Week 3L Policy Mandates US vs European Approaches to Privacy Laws

docx

School

Prince George's Community College, Largo *

*We aren’t endorsed by this school

Course

413

Subject

Business

Date

Nov 24, 2024

Type

docx

Pages

2

Uploaded by seth7up.sf

Report
CSIA 413 Week 3 Discussion: Policy Mandates: US vs European Approaches to Privacy Laws US vs. European Approaches to Privacy Laws One may assume that the EU and US have taken similar approaches to data protection and privacy. However, this is not exactly the case. In May 2016, the European Parliament approved the General Data Protection Regulation (GDPR), a set of laws and regulations safeguarding the privacy and data of all European Union (EU) members. The GDPR is self-proclaimed as being the “toughest privacy and security law in the world” (GDPR.EU, n.d.) Under GDPR, organizations failing to comply face fines determined by the severity of the violations. Overall, the most egregious offenses can result in fines up to €20 million or 4% of the global revenue. Additionally, citizens are afforded the right to seek legal compensation for any violations of the GDPR. Three critical GDPR concepts relevant to Red Clay, which will be discussed further, include privacy by design, the right to be forgotten, and the right to be informed. Privacy by design is the idea that privacy is directly implemented through secure technologies. This could encompass many things, such as the use of security apparatuses (firewalls, SIEMs, etc.) at Red Clay. This could also include secure coding practices or using software such as Data Loss Prevention. Additionally, ensuring only those employees who have a need to collect or access private information should be the ones who can view it. For example, there isn’t a need for the janitor at a Red Clay office to be able to access and view private information that has nothing to do with janitorial services. Prevention of this can be done through the implementation of access controls and encrypting data at rest to prevent unauthorized persons from viewing private data. The guidelines for the ‘Right to be Forgotten’ are simple. Companies must immediately erase private data when said data is no longer needed to accomplish it’s stated collection purpose, or in other words the data is no longer useful. Additionally, the data must be erased upon request of the party in which the data is collected from. There are certain caveats to this, such as if the data that is requested to be erased can be used in legal proceedings, or if the requested party hasn’t proven themselves to be the legitimate individual which the data pertains to (GDPR- Right to be Forgotten, n.d.). It is recommended that Red Clay implement similar stipulations and practices outlined by the GDPRs Right to be Forgotten guidelines. The ‘Right to be informed’ is another principle that the GDPR provides guidance on. The Right to be Informed provides guidelines on what businesses must do to inform customers on what data is being collected and how it is being used, stored, and with whom the data is being shared and why. The GDPR states that the “person must be immediately informed” (GDPR-Right to be Informed, n.d.). Furthermore, the right to be informed will provide customers with the knowledge of how long data will be kept in storage, provides awareness of the right to withdraw consent of data collection and storage, and provides the point of contact for the data protection officer. That are many actions that Red Clay should take in order to mirror our efforts with those outlined by the GDPR. Firstly, implementing a secure network architecture through the use of hardware and software (Firewalls, SIEM, DLP) can greatly affect Red Clay’s ability to follow “Privacy by Design” principles. Red Clay should also implement a Privacy Notification and Policy when collecting users private data. This will make users aware of what data is collected, why, for how long it will be retained, and will also make them aware of their right to withdraw consent. Red Clay should also implement the concept of least privilege for all employees. This can aid in the prevention of unauthorized access to private information stored on Red Clay’s servers. Lastly, Red Clay should establish procedures for the destruction of private data, along with making customers aware of their rights to know how this is being accomplished.
References Right to be forgotten . General Data Protection Regulation (GDPR). (n.d.-a). https://gdpr-info.eu/issues/right-to-be- forgotten/ Right to be informed . General Data Protection Regulation (GDPR). (n.d.-b). https://gdpr-info.eu/issues/right-to-be- informed/ What is GDPR, the EU’s new Data Protection Law? GDPR.eu. (n.d.). https://gdpr.eu/what-is-gdpr/ Reply to Thread
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Punto de equilibrio.pdf
Autoevaluación N°4_ revisión de intentos.pdf
BMM3103_assessment.docx
module 10.docx
TOO GOD TO GO[1].docx
21.pdf
Beniamin Calin Bp.docx
saudi arabia.odt
actividad 9 Legislacion tributaria.docx
prueba-1-investigacion-cualitativa.pdf
FST 211 - 23F - Assignment 3 - Food Allergens Infographic - Rev. 03.pdf
What is reversing an outsource offshore decision known a2.docx
Recommended textbooks for you
Text book image
BUSN 11 Introduction to Business Student Edition
Business
ISBN:9781337407137
Author:Kelly
Publisher:Cengage Learning
Text book image
Essentials of Business Communication (MindTap Cou...
Business
ISBN:9781337386494
Author:Mary Ellen Guffey, Dana Loewy
Publisher:Cengage Learning
Text book image
Accounting Information Systems (14th Edition)
Business
ISBN:9780134474021
Author:Marshall B. Romney, Paul J. Steinbart
Publisher:PEARSON
Text book image
Introduction to Business
Business
ISBN:9781947172548
Author:OpenStax
Publisher:OpenStax College
Text book image
International Business: Competing in the Global M...
Business
ISBN:9781259929441
Author:Charles W. L. Hill Dr, G. Tomas M. Hult
Publisher:McGraw-Hill Education
Text book image
Bcom
Business
ISBN:9780357026595
Author:LEHMAN, Carol M.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
BUSN 11 Introduction to Business Student Edition
Business
ISBN:9781337407137
Author:Kelly
Publisher:Cengage Learning
Text book image
Essentials of Business Communication (MindTap Cou...
Business
ISBN:9781337386494
Author:Mary Ellen Guffey, Dana Loewy
Publisher:Cengage Learning
Text book image
Accounting Information Systems (14th Edition)
Business
ISBN:9780134474021
Author:Marshall B. Romney, Paul J. Steinbart
Publisher:PEARSON
Text book image
Introduction to Business
Business
ISBN:9781947172548
Author:OpenStax
Publisher:OpenStax College
Text book image
International Business: Competing in the Global M...
Business
ISBN:9781259929441
Author:Charles W. L. Hill Dr, G. Tomas M. Hult
Publisher:McGraw-Hill Education
Text book image
Bcom
Business
ISBN:9780357026595
Author:LEHMAN, Carol M.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS