Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Competencies

Please see attached details

DAT 250 Project Two: Organizational Scenarios

Scenario A: AmityTech Solutions (CCPA and GDPR)
AmityTech Solutions is a well-established technical management company based in North America,
providing comprehensive data management services to businesses across various industries. AmityTech
specializes in offering secure data solutions, robust server infrastructure management, and proactive
cybersecurity measures for its clientele, which spans both the United States and Ireland.

In addition to its core services, AmityTech aggregates anonymized data to create consumer profiles for
targeted advertising. These profiles are strictly segregated from the company’s regular data storage
operations to maintain client confidentiality and ensure compliance with privacy regulations. Currently,
AmityTech manages a database of approximately 300,000 individual consumer profiles.

Despite differentiating between its service offerings, AmityTech encountered a significant breach of
client data due to lapses in compliance procedures. An internal audit revealed that scheduled
compliance audits had not been completed for three consecutive nine-month cycles. A compliance
auditor was also found to have falsified documents and violated security protocols by introducing
personal storage devices (phones and external hard drives) into secured areas. This led to concerns
about a data breach that could have impacted thousands of client accounts. The company must consider
GDPR and CCPA, given where they operate their businesses. There are no required industry standards
regarding how AmityTech should respond from a legal, ethical, or technical standpoint.

Upon discovering the errors and risk of a breach, the issue escalated to senior management, culminating
in a direct meeting with the organization’s owner. The owner and AmityTech’s senior leadership team
ordered the development of a new security protocol to address the current incident and prevent future
occurrences. The leadership also wants recommendations on whether public notice should be given
about the breach and asked for advice in this area.

Scenario B: MediGuard (HIPAA)
MediGuard is a specialized healthcare data management company that partners with hospitals and
healthcare facilities across the United States to provide secure data storage, electronic health record
(EHR) management, and technical support services. With a strong emphasis on patient privacy security,
MediGuard is responsible for compliance with the Health Insurance Portability and Accountability Act
(HIPAA). One of MediGuard’s primary responsibilities is to host and manage EHR systems for its
hospitals, ensuring the availability, integrity, and confidentiality of patient records while adhering to
HIPAA regulations. Additionally, MediGuard collects and stores a wide range of patient data, including
medical histories, treatment plans, diagnostic test results, and billing information.

Despite stringent security protocols, a breach occurred due to lapses in compliance procedures within
the hospital setting, raising concerns about potential HIPAA violations. An internal audit revealed that
scheduled security assessments and data audits had not been conducted as per protocol, leaving
vulnerabilities undiscovered for at least four months. The supervisor who realized this promptly
escalated the issue to senior management at both MediGuard and the hospital administration.
Recognizing the seriousness of the situation and the implications for HIPAA compliance, the CEO of
MediGuard convened a meeting with hospital leadership to address the breach and mitigate its impact
while ensuring current and future adherence to HIPAA regulations.

In response to the breach, MediGuard has been ordered to propose and administer a response for their
hospital partner. They will need to highlight a new security protocol to maintain client trust and patient
safety moving forward. The hospital leadership also wants recommendations on a communication
strategy and whether public notice should be given to patients about the breach. They asked for advice
in this area.

Scenario C: EduTech Innovation (FERPA)
EduTech Innovation provides data management and technical support services to higher education
institutions across the country. Partnering with the data management teams of universities and colleges,
EduTech offers solutions tailored to the unique needs of academic environments, ensuring the security
and integrity of student and faculty data while complying with the Family Educational Rights and Privacy
Act (FERPA). One of EduTech’s primary responsibilities is to develop and maintain the student
information systems (SIS) for its partner institutions, which house student records, course enrollment
data, academic transcripts, and financial aid information. EduTech also assists universities in managing
personnel records, research data, and institutional analytics to support decision making and improve
academic outcomes. Strict measures are in place to protect the privacy and confidentiality of student
education records in accordance with FERPA guidelines.

Unfortunately, a breach occurred due to lapses in compliance procedures within a partner university,
raising concerns about a breach and potential FERPA violations that could impact thousands of students.
An internal audit revealed that scheduled security assessments and data audits had not been conducted,
leaving vulnerabilities undiscovered for an extended period. Furthermore, an auditor was found to have
falsified documents and violated security protocols by accessing sensitive student records and sharing
them across the university without proper authorization.

Upon discovering this, the supervisor promptly escalated the issue to senior management at EduTech
and the university’s administration. Recognizing the seriousness of the situation and the implications for
FERPA compliance, the CEO of EduTech convened a meeting with university leadership to address the
breach and mitigate its impact while ensuring adherence to FERPA regulations.

Since this has never happened to a client before, EduTech must propose steps to respond to the current
concern with a specific focus on FERPA compliance. They must also make recommendations about how
to prevent this from happening in the future. This will include determining whether a public disclosure is
necessary and a communication plan that aligns with all the correct regulations.

