Tip

ESG compliance report excerpt, Part 1: Introduction

Compliance: The effect on information management and the storage industry
Published: May 2003
By Peter A. Gerr, Brian Babineau and Patrick C. Gordon, The Enterprise Storage Group

Editor's note: Establishing proper records retention policies for today's virtual records is on the minds of many storage managers. And, with good reason. IT staffers manning the controls behind today's financial services, healthcare and publicly-traded companies are even now struggling to understand the latest torrent of legal mandates that dictate how long certain data should be stored and in what capacity. They are weighing both the cost of compliance and the potential cost of noncompliance.

To shed more light on this issue, the editors turned to the Milford, Mass.-based Enterprise Storage Group, a storage analyst firm who recently produced its own few hundred page report on compliance legislation, its impact on the storage industry and various vertical, corporate markets. For the benefit of our readers, we've excerpted portions of this report's executive summary here. (To purchase the full report or to inquire about receiving a free chapter download related to your industry, go to the

    Requires Free Membership to View

Enterprise Storage Group Web site).

Table of Contents

Introduction
Main research themes
Research scope and highlights
Compliance in the financial services industry
Compliance in the life sciences industry
Compliance in the healthcare industry
Compliance in the government industry
Conclusion


Introduction

The challenges and complexities involved in addressing compliance are magnified by the current knowledge gap between regulated industries and the technology vendors trying to capitalize on the perceived opportunities.

Technology vendors' confusion with and misinterpretation of the regulations adversely affects the credibility of the products, solutions, and marketing messages they develop to address compliance needs.

The good news for storage technology vendors in 2003 is that their customers' lives are getting more complex. Storage capacities under management continue to increase rapidly even in a down economy, and there is a new wave of complexity coming, one that will impact not only the IT departments but will have equal if not greater impact on the business professionals within organizations across every industry.

This new wrinkle is compliance and the currency is information.

The management of compliant records is poised to have an enormous material effect on the global IT community even while it challenges all technology vendors to educate themselves and prepare to meet this new opportunity.

Over the past decade, information, in many forms, has become the focal point of various regulations and laws. Information -- like any other hard asset -- needs to be protected, monitored, maintained, exchanged and secured.

Our research found more than 10,000 laws and regulations in the United States alone drafted by federal and state legislative bodies. A common thread running through these regulations is that they address "records," information that takes many of the forms discussed earlier. These regulations also address the process by which records must be created, stored, accessed, maintained, and retained over increasingly long periods of time (in some cases, beyond the life of a human).

Chart 2: The compliance landscape is a minefield
(Chart 2 excerpted from full report)

With constant news of corporate misdeeds, accounting scandals, and securities fraud throughout the past 24 months, followed by unprecedented fines levied by the Securities and Exchange Commission (SEC) and the Food and Drug Administration (FDA) for violation of compliance regulations, ESG decided to take a closer look at the subject.

The compliance-related events that have made the news in the past year are the tip of an iceberg that will have enormous material impact on both the IT and business components of organizations in every market.

Compliance presents a unique opportunity and challenge for incumbent storage technology vendors across all segments of the market including systems, software, and networking vendors, all of whom are vying for leverage relative to compliance.

Compliance also affects independent software vendors (ISVs) developing the applications that create records, as well as the mountains of information that are the focal point of these rules and regulations.

Ultimately, technology vendors must not only understand the salient points of these notoriously ambiguous regulations, separating fact from fiction, but must also be prepared to address the technological and business aspects of compliance and any solution equally.

Compliance is not optional, but is essential if both public and private organizations wish to successfully pass inspections, avoid fines and loss of trust, and compete in an ever-increasing competitive global marketplace while evolving their records management processes to "best in class".

--Return to table of contents--


The above information was excerpted by permission from the Enterprise Storage Group executive summary to the research report, "Compliance: The effect on information management and the storage industry," published in May 2003. To learn more about the full report, contact the Enterprise Storage Group.

Copyright 2003, Enterprise Storage Group

Peter Gerr is a senior research analyst at the Enterprise Storage Group. He will be speaking about the IT impact on compliance legislation at Storage Decisions 2003.

This was first published in June 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.