February 17, 2019

You Thought Sarbanes-Oxley Was Bad? Wait til You See What's Coming - page 2

Get Your Waders, You're Going to Need Them

  • April 21, 2009
  • By Paul Rubens

The financial crisis is not the only root cause of the new wave of regulations though, according to Dennis Gaughan, a vice president at AMR Research. He said that in addition to struggling with Sarbanes-Oxley and any new financial regulations, small and midsize businesses in particular are going to have to grapple with state data privacy laws. "The problem is that each state has a different set of laws, so a real challenge will be how to comply with each state's nuances. In many cases it's not entirely clear what each state's laws actually mean," he said.

Gaughan suggested that rather than trying to keep up with each state's laws, the best solution is likely to be to try to apply the strictest set of state laws to all operations. "I think we are going to see a lot of companies struggle to comply with all these state privacy laws," he said.

These problems are compounded when companies operate internationally. That's because of the wide variation in national data protection and privacy laws. For example, Gartner's John Bace points out that the United States' Patriot Act compels any company holding data to produce it and not inform the owner of the data, while Canada's PIPEDIA (Personal ID Protection and Electronic Document Act) has the opposite effect. Identifying where data ends up being stored and what jurisdiction it falls under has the potential to be a major headache for businesses and, ultimately, IT departments.

This could have a major impact for companies planning to make use of services offered in the cloud ��� either the public cloud or an internal corporate cloud. The reason is that cloud operations may have little concept of national boundaries, and data can be passed from one cloud facility to another with total transparency if allowed to. But many countries, France being a notable example, have strict rules about moving personal data over national boundaries.

So if there's one message for IT professionals who are finding it quiet as the recession bites, it's this: make the most of it while it lasts. New regulations are heading your way, and carrying out the work to comply with them all is going to make everything you've done for Sarbanes-Oxley look like a teddy bear's picnic.

Paul Rubens is an IT consultant and journalist based in Marlow on Thames, England. He has been programming, tinkering and generally sitting in front of computer screens since his first encounter with a DEC PDP-11 in 1979.

Article courtesy of Serverwatch.com

Most Popular LinuxPlanet Stories