The need to collect and store data, available for later processing and retrieval, is commonplace in modern society. Advancements in digital technologies and in mass storage technologies have permitted the development and deployment of sophisticated data storage and processing mechanisms whose construction and deployment provides for the collection, processing, and retrieval of data. Storage capacities of data storage devices have significantly increased over the years. And, such increase has been concomitant with an increase in realizable storage capacity with decrease in the costs of the storage mechanisms. Arrangements providing for storage of many terabytes of data, storable with redundancy, are readily realizable, permitting of large amounts of data.
The ability to store large amounts of data provides many conveniences and permits the speedy performance of many services, a large number of which were previously wholly unavailable and others of which were available only with significant levels of lag time. The capability of storage systems now to store large amounts of data, readily retrievable in a real-time manner, however, provides various security and privacy-related challenges.
The data, if not properly secured and permitting of controlled access, might be accessed by unauthorized parties and used in unauthorized, if not nefarious, manner.
Various regulatory entities, both governmental agencies and industry groups, have promulgated standards related to data storage and accessibility. The payment card industry (PCI) data security standard and the Health Insurance Portability and Accountability Act (HIPAA) are exemplary of promulgations that, amongst other things, set forth compliance standards relating to data security and accessibility. Compliance with the security and privacy requirements are sometimes burdensome. Administrative effort and costs are typically required for personnel of an organization to become cognizant of the specifics of the relevant promulgations and also to maintain proficiency as the promulgations change over time. And, additional costs are associated with implementing procedures that are in conformity with the compliance standards. The various costs are so significant that conformity with the compliance rules is difficult for an organization to ensure.
Knowledge of the rules of a compliance standard as well as equipment and procedures needed to be carried out to operate upon data in conformity with the compliance standards are generally similar for different organizations that deal in the same product or service area. While the costs associated with conformance with the compliance standard for a single organization might be overwhelmingly burdensome, sharing the compliance costs across a group of organizations would be less burdensome and more manageable. To date, however, no such scheme has been set forth.
It would be advantageous if a manner could be provided by which to provide a scheme by which more economically to permit an organization to conform to compliance standards pertaining to security and privacy of data.
It is in light of this background information related to data storage and manipulation that the significant improvements of the present invention have evolved.