Our Services

Get 15% Discount on your First Order

[rank_math_breadcrumb]

Competencies

Please see attached details

DAT 250 Project Two: Organizational Scenarios

Scenario A: AmityTech Solutions (CCPA and GDPR)
AmityTech Solutions is a well-established technical management company based in North America,
providing comprehensive data management services to businesses across various industries. AmityTech
specializes in offering secure data solutions, robust server infrastructure management, and proactive
cybersecurity measures for its clientele, which spans both the United States and Ireland.

In addition to its core services, AmityTech aggregates anonymized data to create consumer profiles for
targeted advertising. These profiles are strictly segregated from the company’s regular data storage
operations to maintain client confidentiality and ensure compliance with privacy regulations. Currently,
AmityTech manages a database of approximately 300,000 individual consumer profiles.

Despite differentiating between its service offerings, AmityTech encountered a significant breach of
client data due to lapses in compliance procedures. An internal audit revealed that scheduled
compliance audits had not been completed for three consecutive nine-month cycles. A compliance
auditor was also found to have falsified documents and violated security protocols by introducing
personal storage devices (phones and external hard drives) into secured areas. This led to concerns
about a data breach that could have impacted thousands of client accounts. The company must consider
GDPR and CCPA, given where they operate their businesses. There are no required industry standards
regarding how AmityTech should respond from a legal, ethical, or technical standpoint.

Upon discovering the errors and risk of a breach, the issue escalated to senior management, culminating
in a direct meeting with the organization’s owner. The owner and AmityTech’s senior leadership team
ordered the development of a new security protocol to address the current incident and prevent future
occurrences. The leadership also wants recommendations on whether public notice should be given
about the breach and asked for advice in this area.

Scenario B: MediGuard (HIPAA)
MediGuard is a specialized healthcare data management company that partners with hospitals and
healthcare facilities across the United States to provide secure data storage, electronic health record
(EHR) management, and technical support services. With a strong emphasis on patient privacy security,
MediGuard is responsible for compliance with the Health Insurance Portability and Accountability Act
(HIPAA). One of MediGuard’s primary responsibilities is to host and manage EHR systems for its
hospitals, ensuring the availability, integrity, and confidentiality of patient records while adhering to
HIPAA regulations. Additionally, MediGuard collects and stores a wide range of patient data, including
medical histories, treatment plans, diagnostic test results, and billing information.

Despite stringent security protocols, a breach occurred due to lapses in compliance procedures within
the hospital setting, raising concerns about potential HIPAA violations. An internal audit revealed that
scheduled security assessments and data audits had not been conducted as per protocol, leaving
vulnerabilities undiscovered for at least four months. The supervisor who realized this promptly
escalated the issue to senior management at both MediGuard and the hospital administration.
Recognizing the seriousness of the situation and the implications for HIPAA compliance, the CEO of
MediGuard convened a meeting with hospital leadership to address the breach and mitigate its impact
while ensuring current and future adherence to HIPAA regulations.

In response to the breach, MediGuard has been ordered to propose and administer a response for their
hospital partner. They will need to highlight a new security protocol to maintain client trust and patient
safety moving forward. The hospital leadership also wants recommendations on a communication
strategy and whether public notice should be given to patients about the breach. They asked for advice
in this area.

Scenario C: EduTech Innovation (FERPA)
EduTech Innovation provides data management and technical support services to higher education
institutions across the country. Partnering with the data management teams of universities and colleges,
EduTech offers solutions tailored to the unique needs of academic environments, ensuring the security
and integrity of student and faculty data while complying with the Family Educational Rights and Privacy
Act (FERPA). One of EduTech’s primary responsibilities is to develop and maintain the student
information systems (SIS) for its partner institutions, which house student records, course enrollment
data, academic transcripts, and financial aid information. EduTech also assists universities in managing
personnel records, research data, and institutional analytics to support decision making and improve
academic outcomes. Strict measures are in place to protect the privacy and confidentiality of student
education records in accordance with FERPA guidelines.

Unfortunately, a breach occurred due to lapses in compliance procedures within a partner university,
raising concerns about a breach and potential FERPA violations that could impact thousands of students.
An internal audit revealed that scheduled security assessments and data audits had not been conducted,
leaving vulnerabilities undiscovered for an extended period. Furthermore, an auditor was found to have
falsified documents and violated security protocols by accessing sensitive student records and sharing
them across the university without proper authorization.

Upon discovering this, the supervisor promptly escalated the issue to senior management at EduTech
and the university’s administration. Recognizing the seriousness of the situation and the implications for
FERPA compliance, the CEO of EduTech convened a meeting with university leadership to address the
breach and mitigate its impact while ensuring adherence to FERPA regulations.

Since this has never happened to a client before, EduTech must propose steps to respond to the current
concern with a specific focus on FERPA compliance. They must also make recommendations about how
to prevent this from happening in the future. This will include determining whether a public disclosure is
necessary and a communication plan that aligns with all the correct regulations.

