Home » Computers

Regulatory Data Compliance - How Does This Affect Your Company?

Mar 11, 2008
Over the past decade, significant legal requirements have evolved concerning an organization's digital data. Measures that initially applied only to major Fortune 500 corporations have now expanded to apply to any business with employees. The complexity of today's compliance framework has caused confusion about what is required. Many businesses are assuming a 'wait and see' stance or rationalize that 'this probably does not apply to me'. Indifference on taking action can become a damaging option.

Background for Compliance

Terrorist attacks, globalization, high-profile corporate scandals, and business-to-business online transactions have led to a dramatic rise in requirements to safeguard electronic customer data. Going beyond consumer protection, recent regulations (i.e. e-Discovery) are now requiring data retention and retrieval on messaging (email and instant messages). Frequently, blunt and unedited email and instant messages can become the smoking gun in litigation.

In order to become compliant, organizations must take several actions.

First is to design and implement comprehensive written information security policies for all staff.

Second is to deploy technical solutions that will maintain constant vigil on the data environment and notify of policy breaches.

Third is to monitor and enforce. If systems are implemented but review is not active, all efforts are lost. This also becomes precedent when court cases review a company's diligence in managing their environment.

The implications of non-compliance can range from hefty fines to potential prosecution and imprisonment of senior executives. The consequences are the same to a company that refuses to deliver or simply has not retained the data to produce. Over the past year there are several major court cases where failure to produce requested documents have rendered favorable awards to the plaintiffs, and in some cases fines were added.
High profile cases, such as Enron and WorldCom are weighty reminders that compliance and regulation are serious business issues.

What to Do?

So, what do organizations need to know to navigate the regulation matrix? More importantly, how can content security solutions help meet the compliance challenge?

The role of Content Security in Compliance is complex and wide-ranging. Regulatory compliance covers:

Privacy

Records retention and archiving

Monitoring of content for compliance

Recovery or discovery of information in response to litigation or court orders

From the Sarbanes-Oxley (SOX) Act to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), regulatory compliance requires vigilant content security policies for email and instant messaging, including archiving and encryption. SOX, for example, mandates that processes - including internal and external email - used to produce financial reports must be consistent, reliable, secure and accurate. Organizations, therefore, need to ensure that email systems are spam and virus- free, and that internal and externally shared data is secure. Protect, archive and retrieve. The SOX Act mandates that any email or IM included in the documented financial reporting process is retained for seven years. The challenge can be identifying the right messages to keep and finding them quickly and easily when required. Many businesses estimate that more than 50 percent of messages are not required for compliance purposes, but best practices are now saying to retain all messages.

SOX Does Not Apply to My Company

For those who may have decided that SOX or HIPPA does not apply to their business, e-Discovery (aka FRCP) will probably ensnare you. With a Supreme Court ruling in December, 2006, fundamentally any business that has employees is covered. The requirement is that all digital data (email, IM, documents) be retained for up to five years. Your specific industry compliance may add to this term, like NASD that requires seven years. In case of litigation, the plaintiff's counsel can request all data/messages on select time periods and personnel. Thirty days is the typical allowance to deliver all subpoenaed documents in a readable printed format.

Conclusion

Do you still feel that you may not be on the compliance list? Here is a list of current US regulations or agencies that can impact your business, depending on your industry and company structure.

FOIA- Freedom of Information Act
HIPPA
SEC
NASD
GLBA - Gramm-Leach-Bliley
SOX
FRCP/e-Discovery

Now you can see how broad this can become to decide if your business is required to meet compliance. Most companies fall under more than one regulation. The best course action is to decide that you are expected to comply. Most of the compliance measures have similar expectations - manage and retain you data environment.

We work with companies of all sizes to assure their data and messaging is in compliance. Our solutions are state of the art, quick to implement, cost effective and provide the comfort to know your data is secure. A phone discussion is a great way to assess your environment and what would be the best action plan. Visit our website www.enclavedata.com to learn more.

