Encyclopedia of Database Systems

2018 Edition
| Editors: Ling Liu, M. Tamer Özsu

Regulatory Compliance in Data Management

  • Radu SionEmail author
  • Sumeet BajajEmail author
Reference work entry
DOI: https://doi.org/10.1007/978-1-4614-8265-9_305


Regulatory compliance in data management refers to information access, processing, and storage mechanisms designed in accordance to regulations. For example, in the United States, health-related data falls under the purview of the Health Insurance Portability and Accountability Act (HIPAA). Any associated healthcare data management systems need to be compliant with HIPAA requirements, including provision of data confidentiality and retention assurances. Such compliance has potential for far-reaching impact in the design of data processing systems.

Historical Background

In recent times, the increasing collection and processing of data have raised several concerns regarding data confidentiality, access, and retention. Driven by the concerns, regulators have enacted laws that govern all facets of data management. In the United States alone, over 10,000 regulations can be found in financial, life sciences, healthcare, and government sectors, including the Gramm-Leach-Bliley Act,...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Bajaj S, Sion R. Trusteddb: a trusted hardware based database with privacy and data confidentiality. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2011. p. 205–16.Google Scholar
  2. 2.
    Bajaj S, Sion R. CorrectDB: SQL engine with practical query authentication. In: Proceedings of the 39th International Conference on Very Large Data Bases; 2013.CrossRefGoogle Scholar
  3. 3.
    Bajaj S, Sion R. HIFS: history independence for file systems. In: Proceedings of the 20th ACM Conference on Computer and Communications Security; 2013.Google Scholar
  4. 4.
    Benjamin CM, Fung KW, Chen R, Yu PS. Privacy-preserving data publishing: a survey of recent developments. ACM Comput Surv. 2010;42(4): 14:1–53.Google Scholar
  5. 5.
    Cederquist JG, Corin R, Dekker MAC, Etalle S, den Hartog JI, Lenzini G. Audit-based compliance control. Int J Inf Secur. 2007;6(2):133–51.CrossRefGoogle Scholar
  6. 6.
    Diesburg SM, Andy Wang An-I. A survey of confidential data storage and deletion methods. ACM Comput Surv. 2010;43(1):2:1–37.CrossRefGoogle Scholar
  7. 7.
  8. 8.
    Gennaro R, Gentry C, Parno B. Non-interactive verifiable computing: outsourcing computation to untrusted workers. In: Proceedings of the 30th Annual Conference on Advances in Cryptology; 2010. p. 465–82.CrossRefGoogle Scholar
  9. 9.
    Gentry C. Fully homomorphic encryption using ideal lattices. In: Proceedings of the Annual ACM Symposium on Theory of Computing; 2009. p. 169–78.zbMATHGoogle Scholar
  10. 10.
  11. 11.
    IBM. IBM system storage n series with open system snapvault. http://www-03.ibm.com/systems/storage/network/software/.
  12. 12.
    IBM 4764 PCI-X Cryptographic Coprocessor. Online at http://www-03.ibm.com/security/cryptocards/pcixcc/order4764.shtml.
  13. 13.
    Li T, Ma X, Li N. Worm-seal: trustworthy data retention and verification for regulatory compliance. In: Proceedings of the 14th European Conference on Research in Computer Security; 2009. p. 472–88.CrossRefGoogle Scholar
  14. 14.
    Network Appliance Inc. Snaplock compliance and snaplock enterprise software. http://www.netapp.com/ us/products/protection-software/snaplock.aspx.
  15. 15.
    Oracle. Storagetek 5320 nas appliance. http://docs.oracle.com/cd/E19783-01/index.html.
  16. 16.
    Quantum Inc. Dltsage: Write once read many solution. http://www.quantum.com/products/tapedrives/dlt/dltsageworm/index.aspx.
  17. 17.
    Schneier B, Kelsey J. Secure audit logs to support computer forensics. ACM Trans Inf Syst Secur. 1999;2(2):159–76.CrossRefGoogle Scholar
  18. 18.
    Zhu Q, Hsu WW. Fossilized index: the linchpin of trustworthy non-alterable electronic records. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2005. p. 395–406.Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Stony Brook UniversityStony BrookUSA