policies to implement regulatory requirements 1
Review the Week 2 readings and the Red Clay Renovations company profile for background information before responding to this discussion question.
The company’s IT Governance Board has been tasked with developing a set of policies to address IT security requirements arising from
(a) PCI-DSS (credit card and transaction information)
(b) the HIPAA Security Rule (health related information)
(c) the “Red Flags” Rule (consumer credit information: identity theft prevention).
Choose one of the three sources of regulatory requirements listed above. Write a three paragraph briefing statement which summarizes the regulatory requirements as they apply to the company’s collection, processing, management, and storage of personal information about its clients. Your briefing statement should identify the specific types of personal information which are covered by the “rule” or “standard.”
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.
Links for Readings
https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2016/m-16-04.pdf
https://www.opm.gov/blogs/Director/cybersecurity-national-action-plan/
https://www.hsdl.org/?view&did=791802
https://www.hsdl.org/?collection&id=2724
https://csrc.nist.gov/projects/risk-management/detailed-overview
http://www.bankinfosecurity.com/glba-compliance-tips-for-building-successful-program-a-908/op-1
https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf
https://www.hsdl.org/?collection&id=2724
Please Include
- -Introduction to Briefing Statement
- -Analysis
- -Summary
- -Use of Authoritative Sources