Individuals and customers should normally expect companies and health providers to protect personal information. Custodians of private information should protect it as they would any other asset. Personal information has great market value both to other companies and would-be thieves. Because of this value, numerous examples exist of companies opting to share, sell, or inadequately safeguard their customers’ personal information. The result has been two landmark pieces of legislation.
The purpose of the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA) is to make organizations responsible and accountable for protecting customer privacy data and implementing security controls to mitigate risks, threats, and vulnerabilities of that data. Both of these laws impact their industries significantly.
In this discussion, you will identify the similarities and differences of GLBA and HIPAA compliance laws, you will explain how the requirements of GLBA and HIPAA align with information systems security, you will identify privacy data elements for each, and you will describe security controls and countermeasures that support each.
Instructions:
Using your favorite search engine, search for information on the Gramm-Leach-Bliley Act.
Read about this act.
Next, research the privacy and security rules for the Gramm-Leach-Bliley Act.
Using your favorite search engine, research the compliance law HIPAA.
Read about this law.
Next, research the privacy and security rules for HIPPA.
Posting:
Discuss how GLBA and HIPAA requirements align with information systems security.
Discuss two privacy data elements for GBLA and two privacy data elements for HIPPA that are under compliance.
Discuss what the GLBA and HIPAA privacy rules have in common.
Discuss how the two are different.
Submission: