Compliance: September 2007 Archives
Written before iForem - but the truth is the same. We need to rethink our data management. Make iForem part of that new understanding. From a personal legacy to compliance, today we are only accumulating our legacy and damaging our compliance. Change to iForem and change your life.
"In the not-so-distant future, businesses and other organizations will see data management issues and costs spiraling out of control and beginning to damage efficiency and their bottom line. Inefficient retrieval, increased IT costs and network slowdowns are obvious. But what about increased power costs? Even compliance with mandatory CO2 emission limits? Data-dumping and cheap storage solutions are not the answer--improved information lifecycle management (ILM) is. The principles of ILM have been defined by the Storage Networking Industry Association (SNIA) and address the need to manage information from conception to disposal--based on its intrinsic value to the company. Turn to IBM for solutions that not only include hardware and software, but help convincing management that ILM is a critical issue that must be addressed now; assistance with the development of new policies and processes based on best practices; and decision support when making the determination about which data to keep and which to discard."
toxic_tb.pdf
LINK TO IBM
"In the not-so-distant future, businesses and other organizations will see data management issues and costs spiraling out of control and beginning to damage efficiency and their bottom line. Inefficient retrieval, increased IT costs and network slowdowns are obvious. But what about increased power costs? Even compliance with mandatory CO2 emission limits? Data-dumping and cheap storage solutions are not the answer--improved information lifecycle management (ILM) is. The principles of ILM have been defined by the Storage Networking Industry Association (SNIA) and address the need to manage information from conception to disposal--based on its intrinsic value to the company. Turn to IBM for solutions that not only include hardware and software, but help convincing management that ILM is a critical issue that must be addressed now; assistance with the development of new policies and processes based on best practices; and decision support when making the determination about which data to keep and which to discard."
toxic_tb.pdf
LINK TO IBM
No need to re-write history - just document it. iForem is a new tool in the system to help a small business survive in a compliance drive world. Read why here:
Data retention requirements depend on the type of data and the purposes for which it is used. Unfortunately, there are thousands of possible requirements that can apply given those two factors.
Type and purpose condition the "external" constraints deriving from federal and state legal-regulatory requirements, from the standards of private certificatory bodies (e.g., JCAHO), and from contractual obligations to other parties with which/whom the organization has agreements.
Fiscal factors, such as tax laws and general auditing requirements, also condition data retention. (This is particularly true for publicly-traded companies subject to Sarb-Ox.) Public and private grantor agencies may set retention requirements for data related to projects they fund.
Last but by no means least, operational and other purely "internal" information needs of the organization affect retention requirements. All the risks or benefits considered relevant by the organization's stakeholders go into defining these internal standards.
In other words, it's complex, and this page can only summarize. If you have questions about the particular data retention requirements that apply to information under your control, contact your organization's designated legal counsel. If you're not sure whom to approach at UM, contact the Office of the General Counsel.
Link to web site:
Data retention requirements depend on the type of data and the purposes for which it is used. Unfortunately, there are thousands of possible requirements that can apply given those two factors.
Type and purpose condition the "external" constraints deriving from federal and state legal-regulatory requirements, from the standards of private certificatory bodies (e.g., JCAHO), and from contractual obligations to other parties with which/whom the organization has agreements.
Fiscal factors, such as tax laws and general auditing requirements, also condition data retention. (This is particularly true for publicly-traded companies subject to Sarb-Ox.) Public and private grantor agencies may set retention requirements for data related to projects they fund.
Last but by no means least, operational and other purely "internal" information needs of the organization affect retention requirements. All the risks or benefits considered relevant by the organization's stakeholders go into defining these internal standards.
In other words, it's complex, and this page can only summarize. If you have questions about the particular data retention requirements that apply to information under your control, contact your organization's designated legal counsel. If you're not sure whom to approach at UM, contact the Office of the General Counsel.
