What is compliance?
Organizations must meet industry-wide government requirements for data management, including storage, archiving, encryption, and retrieval.
These requirements are intended to prevent data theft and preserve consumer privacy. They often mandate specific controls, corporate compliance programs, audits, public disclosures (“notice of breach”), and stiff penalties – from fines to prison time – for noncompliance.
If your organization falls victim to a security breach and you can’t prove that you were in compliance when it happened, you will be considered negligent. In addition to fines or criminal prosecution, you could face lawsuits, negative publicity, and loss of business.