Comply—Or Else!

By Aaron Goldberg  |  Posted 2004-03-15 Print this article Print

In application and system design, not enough attention is being paid to supporting critical compliance factors, Aaron C. Goldberg writes.

For the past few years, the big buzz in application and system design has been to "support business processes." Unfortunately, many organizations have a blind spot in a critical area of business processes: compliance. The focus in new application development has often been on workflow, information flow and user interaction. Not enough attention is being paid to supporting critical compliance factors. For example, as I discovered at a recent CIO roundtable in Boston, some new hospital patient record systems still dont have full compliance with HIPAA. And in the financial sector, I found that too many account management systems have no links to provisioning or identity management systems.

The bottom line is that many of the newest applications dont fully support business operations because they cannot meet requirements for compliance, audit and regulation. These applications will create more problems than they solve. The cost of retrofitting compliance is going to be far larger than building it in.

Merely stating that organizations need a compliance infrastructure built into IT systems doesnt create the budget to do it. Despite improving business conditions, budget dollars arent exactly raining from the sky. Some creative approaches may be needed.

One method of finessing the budget issue is to burden one of the larger new applications with the cost of key compliance infrastructure products that it will eventually need. For example, as an educational institution puts in a student information system, the ID management software and infrastructure is added into the cost of the project. This allows succeeding applications to use the same ID management tools for which one key application has paid.

In some cases, the project is too far along or the accountants too sharp-eyed for this to work. In those cases, some smart CIOs and senior IT professionals are building a cost into new systems that is combined with the "contributions" in the same area from other new applications, up to the point where enough funds are available to implement a complete solution. In this example, a group of three or four new applications can be "taxed" to pay for the implementation of a provisioning system that is essential to meeting privacy or information access guidelines for an entire organization.

Regardless of how an organization pays for them, compliance and regulatory reporting capabilities are a fundamental part of the business operations that IT must support. A CRM system must have a tracking system that covers who has access to customer records, just as much as it needs management tools that empower account managers who use the underlying information. Compliance and regulatory issues have arrived. Dont plan on them leaving any time soon.

Aaron C. Goldberg is vice president of Ziff Davis Market Experts. He can be reached at Free Spectrum is a forum for the IT community. Send submissions to

Check out eWEEK.coms Enterprise Applications Center at for the latest news, reviews, analysis and opinion about productivity and business solutions. Be sure to add our enterprise applications news feed to your RSS newsreader or My Yahoo page:  

Mr. Goldberg is a renowned analyst, columnist, and strategic visionary covering the computer and Internet industries. His point of view is well known for its succinct, realistic, and down to earth style. His ability to integrate the technology, market and human factors in forecasting high technology is legendary.

He has more than 22 years experience in understanding the product/channel/customer equation in these industries and has the unique ability to understand the inter-relationships among these factors. This allows Mr. Goldberg to uniquely present scenarios on industry and vendor directions that are uncannily accurate.

In his current role at Ziff-Davis, Mr. Goldberg is charged with developing comprehensive market analyses and building integrated marketing programs and customer development programs for Information Technology vendors. His ability to understand the dynamic between customers, products, services, and their usage trends enables him to build hard hitting, unique programs that deliver the results for tactical and strategic marketing programs. This position demands the ability to work with senior executives in these IT firms as well as key partners in the media world.

Mr. Goldberg is also charged with presenting key industry trends and research findings at major industry events and in various web sites and publications.

At the present time he is a regular contributor to ZDNet, and contributor for Upside Magazine, Wall Street Journal, Marketing Computers, and eWEEK.

Prior to his current role, Mr. Goldberg was Executive Vice President at Ziff-Davis Market Intelligence, building state of the art go-to-market systems for high tech vendors. He has also served as Chief Executive Officer of InfoCorp. Prior to Ziff-Davis, Mr. Goldberg was employed at International Data Corporation for 15 years. He worked in a number of positions, and ended his employment there as Senior Vice President of the Desktop Computing Group.

Mr. Goldberg received a BS degree from Bentley College in Marketing/Management, with directed studies in statistics and organizational behavior. He resides in Massachusetts with his family.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel