the relevant company.

Many of the rules derive from statute (most of the acronyms you might be familiar with when it comes to rules refer to statutes), but some derive from common law (such as case law regarding privacy). Some of the rules (for example, rules arising under common law, the Data Privacy Act of 1974, and to some extent, HIPAA (The Health Insurance Portability and Accountability Act of 1996) pre-date the current data breach boom that began around 2005.

The following rules apply primarily to enterprises governed by the laws of the U.S. and the European Union. For enterprises governed by the laws of their nations still more rules will apply.

The National Institute of Standards and Technology

A number of rules are based on, and comply with, the guidelines and standards issued by the National Institute of Standards and Technology (NIST), a non-regulatory agency that is part of the United States Department of Commerce, whose mission is advancing security standards in the interest of promoting U.S. innovation and competition. These include:

  • FISMA - the U.S. Federal Information Security Management Act, which requires implementation of information security controls, including periodic risk assessments and security awareness training, in each case using a risk-based approach. FISMA applies to all federal government agencies, state agencies that administer federal programs, and private companies that support federal programs, sell services to the federal government, or receive federal grant money.
  • HIPAA, which imposes national standards for electronic health care transactions to guard the security and privacy of personal health information.
  • FedRAMP, which is a government-wide program that provides a standardized approach to cloud security.
  • HITRUST CSF – the HITRUST Common Security Framework, which is a set of standards put forth by a non-regulatory agency that nevertheless is intended to meet the requirements of multiple regulations and standards: which is a prescriptive set of controls that meet the requirements of multiple security rules, all pertaining to healthcare organizations and their business associates. HITRUST CSF is not only based on NIST, but compliance with it should ensure compliance with:
    • HIPAA (described above)
    • PCI DSS (Payment Card Industry Data Security Standard), which is a set of requirements for enhancing security of payment customer account data and is applicable to retailers, credit card companies, anyone handling credit card data.
    • ISO/IEC 27000-series (also known as the ‘ISMS Family of Standards’ or ‘ISO27K’ for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and provides best practice recommendations on the management of data security risks through data security controls.

Other rules

  • GLBA - the Gramm-Leach-Bliley Act of 1999 (also known as the Financial Modernization Act of 1999), which aims to protect consumers’ personal financial information held by financial institutions, and is applicable to financial institutions and companies providing financial products and services to consumers.
  • VA 6500 – information security standards in connection with information stored in or accessible by the Veterans Administration. Security standards in connection with the Veterans Administration.
  • IRS 1075 - encryption requirements for Federal Tax Information.
  • EFTA – The Electronic Fund Transfer Act, dating back to 1978, protects consumers engaging in electronic fund transfers from errors and fraud and applies to financial institutions that hold consumer accounts or provide electronic fund transfer services, as well as to merchants and other payees.
  • FACTA - The Fair and Accurate Credit Transaction Act, enacted in 2003, amends the Fair Credit Reporting Act to help consumers avoid identity theft. It applies to financial institutions, credit bureaus, credit reporting agencies, any business using a consumer report, and any business that collects payments.
  • GDPR – The General Data Protection Regulation consists of data security rules applicable to the U.K. and the E.U., and it dovetails with the Privacy Shield Framework with regard to transferring GDPR- governed data to the U.S.
  • Directive (E.U.) 2016/1148 of the European Parliament and of the Council of 6 July 2016, concerning measures for a “high common level of security of network and information systems across the Union.”
  • Privacy and Electronic Communications Directive 2002/58/EC on Privacy and Electronic Communications (also known as the ePrivacy Directive, or ePD), which is an E.U. directive on EU data protection and privacy, which is currently in the process of being updated and aligned with the GDPR.
  • FERPA – The Family Educational Rights and Privacy Act protects the privacy of student education records and applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

How to know which rule(s) apply to your enterprise

It’s not always obvious which rules might apply to your particular enterprise, and it gets even more complicated when you’re a global provider of services across multiple industries like Exela is. Accordingly, it’s always advisable to either have a compliance expert on staff or to have one with whom you consult regularly, not just on compliance but on record-keeping with regard to such compliance. As alluded to in here, that’s something you should be thinking about as part of your data security best practices. In addition, please be aware that Exela offers solutions to help keep you in compliance.

In the weeks ahead, we’ll be diving in to explore how system and data security dovetail with data privacy and all the laws and regulations with which your digital transformation provider should be compliant. We’ll also explore those security matters you’ll want to consider when choosing your digital transformation partner. If you missed the earlier posts in this series on cyber security, you can catch up here on:

Gotta read it all now? You can download the entire series as a flipping-book here.

