Compliance with a long list of industry and federal regulations designed to keep sensitive customer data safe is chief among CIO worries. Regulations like PCI, Sarbanes-Oxley, HIPAA and others can add to the daily stress many CIOs often already feel working within a constantly shifting environment. And high-visibility data breaches like the one that recently occurred at the federal Office of Personnel Management mean more regulations are likely coming in the near future.
Corporate conundrum
Failure to meet rules and guidelines set by compliance standards can have big consequences. Fines, penalties and loss of trust are just a few of the repercussions CIOs may face should they take their eyes off the compliance ball.
At the same time, today’s mobile, app-filled world is making compliance increasingly difficult. Social media, Big Data and cloud computing may be revolutionizing customer interactions, but they are also making regulation compliance an increasingly difficult task — as CIOs often have less control over data and how and where employees and customers utilize it.
The growth of cloud computing complicates matters even further. Depending on where data is physically stored off-premises, it may fall under different regulations than it would when stored on-premises. This is especially true for companies that offer cloud storage solutions where data is actually stored in other countries. Today, many questions remain regarding the legal reach of local regulations on data stored out of region.
Trying to keep on top of regulations can take a toll on a businesses and their CIOs. Ensuring regulation compliance can require a dramatic amount of resources that companies might otherwise use to improve their ability to react to the needs of customers, or to grow the business. Cost can be a major factor as well. Even a minor regulatory change can potentially cause a ripple effect through an organization’s budget.
Given this scenario, CIOs must work to balance their strategic business and IT priorities with regulatory requirements. Some organizations have developed guides to help CIOs figure out how to best manage compliance regulations. But as long as technology advancements continue at an exponential pace, consumer habits shift, and new business models emerge, more regulations are likely to arise, making compliance a challenge for the foreseeable future.
Regulator response
On the other side of the coin, today’s environment is also tough on regulators — the officials charged with helping protect consumer privacy and keeping a pulse on emerging technologies that may threaten it.
A new report from GovLab — Deloitte Consulting LLP’s federal think tank and innovation center — takes an interesting look at the challenges modern regulators face. The report contends that regulators must modernize their practices and increase efficiency in order to keep up with today’s rapidly changing technology environment.
But perhaps most importantly, regulators need to strike a balance between protecting citizens and fair markets without impeding innovation.
