Databases Reference
In-Depth Information
such, the data governance committee is ultimately responsible for
ensuring that data are protected through physical safeguards, tech-
nical safeguards, and institute appropriate auditing capabilities to
ensure compliance with HIPAA and other requisite regulations.
• Uniting (and) Strengthening America (by) Providing Appropriate
Tools Required (to) Intercept (and) Obstruct Terrorism Act
of 2001
(USA Patriot Act, 2001, HR 3162 RDS, 107th Congress), extended
in 2011, allowed law enforcement to search telephone records,
email communications, medical records, and financial records in
response to the September 11, 2001 terrorist attacks on the United
States. As a result, organizations are required to maintain accurate
records that can readily be provided to state and federal organiza-
tions upon request.
• Electronic Signature in Global and National Commerce (ESIGN)
Act of 2000 (15 USC 7001) allowed the use of electronic signature
and other electronic records for use in business transactions. This
act regulates the use of electronic transfer of records and electronic
signatures for foreign and domestic commerce. While this act expe-
dites commerce and business transactions by allowing electronic
signature and use of data, the consumers' right to sign things the
old fashioned way has been preserved. Moreover, this law now places
data retention requirements on the use of this electronica data. As
with other examples of increased reliance on electronica data, the
need for additional governance and compliance has increased.
Organizations that use these forms of data as part of their standard
operating procedures must remain vigilant that their data are not
only accurate, but accessible and auditable.
• Uniform Preservation of Private Business Records Act (UPPBRA)
of 1994 provides regulations on the length of time businesses are
required to maintain records. These regulations span across various
industries and require that organizations retain data longer, are more
susceptible to government inquiries and requests for data, assess the
vulnerability of consumer data regularly, document the findings,
and assess risks associated with data storage. Organizations must
realize that consumer data are vulnerable to identity theft, Internet
and telephone scams, and other forms of fraud, and data governance
initiatives must keep this assumption at the forefront of their policy-
making processes. As a result, organizations must realize the impor-
tance of being proactive in risk management. Proactive protection
Search WWH ::
Custom Search