Infinity Data Compliance

Today there are many regulations forcing companies to ensure that certain types of data and documents are preserved and protected from alteration or corruption for specified periods of time.

Some sectors like public sector, finance and healthcare are particularly subject to more stringent requirements. We can just name a few like HIPAA, SEC17a-4 and a good amount of European Union guidelines on data privacy issued in the last years.

Often this data is treated as legal evidence in case of litigation.

Infinity Data Compliance is an add-on module to Infinity Data Director that satisfies most of the requirements for data preservation by ensuring it cannot be modified (“secure” WORM, time-based and event-based) for the desired period of time, by verifying its integrity and by allowing auditing the operations done during the whole data lifecycle.

Infinity Data Compliance feature can satisfy most of the current regulations but, as an example, we list the requirements of one of the most common ones: the SEC17a-4.

We can summarize these requirements in a few main points:

  • Preserve the records exclusively in a non-rewriteable, non-erasable format.

  • Verify automatically the quality and accuracy of the storage media recording process.

  • Serialize the original and, if applicable, duplicate units of storage media, and time-date for the required period of retention the information placed on such electronic storage media.

  • Have the capacity to readily download indexes and records preserved on the electronic storage media to any medium acceptable. 

  • Store separately from the original, a duplicate copy of the record stored on any medium acceptable, for the time required

Infinity Data Compliance has been validated to satisfy all these requirements and thus adhere to the SEC17a-4 rule by independent auditors.

However, to achieve that, on top of the features provided by Infinity Data Compliance, there are some configuration restrictions that need to be kept into consideration. Compliance is not a “one click” but a result of many factors.

In addition, compliance achieved on disk storage that is directly under Infinity Data Director management can be extended to other storage system, like object storage, with selected partners.