In the future, be sure to subscribe to Exela’s quarterly thought leadership publication, PluggedIN for up-to-the-minute news and views on topics that matter to you.

Author Name
Lauren Cahn
Date
Hashtag(s)

Book Publication in Health Sciences

Case Study Featured Content

How a Leading Publisher Engaged Exela for End-to-End Book Production

Case Study Image for Hero Section
Media & Publishing
Features & Benefits
CHALLENGE:

A leading publisher in the health sciences and medical field needed a publishing partner that could manage the full book publishing lifecycle. This included: composition, copyediting, style conversion, photo and illustration alterations and rendering, proofreading, indexing, format conversion, content accessibility, supplementary material development, and project management.

The central challenges involved were a product of the broad scope of the project, a heavy focus on the quality of the output, and a request for quick turnaround. The copyedited manuscript provided by the customer did not define styles for the respective content. Identifying and mapping the styles in the document with the appropriate styles per the InDesign style sheet was an additional challenge. Some entities in the document were not ASCII and, hence, were not recognized by InDesign.

SOLUTION:

In order to fulfill the request, Exela developed an in-house tool for image placement and applying styles. The tool was used alongside the contributions of Exela’s subject experts and editors, who provided the Alt-text for non-text components. The tool helped scale up the workflow and shorten the expected schedule, while still ensuring that the output quality remained at, or above, the agreed upon level. Exela also provided illustration services that encompassed alterations to the existing illustrations and rendering of new art.

In most cases, multiple images had to be used during the automated insertion process, in accordance with the callouts. The tool Exela built helped manage multiple image placements and images in many different formats. In the end, the work was completed in a timely fashion and the output was of exceptional quality. The tool Exela developed has since been available to assist with related projects, regardless of format, size, scope, and content.

BENEFITS:
  • Image placement was sped up from 100 images per hour to 600 images per hour, for a 500% improvement in productivity
  • Word to style conversion was increased from 10 pages per hour to 27 pages per hour, for a 170% increase in productivity
  • EPUB conversion automation requires minimal intervention
  • Reduced time to market
  • Excellent quality
  • Significantly lowered cost
Hashtag(s)

Manufacturing Company Goes Paperless

Case Study Featured Content

A North American manufacturing company digitizes and automates their AP process

Case Study Image for Hero Section
Digital Mailroom
Features & Benefits
CHALLENGE:

Prior to an upgrade of the customer’s existing SAP ERP platform, invoices and payments were processed manually. Under this inefficient manual system, analysts were spending valuable time on phone calls, sending emails, confirming receipts, researching missing data, and routing paper to and from vendors – all of which had been negatively affecting payment cycle times. The SAP ERP upgrade provided both EDI and imaging capabilities, so the customer elected to transition to paperless processing. The move to a paperless AP environment would involve approximately 1,800 active vendors and affect PO and non-PO invoice processing. The customer tasked Exela with developing a solution that would automate invoice processing through a digital vendor portal, while meeting the following objectives: improve supplier satisfaction by providing easy access for self-service, reduce internal manpower cost, reduce paper submissions, and transition approximately 1,800 active vendors to the self-service web portal.

SOLUTION:

Due to the complex nature of the customer’s environment, Exela recommended a transition plan divided into multiple phases with the first two phases focusing on the most critical aspects of the solutions, PO invoices and non-PO invoices. Once the first phase was underway, invoice mail and supported documents, faxes, and emails were routed to Exela’s Troy, Michigan facility for processing. Exela provided the capturing, validating, and processing of imaged data for use in the new environment.

One of the key challenges of the launch was getting vendors to buy-in to the self-service portal. In addition to sending out notices and adding portal information to internal documents, AP analysts were challenged to encourage widespread adoption. The customer set recruiting goals for analysts, offering prizes to top recruiters who hit major milestones, such as being first to get 100 vendors signed on. Group progress was shared during weekly meetings, creating a competitive atmosphere.

Saving time for both internal customers and suppliers was a primary goal in developing the digital vendor portal. A snapshot dashboard was developed displaying the status of multiple invoices on a single screen, which made it easy to track payments by vendor ID, invoice dates, amounts, clearing information and other data, and all data was available for export to PDF, Excel and Word file formats. The dashboard enables suppliers to easily view status as well as confirmation of what invoices were in the system.

BENEFITS:
  • Easy to use system resulting in quick adoption and improved vendor satisfaction
  • Improved payment accuracy and timeliness
  • Overall streamlining of AP operations led to a reduction of 22 FTE’s
  • Enhanced reporting and tracking providing a 360 view of the invoice pipeline
  • 95% AP invoice automation from a single digital portal from ingestion to authorization
<-----------LinkedIn Insight Tag----------------->