Link to web site:
Question: What are the average industry standards for the length of time data/tape are stored off site? Do we keep a quarter, a month, etc. I understand it's different based on your business but just as a general guideline...
he minimum records retention requirements regulations vary by state and by data type, but typically they range from three years to permanent. Legally, most businesses need to keep records long term. Broadly speaking, state and federal regulation require:
Business records: 7 years to permanent
Contracts: 7 years to permanent
Employee records: 3 years
Payroll records: 3 to 7 years
Permanent - Looks like iForem is the only real solution here.
he minimum records retention requirements regulations vary by state and by data type, but typically they range from three years to permanent. Legally, most businesses need to keep records long term. Broadly speaking, state and federal regulation require:
Business records: 7 years to permanent
Contracts: 7 years to permanent
Employee records: 3 years
Payroll records: 3 to 7 years
Permanent - Looks like iForem is the only real solution here.
Security at iForem is security from Human Error.
NEW YORK - Three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers of ABN Amro Mortgage Group were inadvertently leaked over an online file-sharing network by a former employee.
GoSmart, Inc. uses iForem to avoid this kind of problem with our enterprise grade secure document storage.
NEW YORK - Three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers of ABN Amro Mortgage Group were inadvertently leaked over an online file-sharing network by a former employee.
GoSmart, Inc. uses iForem to avoid this kind of problem with our enterprise grade secure document storage.
Sarbanes-Oxley Has Major Impact on Electronic Evidence
NEW RETENTION REQUIREMENTS
Sarbanes-Oxley imposes new requirements on public companies and their accounting and auditing teams with regard to the retention and destruction of certain financial records. There are three provisions that deal with electronic documents and should be of concern to corporations:
• Document alteration or destruction. Section 802 of the act amends the federal obstruction-of-justice statute by adding two new offenses. First, people who knowingly alter, destroy, mutilate, conceal or falsify any document or tangible object with the intent to impede, obstruct or influence proceedings involving federal agencies or bankruptcy proceedings may be fined, imprisoned up to 20 years or both.
• Mandatory document retention. Second, § 802 directs accountants to maintain certain corporate audit records or to review work papers for a period of five years from the end of the fiscal period during which the audit or review was concluded. It also directs the Securities and Exchange Commission (SEC) to promulgate, within 180 days, any necessary rules and regulations relating to the retention of relevant records from an audit or review. This section makes it unlawful knowingly and willfully to violate these new provisions -- including any rules and regulations promulgated by the SEC -- and imposes fines, a maximum term of 10 years' imprisonment or both.
• Obstruction of justice. Section 1102 expands the obstruction-of-justice statute that prohibits tampering with witnesses. Now acting or attempting "corruptly" to alter or destroy a record or other object "with the intent to impair the object's integrity or availability for use in an official proceeding" is punishable with fines and/or imprisonment of up to 20 years.
NEW RETENTION REQUIREMENTS
Sarbanes-Oxley imposes new requirements on public companies and their accounting and auditing teams with regard to the retention and destruction of certain financial records. There are three provisions that deal with electronic documents and should be of concern to corporations:
• Document alteration or destruction. Section 802 of the act amends the federal obstruction-of-justice statute by adding two new offenses. First, people who knowingly alter, destroy, mutilate, conceal or falsify any document or tangible object with the intent to impede, obstruct or influence proceedings involving federal agencies or bankruptcy proceedings may be fined, imprisoned up to 20 years or both.
• Mandatory document retention. Second, § 802 directs accountants to maintain certain corporate audit records or to review work papers for a period of five years from the end of the fiscal period during which the audit or review was concluded. It also directs the Securities and Exchange Commission (SEC) to promulgate, within 180 days, any necessary rules and regulations relating to the retention of relevant records from an audit or review. This section makes it unlawful knowingly and willfully to violate these new provisions -- including any rules and regulations promulgated by the SEC -- and imposes fines, a maximum term of 10 years' imprisonment or both.
• Obstruction of justice. Section 1102 expands the obstruction-of-justice statute that prohibits tampering with witnesses. Now acting or attempting "corruptly" to alter or destroy a record or other object "with the intent to impair the object's integrity or availability for use in an official proceeding" is punishable with fines and/or imprisonment of up to 20 years.
Keep it simple is our motto.
If you are any size company and worry about compliance, there is a great list you must read.
Link Here:
This is why we created iForem
1. Not keeping your records straight from your backup.
First, the basics. The first step to a good records management program is simply identifying what a record is.
