6-3 Project Two Submission - Legal and Ethical Recommendations Brief

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

260

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by SuperKoala931

Report
1 6-3 Project Two Submission: Legal and Ethical Recommendations Brief Chris Lawton Southern New Hampshire University CYB 260: Legal and Human Factors of Cybersecurity Prof. Aaron Dozier October 8, 2023
2 Our partnership with Helio Health Insurance was a success and I look forward to the opportunities for growth that this partnership will provide. The first order of business is to address some of the critical elements that come with such a partnership. The two main elements I would like to address for recommendations are a proper approach to protecting data privacy for our customers – as well as an approach to ensuring that data is protected. First, I will discuss an approach to protecting data privacy for our customers. Our customers have the option to provide us with sensitive information that needs to stay private such as name, address, phone number, date of birth, and private health information – we must take all measures to ensure it stays private. To ensure data stays private, one measure to take would be to minimize the data collected. Only asking for necessary information and allowing a customer the freedom to modify or delete any data provided could help lead to keeping data as private as possible. Our privacy statement does a good job at outlining the fact that customers will have the ability to adjust any information and have the choice on what information Access management for who is allowed to view the collected data within Fit-Vantage and Helios Health Insurance will also help to provide greater data security as it will help to minimize the risk of the data being viewed by people within the organization that should not be able to. Having a privacy policy in place that covers these approaches as well as providing proper training on said policies can help to stay compliant with HIPAA laws to prevent any sort of legal issues that could arise from not handling sensitive health information properly. Ensuring data security is very important to keep the customers’ trust in our business and how we handle their data. The first approach to take would be to ensure all data collected is immediately encrypted. This can help to prevent any ease of access for unauthorized individuals. This is also required under HIPAA law so it would be a step in staying compliant and preventing
3 any legal issues. Another approach to consider would be to require our customers to utilize multi- factor authentication. This could come in the form of sending a text with a code text message to log in or utilizing some sort of authentication app that would give a randomly generated code that resets every few seconds. Multi-factor authentication is a great step towards ensuring data security is at its highest. As outlined in our core values, we pride ourselves on investing in every customer. To invest in every customer properly, we must gain their trust, take proper precautions with their data, and ensure its privacy. It is my opinion that no customer should have to provide any data they are not comfortable with. It is our responsibility to still provide our customers with the best possible experience with our products with whatever information they decide to provide and not limit their experience. It is vital to an organization’s growth to stay ethical in how data is collected and used. It should be a top priority to ensure the security-enhancing safeguards outlined above are taken into consideration.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
4 References 9 Data Security Best Practices for Your Enterprise . (n.d.). https://www.loginradius.com/blog/identity/data-security-best-practices/ Lau, V., & Lau, V. (2023). HIPAA Encryption: Requirements, best Practices & software. Kiteworks | Your Private Content Network . https://www.kiteworks.com/hipaa- compliance/hipaa-encryption/#:~:text=Does%20HIPAA%20require%20encryption %3F,disk%2C%20USB%20drive%2C%20etc.

Related Documents

6-1 Discussion - Cybersecurity Awareness and Training.docx
CYB 230 Module Five Lab Worksheet.docx
CYB 230 6-2 Project Two - Server Configuration Verification Report.docx
7-1 Final Project Submission - Cyber Defense and Emerging Trends Paper.docx
7-2 Project Two - Recommendations Report.docx
5-2 Short Response - Breach Analysis Simulation Two.docx
2-3 Short Response - Breach Analysis Simulation One.docx
CYB 240 Module Two Lab Worksheet.docx
ITT-380 Public Key Infrastructure (PKI) for Payment Card Industry Data Security Standard (PCI-DSS) C
CYB 230 Module Three Lab Worksheet.docx
PD202 Unit 5 Network Mind Map Worksheet (2) (1) (1).docx
Concept quiz 9-2.docx