Data Retention Compliance
Sustain compliance with systematic and repeatable processes
The pervasive use of information technology in businesses has generated an unrelenting flow of data. The associated challenge is to ensure that electronic records of business activities are captured, retained, and managed in a way that complies with a wide variety of regulations. While heavily regulated industries such as pharmaceuticals and medical devices have faced these requirements for decades, new laws are bringing data protection and retention issues to all types of businesses.
The FDA mandates that a pharmaceutical company must retain batch records and other quality data in its original business context for a certain period of time. The SEC calls for organizations to store business documents for stipulated periods. HIPAA has a number of guidelines for document retention and security. Clearly, compliance requirements are coming from many directions. Companies are quickly recognizing the increasing risks and costs of not abiding by the laws that affect data protection, retention, and security. They are looking for ways to reduce the risk associated with managing growing and disparate forms of data, and to meet the requirements for regulatory compliance and corporate governance.
MetricStream Data Retention Compliance Management Solution enables consistent and cost-effective management and retention of data and documents. Built on MetricStream Enterprise Compliance Platform, the solution provides a robust data repository for holding operational data from systems that are being retired, and making the data accessible for audits.
Data Migration and Storage: MetricStream enables data migration based on powerful and flexible adapters called Infolets that extract relevant data from retiring systems and load it in the MetricStream repository. Flexible templates and classification criteria ensure that the original format and context of the data are preserved.
Data Lifecycle: Review and approval processes around data lifecycles are driven by workflows defined at the organizational level. Upon completion of the retention period, an approval workflow is triggered to ensure that the document and data cannot be deleted unless the approval process is completed.
Security and Access Controls: The MetricStream solution provides secure document access with centrally managed policy-driven controls. The system also provides accurate time-stamped audit trails. An electronic signature capability based on robust authentication and authorization infrastructure ensures compliance with regulations such as FDA 21 CFR Part 11.
Reports and Metrics: The MetricStream solution provides transparent access for authorized users to older operational data from any desktop in the organization. Graphical executive dashboards and flexible reports with drill-down capabilities provide statistics and data by a variety of retention parameters such as document type, status, audit history, retention time, and usage summary.