Rincon India Solutions Pvt. Ltd.

Blog

  • Reblog: 3 Major Data Security Risks Every Business Should Know About

    Let’s face it – regardless of size and industry, the success of any organization relies on sensitive data. In 2016, news and media outlets were flooded with stories about cyber attacks – from the personal records of nearly 30,000 FBI and Department of Homeland Security workers’ personal records getting hacked, to dozens of celebrities’ private photos being leaked online. Terms like data security and cybersecurity that were once reserved for IT and security professionals became household names. Just last month, what’s considered to be the biggest ransomware attack in history hit tens of thousands of computers all over the world, disrupting businesses of all sizes.

    With a growing public awareness of the data security risks organizations are faced with, companies of all sizes are under more pressure than ever to keep operations running smoothly without any interruptions from cyber attacks and other data security incidents.

    The truth is that when organizations lose sensitive data, they face an extensive list of liabilities. Costs associated with data breaches can include reimbursement to customers, data recovery fees, and even worse – legal fines. Perhaps the worst consequence of a data breach is that it damages an organization’s reputation. Research conducted by Unisys Corporation revealed that the majority of people would not only lose faith in an organization in the event of a data breach, they’d stop doing business with them altogether. Who can blame them? When cyber attacks and other types of data breaches occur, it’s the public’s health records, credit card numbers, and more that are at stake. Let’s take a look at some of the most prevalent data security risks affecting businesses in 2017, and examine a few ways that organizations can fight back and take their data security to the next level.

    1. Employees Don’t Know How to Protect Data

    Up until recently, security skills in the workplace wasn’t a topic of discussion, much less part of a standard employee training regimen. Most people just assume that their organization’s IT department has the whole “data security” thing covered. It’s safe to assume that unless we work for a company specializing in IT security, the average worker goes about their day handling and sending sensitive data without thinking about hackers or data loss. It’s actually the lack of security awareness and skills that makes organizations an easier target for hackers or disgruntled employees who have access to networks and admin accounts.

    When organizations implement an information security and risk management (ISRM) strategy, it raises awareness and helps everyone to do their part. An ISRM strategy will look different from organization to organization, but a solid internal strategy involves identifying vulnerabilities and putting a few best practices in place. For example:

    Mandatory compliance training for all employees in environments where protected health information (PHI) and personally identifiable information (PII) changes hands regularly. That’s right; not just doctors, administrators, mortgage brokers, and account managers – all employees.

    Training sessions that teach employees best practices such as managing passwords for various devices, locking workstation screens when leaving your desk, the proper handling/destroying of paper documents, or any other small actions that make a big difference when it comes to keeping sensitive data protected.

    Internal vulnerabilities are one of the biggest threats facing sensitive data, and security training and skills growth in the workplace must be ongoing if organizations want to reduce the risk of data breaches.

    2. Fax Machines aren’t Secure Enough to Protect your Data

    When most people hear the word fax, they picture a bulky, outdated technology, but the truth is that many organizations – from schools to healthcare clinics and government offices – use it on a daily basis. Fax technology has certainly come a long way, with organizations now able to send and receive faxes on multifunction printers (MFPs) that also serve as scanners, printers, etc. But even though faxing as we know it has evolved quite a bit, it still relies on physical machines to transmit sensitive data.

    Fax machines, in any shape or form, require physical maintenance and are subject to human error. In larger organizations, entire departments may be working off a single centralized machine in order to send and receive important data. Not only does this bottleneck the workflow, it increases the likelihood that sensitive documents are left lying around in the open. Now take this likelihood and imagine the risk involved when two or more organizations send each other data via fax. Even if you can be sure that all of your organization’s physical, network, and process security measures are in place, can you say the same about your recipients? Certain regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) that set the standard for protecting sensitive data in healthcare, require that subcontractors and business associates must also be in compliance.

    Increasingly, organizations of all sizes are choosing to transition over to cloud faxing solutions. When you fax online using software that communicates with fax machines, MFPs, and also faxes directly to a recipient’s email, you ensure that faxes get exactly where they need to go. You eliminate much of the risk associated with paper documents lying around and falling into the wrong hands. As an important bonus, cloud fax solutions are built with the robust security features that help organizations maintain HIPAA compliance or meet many other industry regulations that may apply.

