OVERCOME REGULATORY DATA RETENTION CHALLENGES WITH COMPLIANCE ARCHIVING



Similar documents
Spambrella Archiving Service Guide Service Guide

ARCHIVING. What it is, what it isn t, and how it can improve your business operations

Using EMC SourceOne Management in IBM Lotus Notes/Domino Environments

CA Message Manager. Benefits. Overview. CA Advantage

Simplify IT and Reduce Costs with Automated Data and Document Archiving

IBM Information Archive for , Files and ediscovery

Real World Strategies for Migrating and Decommissioning Legacy Applications

Recovering Microsoft Exchange Server Data

IBM CommonStore Archiving Preload Solution

Lowering E-Discovery Costs Through Enterprise Records and Retention Management. An Oracle White Paper March 2007

5 WAYS STRUCTURED ARCHIVING DELIVERS ENTERPRISE ADVANTAGE

The evolution of data archiving

Union County. Electronic Records and Document Imaging Policy

IBM Tivoli Storage Manager for Virtual Environments

WHITE PAPER SPON. Considerations for Archiving in Exchange Environments. Published July 2013 SPONSORED BY. An Osterman Research White Paper

Configuring Celerra for Security Information Management with Network Intelligence s envision

Archiving A Dell Point of View

Recovering Microsoft Office SharePoint Server Data. Granular search and recovery means time and cost savings.

Capture. Structure. Access. Any EHR.

Eradicating PST Files from Your Network

Enterprise Archiving Simplified

Secure Web Gateway 11.7 Upgrade Release Notes

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

Director, Value Engineering

IBM Unstructured Data Identification and Management

ARCHIVING FOR EXCHANGE 2013

EMC Documentum Content Management Interoperability Services

Can CA Information Governance help us protect and manage our information throughout its life cycle and reduce our risk exposure?

Solving Key Management Problems in Lotus Notes/Domino Environments

The IBM Archive Cloud Project: Compliant Archiving into the Cloud

TO BE OR NOT TO BE (Archiving), That is the question!

How To Backup With Ec Avamar

Case Study: FOOD INDUSTRY

10 Steps to Establishing an Effective Retention Policy

Increasing Recoverability of Critical Data with EMC Data Protection Advisor and Replication Analysis

The Smart Archive strategy from IBM

CA Records Manager. Benefits. CA Advantage. Overview

16 TB of Disk Savings and 3 Oracle Applications Modules Retired in 3 Days: EMC IT s Informatica Data Retirement Proof of Concept

EMC White Paper EMC Xtender Provides Records Management for Microsoft Exchange Server 2003

Recovering Microsoft Office SharePoint Server Data

Symantec NetBackup Vault Operator's Guide

EMC ViPR Controller. Version 2.4. User Interface Virtual Data Center Configuration Guide REV 01 DRAFT

Archiving: Common Myths and Misconceptions

Enterprise Vault 10 Feature Briefing

Streamline HR Tasks with Centralized Document Access

SAS 70 Type II Audits

WHITE PAPER ONTRACK POWERCONTROLS. Recovering Microsoft Exchange Server Data

EMC Backup and Recovery for Microsoft SQL Server 2008 Enabled by EMC Celerra Unified Storage

How To Protect Data On Network Attached Storage (Nas) From Disaster

How To Manage An Electronic Discovery Project

CONTENT CLINICAL IMAGE & Management, Redefined. EMC Perspective

Solving.PST Management Problems in Microsoft Exchange Environments

Realizing the Cost Savings and Other Benefits from SaaS Archiving

B. Preservation is not limited to simply avoiding affirmative acts of destruction because day-to-day operations routinely alter or destroy evidence.

Speed the transition to an electronic environment. Comprehensive, Integrated Management of Physical and Electronic Documents

IBM ediscovery Identification and Collection

Integrated archiving: streamlining compliance and discovery through content and business process management

This white paper describes the three reasons why backup is a strategic element of your IT plan and why it is critical to your business that you plan

WHITE PAPER WHY ORGANIZATIONS NEED LTO-6 TECHNOLOGY TODAY

IBM DB2 Near-Line Storage Solution for SAP NetWeaver BW

Firewall Administration and Management

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

Management in Today s Regulatory Environment

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

# Is ediscovery eating a hole in your companies wallet?

AVLOR SERVER CLOUD RECOVERY

Extending Microsoft SharePoint Environments with EMC Documentum ApplicationXtender Document Management

EMC Integrated Infrastructure for VMware

A 5 Year Total Cost of Ownership Study on the Economics of Cloud Storage

Windows Small Business Server 2003 Upgrade Best Practices

Understanding ediscovery and Electronically Stored Information (ESI)

Data center and cloud management. Enabling data center modernization and IT transformation while simplifying IT management

VERITAS NetBackup Vault 6.0

Object Storage A Dell Point of View

Discover A New Path For Your Healthcare Data and Storage

Symantec Security Information Manager 4.8 Release Notes

Are Mailboxes Enough?

