Assignment Objectives:
Describe the laws and regulations involving security and privacy in business sectors.
Describe the HIPAA security and privacy requirements.
Purpose:
Different business sectors have different laws and regulations governing the security requirements for that business sector. Many of the security requirements are the same or very similar, while some vary based on the business sector being addressed. Business managers and leaders and security professionals must become familiar with the laws and regulations that govern their business sector.
Assignment Description: HIPAA and GLBA
The Health Insurance Portability and Accountability (HIPAA) defines the security and privacy requirements for health care organizations and the Gramm-Leach-Bliley Act (GLBA) covers security and privacy requirements for Financial organizations. It is important to become familiar with the similarities and the differences between the laws and regulations that govern these business sector and understand how the security and privacy concepts addressed in these regulations can apply to other business sectors as well.
Write a 3-4 page paper in which you:
Describe the basic security and privacy requirements of HIPAA.
Describe the basic security and privacy requirements of GLBA.
Summarize how these security requirements are similar and how they are different for each business sector
Assess how an understanding of these security requirements can be beneficial to organizations that do not fall under HIPAA or GLBA.
Assess and determine the effectiveness of these laws and regulations in providing the needed security control requirements for organizations.
Address what need to change in order for them to be more effective.