    3. Email Isn’t as Secure as you Think

    It’s no secret that email is the most prevalent method of communication used in business today. Thanks to the internet, we are sharing more than ever, making email an inexpensive and highly effective business tool. It’s so prevalent that for many of us, “catching up on emails” can become a challenge on any work day, no matter which industry we may work in.

    Some practices rely solely on email to send and receive sensitive data. Email is used all the time to send sensitive information like purchase orders, patient information, debit receipts – and the list goes on. Email is also readily available on mobile devices, making it a more accessible tool than ever. While email is rapid, effective, and universally used, it is inherently non-secure. This might best be summed up in an article from Digital Trends:

    “Email isn’t secure because it was never meant to be the center of our digital lives. It was developed when the Internet was a much smaller place to standardize simple store-and-forward messaging between people using different kinds of computers. Email was all transferred completely in the open – everything was readable by anyone who could watch network traffic or access accounts (originally not even passwords were encrypted). Amazingly, email sent using those wide-open methods still (mostly) works.” Read the full article here.

    With this in mind, IT professionals work hard to protect communications from within their organizational infrastructures. One of the best ways to do this is by using encryption, which scrambles email content until its unlocked by a recipient. Encryption can be done on the level of servers, networks, and individual messages. The downside of encryption is similar to security issue when using traditional fax: efforts might be made on your organization’s end to keep data secure, but can you be sure about your recipients? Since most people on the workforce manage dozens if not hundreds of email contacts, the answer is probably not.

    A secure file exchange solution offers a basic way to get sensitive files where they need to go while protecting their confidentiality and availability. Secure file exchange platforms that integrate with your email are an easy-to-use alternative for sending sensitive data. Some use double encryption, which requires recipients to use a key that’s generated when a transfer is initiated as an additional security measure. While designed to be user-friendly, the right secure file exchange platform will also come with plenty of advanced management, auditing and security features so that administrators can customize it to their organization’s specific needs.

    The original article can be found here.

    Looking for a secure file transfer solution that will help your organization save time and money while keeping you in regulatory compliance? Contact us: sales@rincon.co.in

  • Reblog: Ensure your faxing processes are in compliance with Basel II and III

    The following article is the last one of a series of three about how the fax can help financial organizations to meet their legal obligations.

    This text covers the Basel Accords which are recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision, a committee of banking supervisory authorities established by the central bank governors of the Group of ten countries in 1974. It provides a forum for regular cooperation on banking supervisory matters. Its objective is to enhance understanding of key supervisory issues and improve the quality of banking supervision worldwide.

    BASEL II AND III

    The Basel II Accord consists of recommendations on banking laws and regulations issued by the Basel Committee on Banking Supervision. Although the accord deals with a range of risks, including market and credit risk, its requirements dealing with operational risk will most interest and affect information security professionals and IT departments in the financial sector. The Basel II accord states that operational risk is “the risk of direct or indirect loss resulting from inadequate or failed internal processes, people, and systems or from external events.”

    Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk agreed upon by the members of the Basel Committee on Banking Supervision. The third instalment of the Basel Accords was developed in response to the deficiencies in financial regulation revealed by the financial crisis in the late 2000s. Basel III strengthens bank capital requirements and introduces new regulatory requirements on bank liquidity and bank leverage.

    How XMediusFAX® helps achieve Basel II and III compliance standards

    The XMedius cloud platform is ISO 27001 certified, which provides a system of control that meets the Basel Accords. This system of control includes:

    • Information security and privacy policies that align with ISO 27001
    • Statement of Applicability mapping all ISO 27001 requirements to existing controls
    • Audit planning. We produce audit assertions in conformance with ISO 27001, and we conduct internal and external auditing
    • Periodic information Security training of all XMedius employees and Compliance audits to validate that employees understand and follow the established policies
    • Contact with industry groups and professional services related to security

    In short, XMediusFAX® offers a level of security and protection that very few fax cloud providers can match. Our clients operate across regulated industries and require an enterprise-grade faxing solution to achieve the highest security standards. XMediusFAX® is that solution.

    The original article can be found here.

    To learn more contact us sales@rincon.co.in

  • Wireless Nurse Call System -Advantages for Patients and Staff

    Rincon brings to you Wireless Nurse Call Systems made by Medicare of UK. Whether your facilities are large or small, the wireless nurse call system will fulfil your needs. Some of the advantages of deploying a wireless nurse call system are described below.

    Wireless Nurse Call System Advantages:

    • Compatibility: One of the wireless nurse call system advantages is its compatibility. Whether you are looking to purchase the whole updated system or pieces to replace parts of an old system, our wireless nurse call system benefits are widespread enough to every need.
    • Easy of installation: Another of the many wireless nurse call system advantages is that the nurse call points and stations are simple to install at any desired location. The wireless characteristic of our system cuts out installation fees, and the pre-programming can be done easily and quickly. Patients can be assured of their safety anywhere, including showers and bathrooms.
    • Affordable, Convenient, Dependable: Along with the other wireless nurse call advantages, other noteworthy characteristics of the system include the affordability, convenience, and dependability of the system. We strive to offer you the best quality of our wireless nurse call system at a price you can afford. Noisy pagers will no longer be necessary thanks to the discreet calls this system can send straight to the nurse call stations.
    • Feature Packed: The wireless nurse call system benefits also include many widespread characteristics. A few of these characteristics include ranking calls in order of importance, compatibility with Windows 10, and alarm reset options.

    Take advantage of the numerous wireless nurse call system benefits today, and contact us on sales@rincon.co.in with any questions.

  • Reblog: Ensure your faxing processes are in compliance with Gramm-Leach-Bliley Act

    The Financial Services Modernization Act, better known as the Gramm-Leach-Bliley Act (GLBA) requires financial institutions to develop, implement, and maintain a comprehensive written information security program that protects the privacy and integrity of customer records. GLBA compliance mandates emphasize the need for each institution to adopt a proactive information security and technology risk management capability. By doing so, your institution can protect information, applications, databases, and the network as part of a comprehensive information security program.

    GLBA applies to all banks, credit reporting agencies, security companies, tax preparation companies, real estate settlement service companies, debt collectors, insurance companies and those doing business with said companies.

    Protecting customer data relies on more than simple password-protection or encrypting the data itself. It should also involve:

    • Network security controls
    • External or remote security measures
    • Security policies and procedures
    • Physical security of IT assets
    • Physical security of hard copy documentation
    • Incident response procedures
    • User education and awareness
    • Disaster recovery and business continuity plans

    How XMediusFAX® helps achieve GLBA compliance standards

    XMediusFAX® adheres to GLBA by ensuring the existence of security policies and procedures, as well as disaster recovery and business continuity plans. All employees and support staff are trained internally to be fully aware of the necessary procedures.

    In addition to offering strict guidelines on network security controls such as firewalls, intrusion detection systems (IDS) and other information security measures, XMediusFAX® physically protects customer data by making sure that only those who are authorized and have a need to access the data are able to do so.

    Aside from incorporating security controls and procedures, XMediusFAX® performs internal IT audits and periodic ISMS audits to comply with security policies.

    The ISO 27001 certification of the XMedius cloud platform provides a system of control that meets GLBA requirements. XMedius has implemented the strict physical, organizational and technical safeguards necessary to protect the confidentiality and integrity of the information being processed.

    In short, XMediusFAX® offers a level of security and protection that very few fax cloud providers can match. Our clients operate across regulated industries and require an enterprise-grade faxing solution to achieve the highest security standards. XMediusFAX® is that solution.

    The original article can be found here.

    To learn more contact us sales@rincon.co.in

  • Reblog: The Benefit of Nurse Call Systems

    Wireless paging systems have made communication so much easier in a variety of industries but most especially in the hospital setting. In a place where mere seconds could mean the difference between life and death, having a reliable communications system in place is invaluable. The use of nurse call systems extends beyond the hospital environment also. These wireless systems can be used anywhere that there is an ill-stricken or elderly patient who needs constant monitoring. The benefits of having nurse call systems in place are numerous. Let’s take a further look at these benefits.