You have the responsibility to maintain your company's digital environment, with the right tools you can now also have the control to assure compliance and protect your company's assets.
About the Author
Dan Schutte is the President of http://enclavedata.com specializing in messaging security, content filtering, anti-spam software, email/IM archival and compliance. Visit our website http://www.enclavedata.com to read actual Case Studies of how companies have successfully protected their data.
Rating:
Please Rate:
(Average: Not rated)
Views: 151
Print Email Report Share
Article Categories
    • Artists
    • Gambling
    • Humanities
    • Humor
    • Movies
    • Music
    • Photography
    • Tattoos
    • Television
    • Classic Cars
    • Motorcycles
    • Recreational Vehicles
    • SUVs
    • Trucks
    • Vans
    • Branding
    • Business Opportunities
    • Careers and Jobs
    • Corporate
    • Customer Service
    • Direct Mail
    • Entrepreneurship
    • Ethics
    • Financing
    • Franchising
    • Home-Based Business
    • Human Resources
    • Import and Export
    • Leadership
    • Management
    • Market Research
    • Marketing and Advertising
    • Negotiation
    • Network Marketing
    • Networking
    • Organizational
    • Presentation
    • Project Management
    • Public Relations
    • Small Business
    • Strategic Planning
    • Team Building
    • Telemarketing
    • Training
    • Ask an Expert
    • College and University
    • Home Schooling
    • K-12
    • Languages
    • Online Education
    • Psychology
    • Accounting
    • Credit
    • Currency Trading
    • Debt Consolidation
    • Insurance
    • Investing
    • Leasing
    • Loans
    • Mortgage
    • Mutual Funds
    • Personal Finance
    • Stock Market
    • Structured Settlements
    • Taxes
    • Wealth Building
    • Coffee
    • Cooking
    • Gourmet
    • Recipes
    • Wine and Spirits
    • Acne
    • Aerobics
    • Alternative Medicine
    • Beauty
    • Cancer
    • Cosmetics
    • Depression
    • Diabetes
    • Diseases and Conditions
    • Fitness Equipment
    • Fitness
    • Hair Loss
    • Heart Disease
    • Medicine
    • Men's Health
    • Muscle Building
    • Nutrition
    • Skin Care
    • Supplements and Vitamins
    • Weight Loss
    • Women's Health
    • Yoga
    • Arts and Crafts
    • Babies
    • Collecting
    • Elderly Care
    • Genealogy
    • Hobbies
    • Parenting
    • Pets
    • Pregnancy
    • Woodworking
    • Feng Shui
    • Gardening
    • Home Appliances
    • Home Security
    • Interior Design
    • Landscaping
    • Affiliate Programs
    • Article Marketing
    • Auctions
    • Audio
    • Banner Advertising
    • Blogging
    • Broadband
    • Domain Names
    • E-Books
    • E-Commerce
    • Email Marketing
    • Ezines and Newsletters
    • Forums
    • Internet Marketing
    • Link Popularity
    • Pay-Per-Click
    • Podcasting
    • RSS
    • Search Engine Marketing
    • Search Engine Optimization
    • Security
    • Social Media
    • Spam
    • Video
    • Viral Marketing
    • Web Design
    • Web Development
    • Web Hosting
    • Copyright
    • Cyber Law
    • Intellectual Property
    • National, State, Local
    • Patents
    • Regulatory Compliance
    • Trademarks
    • Buying
    • Selling
    • Baseball
    • Basketball
    • Boating
    • Cycling
    • Extreme Sports
    • Fishing
    • Football
    • Golf
    • Hockey
    • Hunting
    • Martial Arts
    • Running
    • Scuba Diving
    • Soccer
    • Swimming
    • Tennis
    • Dating
    • Divorce
    • Marriage
    • Weddings
    • Astrology
    • Buddhism
    • Christianity
    • Faith
    • Hinduism
    • Islam
    • Judaism
    • Meditation
    • Metaphysical
    • New Age
    • Cable and Satellite TV
    • Cell Phones
    • Communication
    • Gadgets and Gizmos
    • GPS
    • Satellite Radio
    • Video Conferencing
    • VoIP
    • Addictions
    • Coaching
    • Goal Setting
    • Motivational
    • Stress Management
    • Time Management
    • Clothing
    • Electronics
    • Fashion
    • Gifts
    • Jewelry
    • Causes and Organizations
    • Environment
    • History
    • Holidays
    • Men's Issues
    • Nature
    • Philosophy
    • Politics
    • Women's Issues
    • World Affairs
    • Air Travel
    • Camping
    • Cruises
    • Destinations
    • Outdoors
    • Article Writing
    • Book Reviews
    • Copywriting
    • Fiction
    • Non-Fiction
    • Poetry
    • Quotes
    • Screenplay
    • Tools and Resources