IBM and the Sarbanes-Oxley Act of 2002

There's a rumble going on in the document-management space.

February 27, 2004

1 Min Read
Network Computing logo

IBM's TotalStorage Data Retention 450 embeds Tivoli Storage Manager for Data Retention on IBM's own eServer p615, in a secure cabinet. The 450 comes with tape-drive support for either the 3590 or LTO (Linear Tape Open) product family. It aims to protect data integrity and enforce retention policies. Policy-based retention rules let enterprises keep data forever or for a set time. Upon an event or expiration date, data can be automatically archived or destroyed. The product even has a handy "hold" button to interrupt policy enforcement and retain all data if an official investigation or civil litigation is threatened.

This all seems like a sound approach to data retention. But you need more than a retention plan to comply with laws like Sarbox and HIPAA (Health Insurance Portability and Accountability Act). You also must limit access to records by user, group or role and leave an audit trail of all activity. For that, you must add a documents- or records-management product such as IBM's E-Records Manager, on top of spending $150,000 or so for the 450, to achieve a complete solution.

Post a comment or question on this story.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights