News Stay informed about the latest enterprise technology news and product updates.

2004: The year of compliance?

Will 2004 be remembered as the year of compliance? compliance expert Mike Casey takes a look at what could be a big year for regulatory compliance.

Here are my compliance predictions for 2004. If you have any comments or questions about the predictions, please send me a note.

1. The year of Sarbanes-Oxley compliance
Large US enterprises will make serious investments to meet 2004 compliance deadlines for CEO/CFO certification of internal controls on financial reporting. Companies -- and their auditors -- will focus first on accounting, recordkeeping and reporting procedures. Many ERP and workflow systems will be enhanced to ensure rapid, consistent access to key records and data. Well defined record-retention policies and effective storage solutions will be important keys to success.

2. The year of HIPAA preparation
With the compliance deadline for the HIPAA Security Rule looming on the horizon in April 2005, large health insurance firms will establish plans and deploy solutions in 2004 -- so they can complete validation testing before the deadline arrives. Large health care providers will also scramble to comply with HIPAA requirements before the deadline.

3. The peak of tactical e-mail archiving
Vendors of tactical e-mail archiving solutions will do well in 2004, as companies take action to manage email messages as business records. Driving factors include regulatory compliance requirements -- such as SEC Rule 17a-4 for broker-dealers -- as well as litigation discovery risk reduction, and the desire to improve employee productivity and reduce the cost of storing and managing email and attachments.

Over the longer term, enterprises will look for solutions that can be leveraged for creation of a strategic Enterprise Data Archive that embraces multiple applications and data types.

4. The discovery of discovery
Litigation discovery will move from archive inhibitor to archive driver. Legal opinion and corporate practice will abandon the "delete all" approach to email and other key records, recognizing that a complete and readily-accessed record typically reduces risk and limits the cost of legal discovery. Discovery and compliance requirements will accelerate the move toward saving more data for longer periods, as a matter of good policy.

5. Cheap storage
Yes, storage will keep getting cheaper. And cheap storage will enable companies to cost-effectively store more data for longer periods. This is a good thing.

To take full advantage of these trends, companies must develop intelligent archiving policies, processes and infrastructure that reflect their business needs as well as their legal discovery and regulatory compliance requirements.

Ed note: If you would like to read additional compliance articles, opinions and expert advice, make sure to sign-up for our ALERTS on compliance. Click here to sign up. also offers alerts on low-cost storage.

About the author
Mike Casey is a Principal Analyst for Contoural, Inc., with more than 20 years experience in storage and high technology. At Contoural, Mike advises IT organizations and solution providers regarding storage requirements, policies, architectures and management processes. Previously Mike was a storage analyst for Gartner, and a Compliance Officer for a medical device company.

Dig Deeper on Data storage compliance and regulations

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.