Survey Reveals Weak Compliance
Kroll Ontrack announced a global survey that showed that many companies fail to include data recovery as part of their compliance policies
November 20, 2007
MINNEAPOLIS -- Kroll Ontrack, a leading provider of data recovery products and services, today announced the results of a global survey* that showed that many companies fail to include data recovery as part of their companies’ compliance policies, potentially opening themselves up to dire business consequences. Despite the fact that 78 percent of respondents believe that data recovery is the most important component of a compliance plan, only 50 percent say it is part of their company’s compliance policy.
Regulations such as SOX, HIPAA, PCI, FACTA, etc., make it clear that companies have a responsibility to protect data and make significant attempts to retrieve data that has become compromised or lost. For a company, the consequences of non-compliance can be severe, potentially resulting in financial penalties, reduced stock value, loss of customer confidence and lost sales revenue. With that said, it is surprising that 46 percent of respondents said they were not sure if their company even had a general policy to comply with the applicable regulations.
Furthermore, given the potential consequences, it is startling that nearly half of respondents, 43 percent, said they don’t believe their companies test their backup systems to ensure data can be produced if needed. Because natural disasters (i.e. the San Diego fires and Hurricane Katrina), human error, and software and hardware malfunctions are unpredictable, this finding reveals that critical electronic data is in jeopardy of being lost and potentially unrecoverable.
“While data recovery is becoming increasingly synonymous with disaster recovery plans, this survey reveals that data recovery has not yet been deemed a critical component of all compliance policies,” said Jim Reinert, vice president of data recovery and software products for Kroll Ontrack. “Given the vast number of information-oriented regulations that have been enacted, companies should ensure a preferred data recovery provider is part of their compliance plan in case a data loss situation ever ensues. The risk of neglecting to do so is too high.”
Kroll Ontrack Inc.
Read more about:
2007You May Also Like