  • DAT 250 Project Two: Organizational Scenarios
    • Scenario A: AmityTech Solutions (CCPA and GDPR)
    • Scenario B: MediGuard (HIPAA)
    • Scenario C: EduTech Innovation (FERPA)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Related Questions

LAB

See attached. Lab3: Defining a Security Policy Framework In this lab, you will research security policy frameworks. Next, you will determine the appropriate security policy definitions to mitigate specific risks, threats, or vulnerabilities. You will organize your results into a framework that can become part of a layered security strategy.

Health Information Tech

For this assignment discussion board, you will be selecting a specialty drug to research and share with the class.  After selecting a specialty drug, answer the following questions.  Remember, specialty drugs are high-cost drugs (more than $1,000/month) that treat rare chronic diseases. (Please make sure to include question numbers in

Discussion

What would be your approach to introduce potential information systems security (ISS) risks to management? Also, how could you enforce the security controls if policies were created based on your recommendations?  Course Textbook(s) Johnson, R., & Easttom, C. (2022). Security policies and implementation issues (3rd ed.). Jones & Bartlett Learning.

Health Insurance Exchange

See attached  Instructions For this assignment, you will research and analyze four insurance plans offered by a federally facilitated health insurance exchange (marketplace). Download the Excel “Health Insurance Exchange Assignment Template” which includes a completed submission example on one sheet and a blank template for you to complete. Part One:

cybersecurity

Page 1 of 1 Background In the past several years, the list of companies whose internal systems have been hacked has grown rapidly. Unfortunately, investment in security measures is only part of the answer. To be effective, managers in charge of cybersecurity need to adjust their mindsets and become as

Health

See attached instructions  Objectives  To gain familiarity with the Health Insurance Exchange (Marketplace) website (healthcare.gov).  To reinforce the process of “buying” insurance.  To understand the cost-sharing differences (or lack thereof) between plans.  To practice analysis of plans for decision making. Instructions For this assignment, you will

diagram types

  For this week’s discussion, we have decided to move forward with the software development. We are looking at some tools that allow us to better look at the upcoming project. There are several diagrams that all have different purposes of showing other things about the project. Of the following

CO

Capstone Design and Analysis of a Simple Computer System Objective: Students will design, simulate, and analyze the architecture of a simplified computer system, applying concepts from Stephen D. Burd’s materials such as the CPU, memory hierarchy, I/O, and instruction set architecture (ISA). Components: 1. System Design: . CPU Design: Create

error

Error Task  Introduction In this task, you will analyze and resolve duplicates and errors within a master patient index (MPI) in preparation for implementation into a health information exchange (HIE). Additionally, you will evaluate the quality of a data dictionary and create a presentation to summarize your findings.    The

Information Systems Assignment

See attached · Watch the video below: Using Microsoft Word, write two paragraphs total of at least 250 words each (more is acceptable) to address the following prompts: · 1st paragraph: What are the health care entities involved in Joey’s continuum of care?  Identify and describe these entities and the

CSIS 484

Discussion Thread: System Design and Interaction with God CSIS 484 Discussion Assignment Instructions The student will complete 2 standard Discussions in this course. The student will post one thread of at least 400 words by 11:59 p.m. (ET) on Thursday of the assigned Module: Week. The student must then post

Data models

Need to design Erwin and one one excel, data models.  1. star schema 2. Normalised 3. denotmalised i have attached two reports and I will need you to design the data models for  report A and report B. the attachments talk about the file layout for report a and report

Research

Healthcare settings  In this task, you will use a scenario and hypothetical data in a spreadsheet to identify and analyze trends from a healthcare setting. You will also create a memo that summarizes all your findings.    The purpose of this task is to recognize the impact of healthcare IT

Project Management

  The cost, time, and scope of a project are how the Project Manager controls a project. There are tools that are needed to help keep the project on time and on budget. If you are managing a large project, would you prefer Gantt charts or PERT/CPM charts to represent

Module 02 Course Project – Statement of Work and Project Plan

Table of Contents Introduction/Background 1 Scope of Work 2 Period of Performance 2 Place of Performance 2 Work Requirements 2 Schedule/Milestones 2 Acceptance Criteria 2 Other Requirements 2 Module 02 SOW [Insert Name] Network Administration Capstone Module 02 SOW [Insert Name] Network Administration Capstone 2 Introduction/Background Introduction/Background: The Statement of

Please see attached

Answer the following questions below with answers that states and justifies your position on the questions posted below. Support your ideas. Your post should be at least 500 words (maximum 550 words), formatted and cited in current APA style with support from at least 2 academic sources · What is

Strategic Planning

  Strategic planning is an important part of any company. Often, businesses need to ponder whether they should build the software or take on the project at all. Your manager asks you to prepare to discuss the first steps toward replacing the case management system. Research and discuss the purpose