HIPAA & Sarbanes-Oxley Compliance
HIPAA compliance is intended to improve access-to and portability-of patient health records while maintaining strict privacy and security. Specifically it requires compliant backup practices to ensure the security and confidentiality of patient records.
Sarbanes-Oxley requires that strict records retention policies and procedures must be in place; data retention of up to 7 years for some companies.
Under Section 404 of Sarbanes-Oxley, publicly traded companies must have policies and controls in place to secure, document, and process material information dealing with their financial results.