Magazine article Risk Management

The Future of Wireless Compliance

Magazine article Risk Management

The Future of Wireless Compliance

Article excerpt

President Obama made headlines with his decision to become the first sitting president to actively use a smartphone while in office. And as his IT staff works to ensure that his smartphone meets the strictest compliance standards available to avoid leaking data or violating federal regulations, an important question comes to mind: Why should mobile compliance--and reducing the risk of violating the law--be for presidents only?

Under law, the president must comply with the Presidential Records Act, which requires the National Archives to preserve presidential records. All of President Obama's nonpersonal smartphone communications--email as well as texts, instant messaging, MMS, WEBmail or BlackBerry PIN-to-PIN messages--fall under this requirement.

That may sound like a burden, but bear in mind that the business world must comply with a far more demanding alphabet soup of compliance requirements that now apply to wireless messaging. Sarbanes-Oxley requires all publicly traded companies to keep detailed records of communications. The Financial Industry Regulatory Authority (FINRA) is the largest independent regulator for securities firms doing business in the United States and is considered the voice of the SEC and the National Association of Securities Dealers (NASD). In December 2007, FINRA issued expanded regulations that specifically require securities firms to monitor, control and archive any form of electronic communications, including all forms of wireless messaging.

The list goes on. NASD, SEC and the Gramm-Leach-Bliley Act require financial services companies to adhere to stringent privacy standards. In health care, HIPAA regulations require health-care institutions to ensure patient privacy and prevent data leaks. High-profile violations include an incident when George Clooney's hospital visit was leaked to the media via a nurse's text message.

So what do CTOs and CIOs think about these requirements? Many assume that since mobile e-mails typically go through a BlackBerry Enterprise Server (BES), their pre-existing desktop compliance and archiving software will take care of compliance for them. Few fully appreciate the importance and penetration of new forms of mobile messaging at work. Many are unaware that compliance rules even apply to mobile messaging aside from e-mail. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.