Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

10:30 AM
Connect Directly
RSS
E-Mail
50%
50%

Software To The Rescue For SOX And HIPAA

Still, technology is no substitute for knowledge for keeping in compliance with government regulations.

Pressure to get in line with government regulations is fueling a slew of new and enhanced compliance offerings from tech companies.

IPLocks this month released Database Security and Compliance Solution v6.0, an upgrade that includes templates for compliance reports for Sarbanes-Oxley and other regulations. Version 6 also includes features for documenting database system transactions, which are often requested during compliance audits.

IT Pays Back
Companies with the fewest number of regulatory infractions:
>> Spend at least 10% of their IT budget on security
>> Use IT to continuously monitor and analyze systems
>> Frequently conduct internal audits, monitor security
Data: IT Policy Compliance Group
Another vendor, Bioscrypt, last week said it will use fingerprint sensors from Upek for its biometric readers, designed to comply with a federal standard for ID verification. That standard also is the backbone of a regulation requiring agencies to issue all workers an electronic identity card for building access by Oct. 27.

Thornberry Ltd., meanwhile, says it will build Passfaces' user authentication technology into its NDoc information management system, used in the health care industry, to better protect patient data accessed by desktop and laptop users, in compliance with the Health Insurance Portability and Accountability Act.

A survey of more than 1,000 businesses conducted earlier this year by the IT Policy Compliance Group, formed by the Computer Security Institute, the Institute of Internal Auditors, and Symantec, shows that investments in IT security and monitoring help organizations avoid regulatory infractions (see box). Still, tech tools are no substitute for understanding the regulations that govern IT environments, says John Kirkwood, global information security officer for supermarket operator Royal Ahold. "A fool with a tool is still a fool," he says, adding that "regulators aren't buying the complexity argument." If there are issues concerning cost, operation, or implementation of a compliance strategy, Kirkwood says, "you're not doing it right."

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.