Compliance Challenges-

Compliance Challenges- - Compliance Challenges 1 Running...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Compliance Challenges 1 Running head: Database Regulatory Compliance Challenges
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Compliance Challenges 2 Introduction The world of data compliance has become and will continue to grow increasingly complex, driven by the technology itself and the current and future legislative pressures. These legislative pressures encompassing IT are very complicated and dynamic with changes being made quickly. Companies and institutions of higher education are forced to respond to the new regulations found at the state, national, and international levels. While the regulations are complex the legal penalties for non-compliance and data breaches are straightforward and extreme. New technology trends are simultaneously increasing the complexity of the computing environment, making compliance more difficult and issues of compliance very vague (Bro, 2008). Organizations, from Fortune 500 companies to small local universities, are bound by the regulations and challenges of how more and more data is stored and accessed, as well as the issues to comply with the forever changing world of regulations regarding protecting sensitive data. There are four key information technology areas that involve all regulatory compliance – Protection, Encryption, Retention, and Reporting (Gincel, 2004). One of the most important goals that IT departments much achieve is the protection of sensitive data, if the institution’s data is not protected then that institution is not in compliance. Encrypting data is part of several compliance regulations, such as Sarbanes Oxley. Encryption is often performed on what is known as production data. A third key element for an organization to be compliant involves the time period that data must be retained. The exact time period depends on which regulation policy is being enforced. This is also a key point of overlapping and confusion. The fourth area
Background image of page 2
Compliance Challenges 3 is reporting. Reporting relies on data availability and data integrity. IT departments, specifically database administrators must be able to trace and produce activity logs over periods of time. Being faced with such a number of regulatory policies, that continue to grow in both number and complexity, clearly illustrates that one size fits all will not apply to meeting regulatory compliance. Simply put the database administrators for organizations must be able to demonstrate the requirements have been met by providing auditors the “who did what, where and when.” (Lawson, 2006) Even for organizations that have properly manned and budgeted IT departments being able to protect, encrypt, keep data secured for audits and comply with the rules of retention, is a daunting task but consider the IT departments found at many higher education institutions – severely undermanned and budgets that are often the first to get slashed – meeting all the regulations set forth by the numerous regulatory policies can be crippling. Compliance Regulations
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 13

Compliance Challenges- - Compliance Challenges 1 Running...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online