Problem solve Get help with specific problems with your technologies, process and projects.

Regulatory compliance and critical system protection

How does losing power in the data center affect your ability to comply with rules and regulations like HIPAA and Sarbanes-Oxley? This tip outlines what you need to know.

The implications of losing power to your regulatory compliance efforts may seem secondary, but the fact is, no matter how secure you are about the rest of your infrastructure, lose power and it's over. There are various laws, regulations, and international conventions that impact the protection of mission-critical networks. This chart, extracted from Libert Corporation's white paper titled Regulatory Compliance and Critical System Protection, details the specifics of each law or regulation and how losing power will impact your data center.

Regulation Relevant Requirements Power Implications
HIPAA Where patient data is recorded, stored or transmitted there must be a record of the change and an associated permission linked to a document that has been signed by the patient Power interruptions or disturbances can break the chain of integrity. Life safety data must be continuously available
FDA 21 CFR 11 Outlines criteria for accepting electronic records and signatures and for documenting and validating authroized change processes to systems and software involved in the creation of electronic documents Requires formal risk evaluation and compliance with "current good practices." Secondary power for manufacturing considered good current practice
SEC 17 CFR 240 Establishes controls and procedures for electronic securities transactions Power failures or disturbances can result in an organization being unable to verify the existence or accuracy of transaction histories
Sarbanes-Oxley Guidelines for corporate governance and oversight of accounting and audit practices as well as financial record retention Power interruptions or disturbances can break chain of integrity data
Basel II Provides direction for managing capital risk, supervisory interaction, and publich risk disclosure for large banks Power systems must provide protection across far flung enterprises
Gramm-Leach-Bliley Assure privacy of customer data for financial institutions Breaches of data security will result in regulatory scrutiny
Clinger-Cohen Act Regulates firms providing IT products and services to the U.S. government Requirements may emerge regarding data availability and security

Dig Deeper on Data center design and facilities

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.