The regulations are coming….
I am joining my Permabit colleagues to offer additional perspective to the discussions from a product marketing venue. My first post addresses two markets that I have been involved with for much of my business career, Healthcare and Finance.
The two most active topics in the news today are Healthcare and Wall Street. The impending regulatory changes in both of these industry segments will impact IT in very significant ways.
In a recent “visit” to Wall Street President Obama, point blank, told the attending financial community that they should expect more regulations in the near future. Not a surprise to anyone there or to the press and public at large. There is existing data preservation regulation and it appears that more information will be required as new regs are implemented. The bottom line you’ll need more storage!
On another side of the political spectrum, it’s difficult to miss the Healthcare Reform discussions (?) flooding the media. That effort will take a course and emerge at some point but it raises the perspective of Healthcare Information Regulations. Separately funded and making progress through committees, the move toward automating the entire medical record process, developing standards and regulations on medical records and privacy and maybe a portable medical record are on the table. In addition, it is expected that regulations will emerge that have “enforcement teeth” since the fines for the existing regulations are rarely used and when they are it is no more than a financial slap on the wrist.
From an IT perspective these two markets share some similarities. They are intrinsic to our (US) economy and they generate some of the most voluminous information we see from an IT perspective. On the finance side it’s mostly transactional, but on the healthcare side it runs the gamut from simple transactions (episodes of care) through to huge (file size) diagnostic images. Depending on which state you live in the retention period can be 70 years or more! With life expectancy for someone born in 2009 recently anticipated to near 100 years, the retention periods will just keep extending! And again more storage will be required.
Current regulations for the financial sector are probably most stringent via SEC 17a-4 which drives retention and immutability of records. HIPAA in the healthcare space provides for security, privacy and long retention cycles. In addition, FDA 21 CFR Part 11 governs pharmaceuticals on data security, privacy and auditability.
Future impacts, speculation at this point, will expand the scope of health and pharmaceuticals to include data immutability, and data privacy possibly as defined by MA 201 and CA Senate 1386. You can also expect these state regs to be more broadly adopted and may possibly find there way into federal regulations. In addition, financial transactions, trading and banking can expect rapid acceleration of the data retention and immutability efforts along with increased data volume as more and more detail is required.
Impact in IT will be significant, keep more information, safer and more secure than ever before. Lock it down, protect it and do not ever loose it. Business risk will dramatically increase with fines and levy’s for non-compliance ratcheting up through the six figure levels for health related infractions. Existing financial exposure for the banking and securities industry will also be raised! The bottom line – be ready with information retention capabilities that can scale out, protect huge data stores, lock down files so that they can survive legal challenges and be delivered quickly on eDiscovery. Technology is available today to enable these capabilities. If you have it just buy more storage capacity. If you don’t, better start looking now and be prepared!