Study: Compliance Bodes Well for Storage Industry

Tuesday Jun 3rd 2003 by Clint Boulton

Study: Compliance Bodes Well for Storage Industry

A research firm specializing in covering the data storage industry says there are definite upsides to all of the red tape and heightened concerns behind accounting and other regulations in the market — about $6 billion worth of upsides.

Milford, Mass.-based Enterprise Storage Group has conducted a study on the impact regulatory compliance has on information management, and has determined that the market to exploit it could be worth as much as $6 billion for compliance-related storage products and services over the next 4 years.

This burgeoning market can be attributed in part to the exposure of corporate fraud that has shaken the core of the financial industry in the last few years. Cases like WorldCom, Enron, and Arthur Andersen come immediately to mind, and while there have been new financial reporting rules aimed at deterring corporate fraud – the Sarbanes-Oxley Act, for example – compliance also extends to the healthcare industry in the form of HIPAA (The Health Insurance Portability and Accountability Act) rules.

Enterprise Storage Group Senior Analyst Peter Gerr says a number of factors entered into the equation that led his research team to come up with the $6 billion figure. But two that stand out are the increasing abundance of information at a time when the digital age is replacing hard copy (or manual information dissemination), and managing the storage of information over the duration for which it must be saved under regulatory compliances, a term known as information lifecycle management.

"There are myriad ways to meet compliance regulations, but a common thread is through technological requirements," Gerr told "This doesn't apply to just the storage systems guys, but to other IT vendors as well. What's happening is more data is being created, and it needs to be managed. For example, when you consider HIPAA compliance, it calls for patient info to be kept from birth to age 21 — plus two years after their death. That means the hospitals can't throw the information away, and this requires some measure of storage, whether it be disk-based, tape, or optical."

Gerr also says hospitals may choose to move data from disk storage to less costly tape or optical systems, but the fact remains that there needs to be enough storage capacity in place — probably terabytes of date in the case of numerous patient records — to allow this. Still, Gerr estimates that compliant records stored on disks will increase at a compound annual growth rate of 172 percent between 2003 and 2006. In general, the worldwide capacity of compliant records will increase at a compound annual growth rate of 64 percent between 2003 and 2006, according to Gerr.

Page 2: Many Storage Vendors Behind the Curve on Compliance

Many Storage Vendors Behind the Curve on Compliance

In researching the report entitled "Compliance: The effect on information management and the storage industry," Gerr talked to a number of storage vendors and was surprised to see how few actually were familiar with compliance laws, some of which go back to 1934.

"Whether you're talking about information from 1934 or 2004, it still has to be stored digitally. 10 years ago in the pharmaceutical industry, people scribbled in notebooks, but now it's become increasingly computerized," reports Gerr.

This leads to another point about the faulty connection between compliance regulations and IT. Gerr believes that because compliance is not what one would call a traditional IT sale, a storage vendor representative could walk into a doctor's office, and a doctor would never have heard of companies such as VERITAS or Network Appliance , or even EMC .

However, he says, EMC is now well positioned because it has taken charge of meeting compliance needs of medical and financial fields. The Hopkinton, Mass business has what Gerr calls an ecosystem of partners. In one example, EMC has teamed with GE Medical and can walk into a doctor's office with a representative from that outfit, and the doctor will know GE Medical. This goes along way toward helping a storage vendor like EMC connect with folks bound by compliance rules.

To be sure, EMC has already addressed compliance storage needs. In April the firm launched a version of its Centera system with features tailored for compliance.

"EMC has done an exceptional job understanding regulations, and in spending time and energy to meet those regulations," Gerr says. "They have gone to market in a unique way by partnering with ISVs and application vendors who really control the sale to the compliance side. From a technology standpoint, they are not necessarily far ahead of other vendors, but from a time-to-market perspective they are, and it makes it more difficult for Network Appliance, Hitachi Data Systems , and StorageTek to follow on their heels."

Another interesting nugget, Gerr adds, is that companies who adhere to compliance are by and large technology-agnostic — they aren't devoted to one particular technology so long as it meets regulatory approval. Gerr believes the vendors who can bring compliant-tailored products and services to market fastest will be the ones most likely to succeed.

Sarbanes-Oxley addresses a different field altogether than HIPAA, but it is no less important, as accounting scandals have rocked the foundations of many businesses in the last few years. AMR Research said in a report early this month that public companies will spend up to $2.5 billion to comply with the Sarbanes-Oxley Act of 2002. The act requires executives and auditors to document and certify the effectiveness of internal controls and procedures related to financial reporting.

If that seems like a lot, it is. But it's just one of perhaps some 15,000 regulations Gerr says must be respected.

This story originally appeared on

Back to Enterprise Storage Forum

Mobile Site | Full Site
Copyright 2018 © QuinStreet Inc. All Rights Reserved