Premium Content

Access "SOX, HIPAA in a Nutshell"

Published: 17 Oct 2012

Reduced to their simplest terms, the two big compliance regulations, Sarbanes Oxley (SOX) and The Health Insurance Portability and Accountability Act (HIPAA), go something like this: SOX defines which business records a company must store and for how long. HIPAA states who can view stored data as well as when the data must be destroyed. From a storage perspective, the difference between SOX and HIPAA boils down to ensuring data permanence vs. data privacy, respectively. In other words, with SOX--as well as SEC 17a-4--a company must prove that its data has not been altered from the time it was stored to the time it was retrieved. Krish Padmanabhan, director of data protection and reference storage solutions at NetApp, puts it more bluntly: "The SEC doesn't give a rat's ass if you leak the information--you just can't modify it." Peter Gerr, analyst at Enterprise Storage Group, Milford, MA, points to write once, read many (WORM) media as the preferred choice for data permanence because it is inherently unalterable. HIPAA or Gramm-Leach-Bliley, meanwhile, fall ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside


More Premium Content Accessible For Free