Organisations should introduce information lifecycle
management systems to avoid the risk of fines under the Data
Protection Act, according to analyst firm Bloor
Research.
Tony Lock, chief analyst at Bloor Research, said, "The Data
Protection Act is already being enforced. There have not been any
big customers hauled in yet, but there are strong rumours that the
Data Protection Registrar would like to raise the Act's profile by
getting a very visible law breaker.
"Everyone needs to worry about this. Smaller firms are easier to
prosecute than larger ones."
Lock said data compliance was not on many companies' priority
lists, but that four-figure fines were still an option for the Data
Protection Registrar.
A research paper from Bloor examined the data storage requirements
that arose from a range of legislation. These included the
DataProtection Act, the Financial Services Authority mortgage and
insurance regulations, International Accounting Standards, Basel 2
and regulations that will affect UK banking and insurance firms,
and European human rights legislation.
Lock said, "Many organisations test new applications on an extract
from a live customer database. In many instances that would be
breaking the Act, and many are not aware of that. There is
potentially a fine for every instance of misuse of data."
Network Appliance, which commissioned Bloor's research, is
launching an information lifecycle management software product
called Lockvault.
Val Bercovici, chief technology architect at Network Appliance,
said, "Legal compliance experts say you need to keep everything
forever, which is not only unappealing, but also difficult. The
answer is tiered storage and information management."
Make sure your data is compliant
- Implement an open, flexible and simple storage
infrastructure
- Identify all data that is subject to retention/deletion
requirements
- Set compliance policies for access to and supervision of the
content
- Set compliance policy classes for required retention
- Classify data into applicable policy classes
- Archive to write once, read many-compliant media.
Source: Bloor Research
Clean data, clean profit>>