Risk management and legal teams were heavily involved in ensuring that Baptist Health's purely electronic environment complied with major health care statutes such as the Health Insurance Portability and Accountability Act. "This was an effort that involved many task forces," Garcia says.

Along with task forces for ironing out initial compliance policies and practices, IT leaders strongly recommend designating officials and resources to make sure an enterprise stays within the parameters of applicable statutes.

"We have an executive vice president of risk management and an entire organization we partner with to make sure we comply with all of the regulations we face," says McCartin.

In the end, covering your bases and parlaying compliance into a boost for your company is the name of the game.

"We make sure the controls we put in place are designed in a way that makes them meaningful for our company," explains FHLBank's Naylor.