    The discreet nature of nurse call systems means that patients get help with minimal attention drawn to them. Communication between staff is also low key which aids in keeping the nurse call systems environment calm and quiet. The nurse’s call button can also be used to call other staff to a room if added help is needed with a patient, thereby not leaving the patient’s side in a time of need.

    Having the room and bed number come up, allows for the staff on duty to be able to go directly to the patient in need and not waste time looking around for the patient in question. This time-saving factor allows them to have more time to concentrate on paperwork and check-ups and only being called when needed. Nurses also have the opportunity to be a little more rested and less stressed allowing for better work output. Emergency doctors wearing the wrist watch receiver can proceed directly to a patient in distress instead of first having to check in at the nurse’s station.

    A nurse call system comes with software that records response times. This can be used by management to keep an eye on staff members and ensure that they have a rapid response to calls.

    Wireless nurse call systems are very cost effective to implement into any medical setting or home environment. In addition, maintenance is not needed very often.

    Completely wireless nurse call buttons mean that there are no unsightly wires hanging about, nor will there be any need to panic if any remodelling needs to be done in the future.

    It is simple to use. The patient and caregiver will each have access to their own call buttons. For patients, this could be a small button device placed next to the bedside or a lanyard which can be worn around the neck. Anytime help is needed, the button would simply have to be pressed to alert the caregiver or nurse. On the caregiver’s side, there is the option to wear the wrist watch or have the alert come through on a display monitor. This way, help is given when it is needed, and there is no need to constantly hover over the patient. In retirement homes, nurse call systems can be used even if patrons have no medical emergency. Each person here would get their own call button to keep on their person at all times, allowing for independence with round the clock assistance whenever needed.

    The original article can be found here.

    To learn more about Nurse Call Systems, contact us on sales@rincon.co.in

  • Reblog: How financial institutions can easily comply with the SOX Act

    The following article is the first one of a series of three about how the fax can help financial organizations to meet their legal obligations. This first text covers Sarbanes-Oxley, a legislation passed by the U.S. Congress to protect shareholders like you and me.

    Despite what people might think, the fax is still an essential communication tool in the financial sector. From banks and insurance companies to investment management and advisory firms, financial service organizations share high volumes of sensitive data. Document transactions are part of complex workflows and information is manipulated by numerous people in different geographic locations, demanding anytime/anywhere access.

    Finance-driven documents

    • Credit applications
    • Financial reports and statements
    • Fund transfers
    • Invoices
    • Loan approvals and denials
    • Mortgage documents
    • Trade confirmations
    • Regulatory disclosures and information
    • Securities reports

    Decision makers are continuously seeking better ways to keep their IT infrastructure costs and operational risks under control while addressing security concerns and complying with stringent industry regulations. Many firms recognize the advantages of moving to the cloud in order to reduce costs, but are rightly concerned about the security of their confidential information.

    The transmission of information by fax remains a critical component of an information system. Choosing a fax provider with a proven track record and demonstrated expertise in developing enterprise-class cloud fax services is of paramount importance.

    SARBANES-OXLEY

    Sarbanes-Oxley (SOX) was implemented in 2002 and legislates how business records are protected and preserved to prevent destruction and corruption. SOX has also set e-records management standards to which all businesses should adhere. SOX mandates that all electronic records (including faxes), be retained for a period of seven years. Furthermore, it requires tamper-proof resources to prevent the corruption and modification of records. This rule is designed to protect investors from fraudulent activity and to safeguard financial data.

    Entities subject to SOX compliance include all US-based publicly traded companies and international companies that have registered equity or debt securities with the Securities and Exchange Commission. Accounting firms that provide auditing services to the above entities are also subject to SOX compliance.