How To Use A Court Record Electronically In Idaho

Symantec NetBackup OpenStorage Solutions Guide for Disk

A 15-MINUTE GUIDE TO CLINICAL TRIAL DOCUMENT MANAGEMENT AND THE etmf

Copy Tool For Dynamics CRM 2013

WaterfordTechnologies.com Frequently Asked Questions

Managing Backup, Recovery, and Migration

White Paper. Mimosa NearPoint for Microsoft Exchange Server. Next Generation Archiving for Exchange Server By Bob Spurzem and Martin Tuip

IBM Tivoli Netcool Configuration Manager

Transcription:

OVERCOME REGULATORY DATA RETENTION CHALLENGES WITH COMPLIANCE ARCHIVING EXECUTIVE SUMMARY A modern enterprise must retain information for years in order to comply with ever-changing government and industry regulations. The enterprise must provide access to that information for auditors, both internal and external. It must be prepared to offer a wide range of information in response to litigation and inquiries by government regulators. That information may be summary reports, raw data exports or data reformatted into standard formats like PDF or MP3. What s needed: A single platform for ensuring compliance. EMC PERSPECTIVE

TABLE OF CONTENTS EXECUTIVE SUMMARY... 1 REGULATORY OVERLOAD... 3 RETAIN, ACCESS AND PRODUCE DATA... 3 EVER-CHANGING DATA RETENTION REQUIREMENTS... 4 LITIGATION AND RESPONSE... 5 MORE COMPLIANCE, LESS RISK... 5 CONTACT US... 6 2

REGULATORY OVERLOAD The CIO and IT can t escape regulatory requirements, no matter the industry, from aerospace to finance, from manufacturing to pharmaceuticals; no matter the country, from tax records to licenses to government contracts. Compliance with retention requirements requires a lot of knowledge and a lot of IT resources. Internal controls staff require reports. External auditors require detailed records, including raw data and reconstruction of events. Litigators on a fishing expedition require everything. Many types of information must be retained to fully satisfy compliance requirements: Transaction logs, patient records, blueprints, vendor invoices and signature scans are just some of the items included in formal records for products and services. For full compliance, however, unstructured content is also required, ranging from sales presentations to emails, from customer proposals to written correspondence. In many cases, particularly for recent transactions, those records are on live production applications. In other cases, those records may be on legacy systems the old sales system before customer relationship management was moved to the cloud, the old human resources system used by that company acquired in the late 1990s. For example: The Dodd Frank Wall Street Reform and Consumer Protection Act requires derivatives and commodities trading to be fully documented including emails, voicemails, recorded phone calls, presentations and correspondence. Dodd- Frank affects every company involved in barter and derivative swap transactions with a bank or other financial institution. How about drug studies? Pharmaceutical and biotech companies need to store a wide range of structured and unstructured data about formulations, dosages, manufacturing processes, security and protection of controlled substances, clinical trials, monitoring of drug recalls, sales and marketing, prescriptions and delivery of products, to document compliance with rules from the Office of Compliance at the U.S. Food and Drug Administration. Every IT department dutifully maintains that information, often by keeping old data available on new systems, sometimes by maintaining legacy servers, software and infrastructure for that purpose. Intelligent archival solutions such as EMC InfoArchive can preserve and provide access to production and legacy information combining data and content at a lower cost, while improving access and simplifying regulatory compliance. RETAIN, ACCESS AND PRODUCE DATA It s not rocket science: IT knows how to retain information for compliance. It s expensive, of course. The information must not only be preserved, but also protected with backups and even off-site disaster recovery plans. When legacy systems are involved, costs include not only maintaining old server hardware and networking infrastructure, but also software licensing, consulting, backups and more. Data retention, however, is only one of the three goals of a regulatory compliance strategy: IT must also provide access and produce data. 3

