|
| Recent
Articles |
Western Digital My Book USB Drive
I had to find an ATA internal hard drive the other morning. In years past there would have been at least a couple of them kicking around here somewhere, but I've let stock go down over the years as demand dwindled.
Windows Live Hotmail Goes Global
It’s being billed as “[t]he most significant upgrade for Hotmail since it pioneered the webmail industry in 1996,” and it’s here: Windows Live Hotmail is rolling out globally. New users should get an account immediately...
The Importance Of Backing Up Photos
I got an email today from my friend (and talented photographer) Lane Hartwell. Lane was asking me about one of the online backup services that is out there and my opinion on it. I hadn't heard of the company...
Using Online File Backup Services
There is one major problem with most computer backup procedures. Usually after a backup is made, all of the information and data stays in the same place as it always was. However, there are many disasters that...
Online Data Storage - Accessibility Is Everything
Most people don't realize how convenient online data storage really is in these days using email storage services. The benefits for storing excess data online and freeing up space on your own hard drive is becoming a popular trend. Backing up information that could...
How Flash Drives Are Ideal For School
Whether you call them flash drives, jump drives, thumb drives, USB drives or compact flash memory, one thing is certain: USB flash drive technology has soared at universities and colleges in recent years and their...
|
|
|
 |
|
06.04.07
Does Your Current Backup System Meet Federal Regulations?
 By Andrew Stratton
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, mandates that all covered entities fulfill certain requirements for data backup, storage, and recovery; the Sarbanes-Oxley Act (SOX) holds many publicly held companies and all Registered Public Accounting Firms to a rigorous set of standards. These rules set guidelines for how data should be stored, accessed, and retrieved.
In response to an explosion of major corporate benefits and accounting scandals in recent years, Congress passed two laws regulating the storage and reporting of internal data.
The first impact was felt in corporate America by the passage of the Health Insurance Portability and Accountability Act (HIPAA) in 1996. The Administrative Simplification (AS) provisions of HIPAA mandated national standards for electronic health care transactions and identifiers for providers, health insurance plans, and employers.
Under HIPAA, an IT audit most often is performed in conjunction with a financial statement audit or an internal audit. Evidence is collected and evaluated concerning an organization's information systems, practices, and operations to determine whether those systems record and maintain accurate, reliable data.
An IT audit doesn't focus on internal controls in the way a financial audit does. Rather, it seeks to determine risks relevant to information assets, and to assess whatever controls are in place to eliminate or reduce those risks. The focus of an IT audit is on evaluating a system's availability, confidentiality and integrity.
The Sarbanes-Oxley Act of 2002 created (among other oversight regulations) the Public Company Accounting Oversight Board (PCAOB), which addresses the role IT plays in a company's internal controls. The PCAOB's "Auditing Standard 2" states: "The nature and characteristics of a company's use of information technology in its information system affect the company's internal control over financial reporting," and its provisions are targeted toward seeing that those controls and reporting are legitimate and accurate.
Under this law, auditors audit key and general controls, with "key" controls being those that are key to ensuring that numbers shown on the company's balance sheet are authentic. (For instance, there might be a trigger on a database table to ensure that adding any entry into the accounts receivable table automatically creates an entry into the general ledger.) The person held accountable for seeing that these regulations are met is the company's Chief Information Officer (CIO).
Given the breadth and complexity of current federal law governing storage and maintenance of IT data, prudent business owners will take whatever steps necessary to assure their IT systems and controls meet or exceed regulations. Taking the time today to ascertain that your online offsite backup system complies with federal regulations will save you countless intrusive and costly auditing headaches, down the road.
About the Author:
You can never be too prepared when disaster strikes. Protect yourself from data loss with online backup from Global Data Vault. Avoid downtime, revenue loss and angry customers with remote backup services from Global Data Vault. http://www.globaldatavault.com
|
