REGULATORY COMPLIANCE AND LONG-TERM STORAGE OF DATA Dr Matthew Addis Arkivum Ltd WEBINAR
Jul 02, 2015
Trusted Advisor of Choice
►Solid State Solutions (S3)› Leading independent storage integrator
› Big data and virtualisation
› Consultative approach
› Flexible range of services
►Celebrating 25 Years› Solutions not products
› Focused and Skilled
› Support
› Enduring relationships
Trusted Advisor of Choice
►Cloud Services› Archive and preservation
› Backup and DR
►Managed Services› Offload day-day management tasks
› Predictable and controlled costs
►T3 Data Centre Space› Two locations
› Very secure and very efficient
Contents
• Review of requirements
• Challenges of data retention and access
• Approach and solutions
• How Arkivum can help
“Security is of key importance to our business, Arkivum’s A-Stor Pharma
service allows us to store our encrypted data for the long term in a cost
efficient way that is entirely scalable and reduces pressure on our internal
IT infrastructure.”
Dan Watkins, Oxford Fertility Clinic
Why keep digital data
• Regulation and compliance
• Intellectual Property
• Reuse
• Save money
• Better use of in-house resources
Regulatory Compliance
• Financial, HR, Communications, Health…
• Data Protection Act
• Freedom of Information
• Statutory legislation
• Regulatory bodies
• Recommendations and good practice
Medical records
DPA, FOI, Public Records Act, BS10008
and BIP0008, IG Toolkit, Retention
Periods (Part 2), Audit Trails (Annex D3)
GxP Regulations and Guidelines
• FDA 21 CFR Part 11
• EudraLex Volume 4 Annex 11
• OECD series on GLP
• MHRA GCP guide
The RDM challenge
Open Access, e.g. CC0
Legacy data
Commercial research
Personal data
Third-party data
Under development
No public repository
Low cost
• Way to cope with data growth
• Free up expensive resources
• Eliminate the ‘cost of loss’
High safety• Data reuse or regulatory compliance
• Data is immutable, replicated, managed
• Auditable integrity, authenticity, access
Easy access
• Quick to retrieve data when its needed
• Frequency: each year, not each second
• Speed: minutes, not milliseconds
Common requirements
Common outcomes
• Integrity and authenticity
• Confidentiality
• Usability / ready access / readability
• Responsibility
• Risk management and proportionality
Digital Preservation
“Digital information lasts forever -
or five years, whichever comes first."Jeff Rothenberg
Perpetual change
• Change costs money
• Change takes time
• Change introduces risk
• Change requires validation
• Change needs planning
• Change needs management
2,200 years
30,000 years
1,200 years
20 years
200 yearsEach new generation of technology:
1000x times denser
lasts 1/10th as long
Active Archiving
• Preservation best practice (diversity, intervention)
– Multiple copies in different locations
– Different technologies and different people
– Active management: migration, integrity
Ingest Queue
Access Queue
Replication and Repair Queue
Storage System 1 Storage System 2
Scrubbing and migration
Scrubbing and migration
Ingredients
• Skilled and trained people
• Validated processes and procedures
• Comprehensive risk management
• Specialist infrastructure
• Economies of scale
• Independent audit and validation
Arkivum service in a nutshell
SLA with 100%
data integrity
guaranteed
World-wide
professional
indemnity
insurance
Long term
contracts for
enterprise data
archiving
Fully automated
and managed
solution
Audited and
certified to
ISO27001
Arkivum’s Active Archive
A-StorDC
A-StorDC
Encrypted
VPN
A-Stor creates an encrypted
copy on the gateway and
copies to Arkivum’s
Data Centre One
A-Stor
A-StorDC creates the
second copy in Arkivum’sData Centre Two
A-StorDC creates the
escrow copy in the
Tape Vault
Once all three copies are
confirmed safe and secure
the original copy can
safely be deleted
Audit trails
• Essential in compliance applications
• Part of records management
• Digital preservation is an active process
• Good practice to record checks/interventions
Ready made exit plan
• Metadata and data on a file system
• Open standards and formats
• 3-way agreement on ownership/access
• Drive down costs and risks
LTFS
Purchasing Options
• Pre-agreed terms
• PAYG or Paid-Up for 5,10 or 25 years
• JANET connected
• Ingress or egress included
• Migrations and refreshes included
• Audits and certification included
• Escrow copy included
• DMP friendly
• Not just for research data
• Easy budgeting
Trusted Advisor of Choice
1 Prisma Park, Berrington AvenueBasingstoke, Hampshire, RG24 8GT
0870 7776111
We are here to help