Providing access can be a challenge, especially when access must be given to external entities such as auditors. Internal policies may prohibit giving access to production systems. What about when an audit or other query, such as e-discovery, requires access to many systems, many of which have their own user account schemes, or which require specialized access software? Providing timely access to the retained data may be a bigger headache than the data retention itself. Producing data on demand across those disparate systems is another headache. Need reports from an individual application? Easy. Need reports that correlate data across multiple applications? Hard. Pulling the data required to fully reconstruct a regulated transaction s many phases? Better buy a case of ibuprofen, especially if that transaction contains both structured data (such as log files or accounting records) and unstructured data (like emails, phone calls, contracts and presentations). In response to an audit request, e-discovery or government investigation, most organizations can provide reports that cover the basics of the transaction but are unable to provide third-party access or reproduce entire transactions, especially when those transactions took place more than a couple of years ago. Data archiving onto EMC InfoArchive can help. The process migrates and consolidates all those disparate information sources including production and legacy systems into one platform, bringing together the data and content, including its contextual metadata. Because EMC InfoArchive stores the data, the content and its contextual relationships, retention becomes easy. Providing read-only access to an archive for reports and data retrieval is easy, and requires only one user account. Reconstructing transactions becomes far simpler (not easy, especially for complex transactions but simpler). EVER-CHANGING DATA RETENTION REQUIREMENTS Question: How many data retention regulations affect the typical large enterprise? Answer: You don t want to know. Data-retention regulations come from a tremendous number of bodies: In the United States, for example, there are rules from the Internal Revenue Service and the Sarbanes-Oxley and Health Insurance Portability and Accountability acts. There are regulations covering every aspect of every industry, including financial, automotive, aerospace, government/defense contracting, insurance, retailing, manufacturing, energy, import/export, transportation. Labor standards for pay, hours worked, breaks. Credit terms and payment details, including external market indexes. Bids, both accepted and rejected, and the bid requirements and process. Multiply those records by a factor of 10 or 100 for organizations that do business outside the U.S. Yes, that s every business in the global economy. Take a snapshot of requirements at this moment: The compliance office and IT work hand in hand to ensure and certify that all information systems are compliant with regulations and industry norms. Come back in a week: Odds are, some requirement has changed. Certainly, standards and major requirements change at least quarterly for large businesses. Annually, it can be a whole new ball game. Are all systems still compliant? Maybe. Maybe not. Some systems may need patches or upgrades, or changes to policies defined throughout administrative consoles or storage management systems. That s challenging enough for current production systems. What about those legacy platforms are they flexible enough to handle the new regulatory requirements? What will it take to certify compliance with those requirements? 4

EMC InfoArchive can help, by providing a single, modern interface to view and change policies regarding information retention and access. Compliance officers can clearly see the retention policies, request changes and verify that the changes were implemented. The challenge of ensuring that the compliance team knows about the newest industry requirements or government regulations remains, of course, but from the IT perspective, those changes are no longer daunting. LITIGATION AND RESPONSE Lawsuits are a fact of daily life for large enterprises. Employees sue. Suppliers sue. Customers sue. Competitors sue. In civil suits, lawsuits are often accompanied by e- discovery, wherein the opposing attorney can often request a wide range of information, either in native form or as PDF files. Similar requests for information can come from search warrants or even seizure by government agencies. Nearly every type of electronic data can be requested by e-discovery or subpoenaed by a judge. This includes electronic messages, such as voicemails and emails, database files, billing records and more. While the legal department can seek to restrict the scope of the data request, for the most part businesses need to comply, providing the information quickly and in an acceptable format. It is essential that the organization retain information for the required periods, as determined by regulatory agencies, and in formats that can either be provided directly to third parties or converted into acceptable formats. (It may also be desirable for companies to destroy old information in compliance with retention policies, in some cases to ensure that the data is not available for e-discovery or a subpoena.) Storing such discoverable information in EMC InfoArchive offers the benefit of a single platform for identifying information available for e-discovery, and providing a means of exporting the data, either in its native form or in a format such as PDF for printed documents or MP3 for audio files. Not all legacy platforms can perform such exports; by migrating and consolidating the information into EMC InfoArchive, that capability becomes common across all information stored for regulatory compliance. The information can also be retrieved and reported in context, such as all structured and unstructured data regarding a specific tool or record. The ability to provide such information may allow the organization to provide a more tightly focused response to attorneys or government regulators, not only resolving the situation faster and less expensively, but also demonstrating good will and an earnest effort to comply. In a court of law and in the court of public opinion, a fast, thorough response can be enabled by EMC InfoArchive. MORE COMPLIANCE, LESS RISK A modern enterprise must retain information for years in order to comply with everchanging government and industry regulations. The enterprise must provide access to that information for auditors, both internal and external. It must be prepared to offer a wide range of information in response to litigation and inquiries by government regulators. That information may be summary reports, raw data exports or data reformatted into standard formats like PDF or MP3. EMC InfoArchive provides a single platform for creating retention policies and certifying that information is stored in a way that meets those requirements whether that information came from current production systems or older legacy platforms. EMC InfoArchive ensures that data and content are accessible in a secure, read-only way, by internal and external auditors, in compliance with regulatory obligations. It can also produce the evidence required by litigators during e-discovery or by regulatory and government inquiries. 5

Preserve, access, and produce: EMC InfoArchive is the best solution for addressing regulatory data retention and retrieval needs. Get a quote today for EMC InfoArchive in the EMC Store. CONTACT US To learn more about how EMC products, services, and solutions can help solve your business and IT challenges, contact 6 your local representative or authorized reseller or visit us at www.emc.com. Copyright 2014 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. For the most up-to-date listing of EMC product names, see EMC Corporation Trademarks on EMC.com. EMC2, EMC, the EMC logo, and the RSA logo are registered trademarks or trademarks of EMC Corporation in the United States and other countries. All other trademarks used herein are the property of their respective owners. Published in the USA.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information