News Stay informed about the latest enterprise technology news and product updates.

New regulations spur IT spending, headaches

A number of new laws may promote good business practices and fuel spending. But a few IT pros find them aggravating and, sometimes, downright unnecessary.

Thank the Enron and WorldCom scandals for the tough new disclosure regulations handed down this year by the federal government. As a consumer, you might welcome the tighter restrictions, but as an IT pro, the changes probably feel more like a stranglehold.

Yet it's not just new rules required by the Sarbanes-Oxley Act, which seeks to ward off accounting misdeeds, that have IT managers in a dither. From legislation such as the "do not call" list, which has forced marketers to rethink how they solicit consumers, to the threat of VoIP regulation, to the privacy requirements demanded by the Health Insurance Portability and Accountability Act (HIPAA), American IT departments are faced with numerous new rules that will have a huge impact on businesses well into the New Year.

Here're a few that have IT managers reaching for the Tylenol.

The Sarbanes-Oxley Act

U.S. companies are expected to spend more than $2.5 billion to comply with new accounting rules detailed by the Sarbanes-Oxley Act, with a significant chunk going to IT projects -- and some experts say that's just the tip of the iceberg. The law is intended to make companies' business practices more transparent to investors and regulators. As the Sarbanes-Oxley deadlines loom, companies are scrambling to update their business systems with new reporting and compliance solutions, which could spur more corporate IT spending.

Compliance fears exaggerated, report says

Security and Sarbanes-Oxley

SEC Rule 17a-4

At the center of the compliance regulatory hoopla is SEC Rule 17a-4. Rules regulating the management of business documents are not new. The government has required businesses to maintain business records for some time. What's different now is that electronic records, such as e-mail and instant messages, are part of those regulations. Consequently, the sheer volume of data that needs to be archived is daunting. The job is overwhelming, or at least a pain in the neck, users say. But stiff fines for businesses not in compliance have got many IT departments scrambling to get things in order.

Businesses fail to meet SEC rules on e-mail archiving, risk fines, imprisonment

E-mail archiving market to burst open as vendors pile on

'Do not call' list

Is it a lot more quiet around your house during dinnertime? The national "do not call" list essentially put the nix on telemarketers calling consumers at dinnertime, or anytime, for that matter -- if the consumer is part of the "do not call" registry. Hung up in courts for a while, the law is now in effect and forcing companies to look for other ways to get people to buy their products, specifically by marketing to people when they make inbound calls to the company.

D-day for 'do not call'


The federal government is taking a crack at regulating unwanted e-mail with a new national law that takes effect Jan. 1. Already critics are having a field day with it. While the Can-Spam law gives the feds the ability to create an antispam registry, even the FTC's chairman admits that such a list would be nearly impossible to enforce. Marketers can flee offshore to dodge penalties. Plus, the national law supersedes tougher state regulations, like an antispam measure passed in California.

Analyst: Firms must follow spirit of antispam law

VoIP regulation

Viewed by some as an unnecessarily heavy-handed regulatory stance toward voice over Internet Protocol (VoIP), the proposed FCC regulations are not popular among wireless provides. Critics contend that any regulation would stifle innovation, boost costs and protect traditional phone companies from the challenge that low-cost or free Internet calling service could bring. Unfortunately, the biggest challenge to the total adoption of VoIP isn't the complex technology, or the lack of experienced implementers. It's regulatory hoopla. VoIP is illegal in an astonishing number of countries, while the rest are mired in enough red tape to cut into or negate the cost savings.

Former FCC chairman blasts agency's 'suspicious' VoIP actions

Get to know VoIP regulations

Wireless number portability (WNP)

This piece of legislations lets cell phone users in the country's 100 largest markets switch cell phone service providers while keeping their phone numbers. But the new law is plagued by controversy and criticism -- particularly for wireless telcos. The law means huge technology investments for carriers. The cost to the industry could be as much as $1 billion just to make portability a reality across networks, and $500 million a year to support it.

The new churn concern


More painful than a shot in the rear, health care providers are now required to comply with the data collection and privacy portion of the Health Insurance Portability and Accountability Act (HIPAA). HIPAA establishes standards and requirements for securing patient information. Although compliance could be an ongoing battle for many health care and insurance providers, some experts say the HIPAA rules simply legislate good business practices.

HIPAA legislates good business practices

The USA Patriot Act

The USA Patriot Act was passed in response to the September 11 terrorist attacks. In essence, the act gives federal law enforcement officials speedier access to private communications, like e-mail and phone conversations. As more tenets of the act come into effect, more concerns are being raised about the potential for government abuse and loss of civil liberties, and more questions are being raised about the act's ability to prevent terrorism. The issue has presented ethical as well as technical dilemmas for privacy and security officers.

The USA Patriot Act: A matter of too much security?

FOR MORE INFORMATION:'s compliance guide

Dig Deeper on Risk and compliance strategies and best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.