Are you ready for new compliance rules? - Storage Technology Magazine - Page 1

Are you ready for new compliance rules?

Most compliance regulations stress that organizations have well-documented processes for storing and retrieving company records. Technology can help, but it's only part of the solution.


Selecting a storage product to improve your organization's compliance is like putting the cart before the horse. Before you evaluate products, you need to understand the business requirements and objectives of managing your data; the types of data your compliance program must address; and the legal, regulatory and business requirements for storing, retrieving and deleting data.

Legal and regulatory compliance requirements are changing electronic data retention and storage rules. New and revised laws dictate how securely certain records must be stored, how long they must be kept and even how quickly they must be retrieved. Your company's in-house legal team or outside counsel will play an important role in crafting a storage compliance policy that will be defensible and workable.

Financial reporting laws: Many laws and regulations require companies to retain financial records and report them to agencies such as tax authorities and securities regulators. The Sarbanes-Oxley Act (SOX) reinforces those requirements with additional controls and stronger penalties for noncompliance. Contrary to some vendor claims, SOX doesn't directly require longer retention of most financial records. However, it does require outside auditors to keep their work papers

    Requires Free Membership to View

    Login

    When you register for SearchStorage.com, you’ll also receive targeted emails from my team of award-winning editorial writers. Our goal is to keep you informed on the hottest topics, the latest news and the biggest challenges you face as a storage professional today.

    Rich Castagna, Editorial Director

    By submitting your registration information to SearchStorage.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchStorage.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

for seven years, which may require a public company's internal records to meet that standard. These retention requirements can apply to enterprise resource planning (ERP) database records; scanned documents such as invoices and contracts; spreadsheets and document files in file shares or document management systems; and even relevant email messages if they haven't been captured in some other form. Some of these records may also be subject to different retention periods set by additional laws or internal policies.

This was first published in March 2007

Back to top