    How XMediusFAX® helps achieve SOX compliance standards

    • Offers secure and real-time fax transmission
    • Faxes are sent and received directly from any application to the intended recipient’s fax number, with notification of receipt and routing of incoming faxes to intended recipients’ email inboxes, network folders or secure printers.
    • Provides a centralized solution – XMediusFAX® allows for secure integration with corporate systems such as ERP, Document Management, Archiving, and virtually any other 3rd party network application to enable inbound and outbound document delivery via fax, email or the Internet.
    • Maintains electronic storage and an audit trail of fax transmission logs
    • XMediusFAX® can be configured to store all incoming and outgoing faxes electronically in a secure cloud-based storage environment, or on a network archiving system or database. It also allows users and administrators to track fax history and verify fax delivery.

    Along with the ability to set up notifications for deliveries and receipts, a complete audit trail of fax activity is also provided.

    XMediusFAX® is ISO 27001 certified for its Information Security Management System (ISMS). The infrastructure supporting the XMediusFAX® service meets the rigorous physical, technical, administrative, processes and management controls required to achieve the highest security standard. ISO 27001:2013 can therefore be used to help verify SOX compliance.

    In short, XMediusFAX® offers a level of security and protection that very few fax cloud providers can match. Clients operate across regulated industries and require an enterprise-grade faxing solution to achieve the highest security standards. XMediusFAX® is that solution.

    Discover how XMedius helped KPMG Australia to reach a higher level of security while reducing their costs associated with faxing: https://www.xmedius.com/en/industries/finance/

    The original article can be found here.

    To learn more contact us sales@rincon.co.in

  • Repost: Government de-licenses the use of very low frequency bands for the automotive industry

    MUMBAI: The government has de-licensed certain very low-frequency bands for the automotive industry, a decision that could help in making connected and safer vehicles in a country where more than 1.4 lakh people die every year in road accidents.

    Car makers can use this frequency through a radar-based system and offer advanced driver assistance features like blind spot monitoring, adaptive cruise control and lane departure warning.

    These features are already available in advanced markets. According to a notification dated September 16, issued by the wireless planning and coordination wing of the Ministry of Communication and Information Technology, the government has de-licenced use of devices or wireless microphones in the frequency bands of 36-38 MHz, 433-434.79 MHz, 302-351 kHz and 76-77 GHz.

    The move will not only help car manufacturers to improve the safety features of their projects in India, but also boost exports from the country to Europe, Japan and the US, where these features are standard. The likes of Ford, Volkswagen, Hyundai and Nissan export 30-50% of the cars they produce in India, including to Europe.

    In the absence of low-power frequencies, car makers in India could not test or install these safety features in cars meant for exports, people in the know said. In fact, some luxury-car makers had to spend money on de-activating those safety features in India. The frequency band was released after continuous dialogues among the Society of Indian Automobile Manufacturers Association (SIAM), car maker Maruti Suzuki, component manufacturer Bosch and the ministry over six to 12 months. The ministry de-licenced the band after all its concerns were addressed by the automakers.

    “This will enable us to capture export opportunities, particularly in advanced markets,” a Maruti spokesperson said. “This is truly using technology as an enabler for ‘Make in India for the World’.

    The entire Indian auto industry stands to benefit from this move.” Maruti, which was pushing for releasing the frequency, should be the biggest beneficiary as it intends to use the bands for the testing and installation of Autonomous Emergency Braking System (AEBS) in its upcoming premium hatchback Baleno, which will be exported to Europe and Japan.

    AEBS is a low-power radar-based system which detects obstacles and applies brake in emergency situations. Fitment of AEBS in passenger cars will be a required feature for better rating in the European New Car Assessment Programme and it is difficult to sell a car in that market without this system. It uses short-distance (160 m), low-power (55 dBm max) radar operating in the 76-77 GHz band.

    The original article appeared in the Economic Times and is written by Ketan Thakkar and Maulik Vyas. It is available here.

    The purpose of this article is to show that the frequency band 433 – 434.79 MHz is open now. This is the band used by Medicare Nurse Call Systems too.

    To learn more, contact us on sales@rincon.co.in

  • Repost: 5 Typical Examples of Video Conferencing in Different Fields

    As an effective collaboration tool, video conferencing is becoming more and more important for businesses of all types and sizes. Generally speaking, video conferencing can be used to host video meetings, online training, webinars and video presentations in various industries such as enterprise, government, education, training, healthcare, law, finance, military and etc. Here we will fully illustrate five typical examples of video conferencing in different fields, especially in business, education, healthcare, training and court.

