IBM takes on US compliance requirements

IBM is introducing bundles of hardware, software and services to help companies comply with US federal regulations, a move which...

IBM is introducing bundles of hardware, software and services to help companies comply with US federal regulations, a move which has elicited both words of praise and caution from analysts.

The offerings address changes companies should make to their IT infrastructure and to their business processes to comply with regulations such as the corporate governance Sarbanes-Oxley Act, the US Patriot Act and the health care Health Insurance Portability and Accountability Act (HIPAA).

IBM proposes that companies focus on retooling IT systems and business processes as well as complying with the individual requirements of the regulations, putting them in a better position to comply with future regulations in general.

The IBM bundles address issues common to regulatory compliance across industries, such as the ability to archive e-mail messages, document financial transactions, protect the confidentiality of certain records, and standardise, store, retrieve and deliver data.

IBM's broad-based approach to the issue of regulatory compliance merits highlighting, analysts said. There are many individual products focused on specific regulations, but there is a lack of comprehensive, holistic solutions.

"It shows IBM coming to the table with one of the most comprehensive sets of offerings to address this area," said Meta Group analyst Stan Lepeak.

"Nothing really jumps out at you from the individual pieces [of the announcement] but IBM has put together a good bundle of offerings that complement one another."

Approaching this issue with a broad view is beneficial because it lets companies implement changes that help with regulatory compliance and improve IT operations in general,  said AMR Research analyst John Hagerty.

"It's refreshing to see IBM taking a broad approach at compliance," he added. "The prudent buyers look at compliance as something they need to be in step legally with the regulator and secondly as something they can do to improve their overall business."

Lepak said the challenge for users is to figure out what their regulatory-compliance situation is so that they have a clear idea of what they need before they approach IBM.

Some of the bundles IBM is announcing include:

IBM E-mail Archive and Records Management Service: A hosted service  for financial services companies which automates the capture, archiving and retrieval of incoming, outbound and internal e-mail messages, instant messages and other documents.

IBM DB2 Content Manager for Data Retention Compliance: A combination of services, IBM DB2 database software and iLumin Software Services software to address data archiving, retention and retrieval requirements from the US Securities and Exchange Commission and the National Association of Securities Dealers.

IBM Asset Disposition Data Disposal - Disk Wipe Services: Services for ensuring that sensitive information gets removed from hardware that becomes obsolete and is discarded.

Juan Carlos Perez writes for IDG News Service

Read more on Integration software and middleware