General discussion

Locked

The DR plan should consider regulations

By editor's response ·
Tell us what you think about Mike Talon's advice on considering the organization's regulatory statutes when constructing the DR plan, as featured in the Oct. 1 Disaster Recovery e-newsletter. Have regulations helped or hindered your DR possibilities?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

No duh!

We do a lot of work in regulated industries, and there are multiple sets of regulations to consider. For example, for pharma, not only do you have to be able to prove data integrity for the FDA, but as a publicly-traded company, there are SEC requirements for DR plans and how long certain systems can be offline.

IT is the infrastructure of the business, and must conform to the reqt's of that business -- anyone who doesn't understand that can create massive liabilities.

Collapse -

Questions

by mis In reply to No duh!

Regulations sure, but which ones pertain to which companies? I know we must be compliant to something but finding those regulations has been a pain. We are a privately held company, which removes us from the SEC, we are not in the health care world ? no HIPAA. We are a call center that also houses data for the companies whose products we sell, who regulates us? The lawyers in this area are of no help (small town). Queries on the internet have not been successful at uncovering the answer.
Who is liable for failure to comply, owner? MIS Director? Network admin?

Collapse -

Some answers, but not all

by MikeTalonNYC In reply to Questions

In this case, I would strongly suggest you find a legal advisor, even if it means you look beyond your small town to do it. Failure to comply with regulations could lead not only to fines, but to litigation if you lose data due to something that following the regs could have avoided.

Responsibility also is something that only a properly trained legal advsior can define for you.

Especially in your industry, where you may be required to comply with regs from the industries of your customers as well as your own, I cannot stress enough that you should seek professional advice from a legal advisor as soon as possible.

Mike Talon
miketalonnyc@yahoo.com

Back to IT Employment Forum
3 total posts (Page 1 of 1)  

General Discussion Forums