    1. Example of video conferencing in business

    A large enterprise has established many offices in more than ten different countries all over the globe. It will be difficult for the company’s decision-maker to quickly inform the managers in dispersed offices the important decision simultaneously. By implementing a video conferencing solution, the enterprise can easily host a virtual video meeting. Participants can also express their ideas during the conference. Hence, it makes the face-to-face communication more productive and efficient.

    2. Example of video conferencing in education

    A famous university has set up some adult education courses and wants to permit remote students to positively take part in the class activities. In order to solve this problem, the university has adopted the advanced video conferencing tool. It thus has improved the access for distance learning and the whole education process. By doing so, students can not only hear the lecture, but also clearly see what’s happening in the classroom. Then they also have chances to engage in the activities.

    3. Example of video conferencing in healthcare

    Hospitals are obviously vital to patients, so it is necessary for hospitals or other healthcare institutions to upgrade its medical equipment with new technology such as video conferencing. A London hospital has utilized video conferencing system which makes it possible for medical specialists to make remote diagnosis of serious illness from patients in different locations. Video conferencing in healthcare thus breaks the space barriers and provides more convenient for patients around the world.

    4. Example of video conferencing in training

    A major training institution plans to conduct a large training course, but some of trainees cannot come for some reason. The training course can’t be terminated or rescheduled for the small part of people. On this occasion, the training institution has employed a video conferencing solution. So those who can’t come to the site can also have an online training. Besides, the recording feature of video conferencing software enables them to replay the whole course later.

    5. Example of video conferencing in court

    Apart from the application of video conferencing in business, education, healthcare and training, video conferencing can also be used in court. For instance, in a big criminal case, an important witness won’t want to present personally in the Virginia court for this or that reason some reason. Such as fearing of testifying in the court, concerning about personal security, worrying about privacy exposure, or just because of geographical restrictions. Under such circumstance, the Virginia court has installed video conferencing system, which makes the witness virtually present in the court and guarantees the trial process done as scheduled.

    The above are just five typical video conferencing examples used in business, education, healthcare, training and court, respectively. And of course, there are far more real-life examples. When you select a right video conferencing tool and start to use it for your business, you will definitely find that the benefits and advantages of video conferencing is beyond your imagination.

    The original article can be found here.

    To learn more contact us sales@rincon.co.in

  • Reblog: Non Compliance is Like Driving without Insurance

    Staying Compliant helps companies avoid risks like

    • Imprisonment of Directors
    • Heavy Fines
    • Loss of Business Reputation
    • Cancellation of Licenses/Registration
    • High Litigation Costs

    It is better for companies to understand the risks associated with non-compliance with various statutory and regulatory compliance. Depending on the type of business and geographical presence there are various types of compliance responsibilities that companies are required to fulfil. Some of these responsibilities are periodic and involve activities like filing of returns, statutory payments, maintenance of registers etc.

    Many of the responsibilities are conditional or event based. Events like employee on boarding, exit, accident or death require various types of compliance tasks under several labour laws. Similar under Companies Act, many compliance responsibilities are triggered based on the changes of the shareholding pattern or directorship.

    The common compliance responsibilities are something that every HR, finance or Compliance department would typically track regularly. Conditional or typical event based compliance becomes challenging for the companies and require expert advise. Regular changes to the compliance requirements is another challenge for the companies.

    Most HR, finance or Compliance department use services of various agencies along with some in house expertise in order to stay compliant and keep companies safe from the risks of non-compliance. A major headache remains trying to keep all the documentation in place for easy retrieval during an inspection or an audit. Tax related compliance documents can be downloaded from income tax website but the labour law compliance documents cannot be stored or retrieved from government sites. Producing documentation hence becomes a major risk as lack of evidence is akin to non-compliance and attrition in the HR department leads to risk of losing these crucial documentation.

    One solution to avoid these risks is to have a compliance solution in place that can help verify whether all compliance activities are timely completed. The solution also helps track and identify gaps in compliance if any. Online documentation is another major benefit of having compliance solution in place.

    The original article can be found here.

    To learn more, contact us on sales@rincon.co.in

  • Repost: GST may add to India Inc’s documentation burden

    India gears up for GST to be rolled out from July 1. However, have we thought of the documentation needed for compliance? Here is an interesting article.

    Industry is worried it might face increased compliance burden due to rules under the proposed goods and services tax (GST) regime.

    Companies would have to upload three returns every month – by the 10th, 15th and 20th of the month after a sale happens, said M S Mani, senior director, indirect tax, Deloitte.

    According to rules on returns, companies would have to submit details of its supplies or invoices by the 10th of the subsequent month. They have to upload details of purchases of inputs by the 15th of the subsequent month.

    GST returns, carrying details of taxes paid and input credit taken, have to be filed by the 20th of the next month, said Mani. Besides, by the next year-end, companies would have to upload annual returns as well.

    This would burden industry with too much compliance. Service companies such as Infosys, Tata Consultancy Services (TCS) and Airtel, among others, would be particularly hit.

    Service providers would have to file 37 returns each a year, said Mani, from two returns – one every six months – now.

    Besides, service tax is a central duty. So service providers do not have to file returns in each of the state where they have offices. This will, however, change under the GST regime and they would have to file 37 returns for each state they have an office in, besides the central government.

    Currently, goods companies, on their part, have to file returns every month for value-added tax (VAT) and excise duties.

    The GST Council is to discuss pending rules and changes to the already approved norms this month-end. The Council will work out rules on composition, valuation, input tax credit and transitions on March 31.

    It has already approved rules on refunds, invoices, returns, payments and registration. The government had made public rules on five categories before taking these to the Council. But it would not do so in case of pending rules, said officials.

    Industry is worried that online marketplace players such as Flipkart and Amazon will have to pay up to one per cent tax collected at source (TCS) – rules for which have not yet come — on behalf of vendors and this would add too much procedural work.

    S S Gupta of Taxmann said these marketplaces have thousands of vendors and to exactly match TCS of each would be extremely difficult. If anything goes wrong while matching, the input credit would go to another and the vendor would be asked to pay more, he said.

    If a customer returns a product purchased via an online marketplace, it will take time to reach the supplier. By then, TCS might have been paid by the online company. If that vendor does not supply to the online company again, the marketplace would have to bear the burden, explained Gupta.

    Though a cap on TCS has been reduced from two per cent in draft GST Bills to one per cent in the revised drafts approved by the Council, the tax is not aimed at revenue generation but to keep a track of vendors by the tax authorities.

    The government’s logic has been that as it can’t go after every vendor, it would ask the marketplace to deduct TCS. Keeping track of the vendors and not revenues was the concern here, said the expert with Taxmann.

    Mani said the government was basically burdening industry with compliance, even in areas where the authorities should take the responsibility.

    The other issue relates to input tax credit, rules on which are yet to come. However, rules would not contradict the Bills. A buyer would not get input tax credit unless the supplier concerned paid tax. In state-level VAT, input tax credit would be given as soon as the invoice was uploaded, he added.

    Archit Gupta, founder & chief executive officer of ClearTax.com, said there might be issues around pre-existing VAT credit in the earlier regime when these goods are exempted in GST. “So we hope this is covered under the inputs credit and transition rules.”

    For a truly unified structure, he said, the government must focus on greater fungibility of credit.

    “Exempted excise manufacturers and exempted VAT manufactures may have to face GST rates and taxes, and most of these are state-specific exemptions. So it needs to be seen how these concerns can be uniformly addressed,” added Gupta.

    The Council has cleared all GST Bills and most of these will go to the Cabinet and be tabled in Parliament. Similarly, state GST Bills will be moved to the respective state Cabinets and Assemblies. Only rules and item-wise rates have to be decided.

    While we would have electronic filing, we still have to maintain the pdf files for records. Do give a thought to managing so many files which may be pdfs or maybe hard copy. A Document Management System can help overcome these challenges. Contact sales@rincon.co.in on how we can help achieve your goals and overcome your obstacles.

    The original article appears on rediff.com and is available here