  • DAT 250 Project Two: Organizational Scenarios
    • Scenario A: AmityTech Solutions (CCPA and GDPR)
    • Scenario B: MediGuard (HIPAA)
    • Scenario C: EduTech Innovation (FERPA)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

Information Systems Assignment1

Find the details in the attached file. UU-MBA-740-ZM Web design and development Assignment 1 Dear students, This is your first assignment for this course that accounts for 50% of your total marks for the course. Please answer and elaborate on the following questions: 1. What do you need to take

V

Risk mitigation, which is part of the risk management plan, takes place once you have identified and analyzed your risks. Risk mitigation is identifying the strategies you are going to use to accept, avoid, share/reduce, or work around the identified and analyzed risks. Which of the seven domains do you

SLP 3 – 40

Please help me Module 3 – SLP Database Applications Recall that for the SLP assignment for this course, we are conducting assessments of database programs and demonstrations available online. For this SLP review the tutorial  Microsoft SQL Server 2022 Essential Training  from LinkedIn Learning.  Once you have completed your exploration

Case 3 – 40

I need help Module 3 – Case Database Applications Assignment Overview Computer supported collaborative work (CSCW) was developed to support teams by providing team members with powerful and convenient ways to schedule their interactions, communicate with each other, and record and update group output. Much of the early research in

SLP 2 – 40

help with homework Module 2 – SLP Database Management Recall that for the SLP assignment for this course, we are conducting assessments of database programs and demonstrations available online. For this module, your task is to try the tutorial  Learning SQL Programming  from LinkedIn Learning.   The more of the

Case 2 – 40

help pls Module 2 – Case Database Management Assignment Overview The Case Assignment for this module revolves around the question of large-scale data and the implications of database capabilities for organizational data management. As we’ve said, the change from data as a scarce resource to data as overabundance is still

SLP 4 – 24

I need help please Module 4 – SLP Strategic Portfolio Management Often best practices in the workplace lag behind technology advances. Ethical principles and best practices must be constantly reviewed and deeply considered in the workplace. Social media have had a big impact particularly on the Digital Native (those born

INFA PROJECT 4 PRIVACY COMPLIANCE

   For this project, you will leverage your research from Projects #1, #2, and #3 to develop a privacy compliance strategy for your chosen company. The deliverable for this project will be a Privacy Compliance Strategy that includes a legal and regulatory analysis for privacy laws and regulations. The scope

INFA PROJECT 3 RISK MITIGATION

 For this project, you will leverage your research from Project #1 and analysis from Project #2 to develop a risk mitigation strategy for your chosen company. If necessary, you can adjust your Information Usage Profile or your Risk Profile using feedback from your instructor and additional information from your readings

Case 4 – 24

I need help Module 4 – Case Strategic Portfolio Management Assignment Overview While some refer to Web 2.0/Web 3.0 as jargon, it has come to symbolize the sharing economy and the ability of people and businesses to interact with each other, forming virtual relationships. These virtual relationships include social media,

SLP 3 – 24

Help please Module 3 – SLP IT Governance Dashboards, which display data using graphics, have become commonplace. They are used for many applications, such as showing voter turnout in different states during national elections. The first informational dashboards were used in early automobiles and featured gauges to indicate speed and

case 3 – 24

help please Module 3 – Case IT Governance Assignment Overview Many firms are using Big Data to power their decision making. Here is a chance to see how firms are using Big data and how it impacts their decision making. Case Assignment For Big Data, find a case study and

SLP 4 -17

I NEED HELP Module 4 – SLP Managing and Assessing Information Security Policy Using a graphics program, design several security awareness posters on the following themes: updating antivirus signatures, protecting sensitive information, watching out for e-mail viruses, prohibiting the personal use of company equipment, changing and protecting passwords, avoiding social

case 3 – 17

i need help Module 3 – Case Security Laws and Standards Assignment Overview Employees must be trained and kept aware of topics related to information security, not the least of which is the expected behaviors of an ethical employee. This is especially important in information security, as many employees may

Case 4 – 17

Need help Module 4 – Case Managing and Assessing Information Security Policy Assignment Overview The Information Security Blueprint is the basis for the design, selection, and implementation of all security program elements. The blueprint builds on top of the organization’s information security policies and it is a scalable, upgradable, comprehensive plan

III

See attached The purpose of the PowerPoint presentation is to show threats, vulnerabilities, and recommendations in an affinity diagram. An example of this diagram is provided in your textbook in Chapter 4. As a risk management project manager, you must identify the threats, vulnerabilities, and recommendations for ABC IT Organization’s

Help with system change course

· What do critical pragmatism, improvement research, and democracy have to do with each other? · How do you make sense of your personal epistemology / worldview and improvement science? · Improvement science focuses on being problem focused and user centered, but it also uses methods and theory responsibly and

Coding for Musculoskeletal Services

  You are a new medical coder that works for an Orthopedic medical practice. Patients are often seen for fractures or dislocations which require either a cast or splint. A common patient encounter may be for the application of a long-arm split. Apply your knowledge of CPT to this patient