If you are not familiar with the new compliance regulations, it’s time to take note. Europe (GDPR), Japan (APII), Singapore (PDPA), and recently California (CCPA) have announced sweeping regulations governing personally-identifiable information (PII).
The acronyms for these compliance regulations are almost as bad as the fines attached to them. Europe’s GDPR has fines starting at 10 million Euros or 2% of world-wide revenues—whichever is higher. These are non-trivial fines and would put many companies out of business.
Compliance: the time-based challenge
There are real problems with adhering to these regulations.
With GDPR, if an individual requests that their PII be forgotten, it could take days or weeks of work to erase that data from image-based backups. This is not an easy task – and multiply that by the number of requests that organizations are receiving! The time estimates to find this data and erase it are staggering.
And in many cases, the data cannot be accessed in image-based backups without mounting every previous backup. There could be thousands of backups over a period of years!
Adding to the complication of these compliance regulations is the fact that organizations have to provide proof that they have completed the removal of the requested PII.
Who makes up these regulations? It is certainly not system administrators who will have to deal with these issues.
The quick and simple compliance solution
ioFABRIC is a world-wide leader in data protection and compliance and has a software solution to find PII, erase it from image-based backups, and provide reports of the erasures.
Best of all, ioFABRIC Software delivers retention locks to add additional regulatory compliance and data protection against malicious acts and data loss.