Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Competencies

Please see attached details

DAT 250 Project Two: Organizational Scenarios

Scenario A: AmityTech Solutions (CCPA and GDPR)
AmityTech Solutions is a well-established technical management company based in North America,
providing comprehensive data management services to businesses across various industries. AmityTech
specializes in offering secure data solutions, robust server infrastructure management, and proactive
cybersecurity measures for its clientele, which spans both the United States and Ireland.

In addition to its core services, AmityTech aggregates anonymized data to create consumer profiles for
targeted advertising. These profiles are strictly segregated from the company’s regular data storage
operations to maintain client confidentiality and ensure compliance with privacy regulations. Currently,
AmityTech manages a database of approximately 300,000 individual consumer profiles.

Despite differentiating between its service offerings, AmityTech encountered a significant breach of
client data due to lapses in compliance procedures. An internal audit revealed that scheduled
compliance audits had not been completed for three consecutive nine-month cycles. A compliance
auditor was also found to have falsified documents and violated security protocols by introducing
personal storage devices (phones and external hard drives) into secured areas. This led to concerns
about a data breach that could have impacted thousands of client accounts. The company must consider
GDPR and CCPA, given where they operate their businesses. There are no required industry standards
regarding how AmityTech should respond from a legal, ethical, or technical standpoint.

Upon discovering the errors and risk of a breach, the issue escalated to senior management, culminating
in a direct meeting with the organization’s owner. The owner and AmityTech’s senior leadership team
ordered the development of a new security protocol to address the current incident and prevent future
occurrences. The leadership also wants recommendations on whether public notice should be given
about the breach and asked for advice in this area.

Scenario B: MediGuard (HIPAA)
MediGuard is a specialized healthcare data management company that partners with hospitals and
healthcare facilities across the United States to provide secure data storage, electronic health record
(EHR) management, and technical support services. With a strong emphasis on patient privacy security,
MediGuard is responsible for compliance with the Health Insurance Portability and Accountability Act
(HIPAA). One of MediGuard’s primary responsibilities is to host and manage EHR systems for its
hospitals, ensuring the availability, integrity, and confidentiality of patient records while adhering to
HIPAA regulations. Additionally, MediGuard collects and stores a wide range of patient data, including
medical histories, treatment plans, diagnostic test results, and billing information.

Despite stringent security protocols, a breach occurred due to lapses in compliance procedures within
the hospital setting, raising concerns about potential HIPAA violations. An internal audit revealed that
scheduled security assessments and data audits had not been conducted as per protocol, leaving
vulnerabilities undiscovered for at least four months. The supervisor who realized this promptly
escalated the issue to senior management at both MediGuard and the hospital administration.
Recognizing the seriousness of the situation and the implications for HIPAA compliance, the CEO of
MediGuard convened a meeting with hospital leadership to address the breach and mitigate its impact
while ensuring current and future adherence to HIPAA regulations.

In response to the breach, MediGuard has been ordered to propose and administer a response for their
hospital partner. They will need to highlight a new security protocol to maintain client trust and patient
safety moving forward. The hospital leadership also wants recommendations on a communication
strategy and whether public notice should be given to patients about the breach. They asked for advice
in this area.

Scenario C: EduTech Innovation (FERPA)
EduTech Innovation provides data management and technical support services to higher education
institutions across the country. Partnering with the data management teams of universities and colleges,
EduTech offers solutions tailored to the unique needs of academic environments, ensuring the security
and integrity of student and faculty data while complying with the Family Educational Rights and Privacy
Act (FERPA). One of EduTech’s primary responsibilities is to develop and maintain the student
information systems (SIS) for its partner institutions, which house student records, course enrollment
data, academic transcripts, and financial aid information. EduTech also assists universities in managing
personnel records, research data, and institutional analytics to support decision making and improve
academic outcomes. Strict measures are in place to protect the privacy and confidentiality of student
education records in accordance with FERPA guidelines.

Unfortunately, a breach occurred due to lapses in compliance procedures within a partner university,
raising concerns about a breach and potential FERPA violations that could impact thousands of students.
An internal audit revealed that scheduled security assessments and data audits had not been conducted,
leaving vulnerabilities undiscovered for an extended period. Furthermore, an auditor was found to have
falsified documents and violated security protocols by accessing sensitive student records and sharing
them across the university without proper authorization.

Upon discovering this, the supervisor promptly escalated the issue to senior management at EduTech
and the university’s administration. Recognizing the seriousness of the situation and the implications for
FERPA compliance, the CEO of EduTech convened a meeting with university leadership to address the
breach and mitigate its impact while ensuring adherence to FERPA regulations.

Since this has never happened to a client before, EduTech must propose steps to respond to the current
concern with a specific focus on FERPA compliance. They must also make recommendations about how
to prevent this from happening in the future. This will include determining whether a public disclosure is
necessary and a communication plan that aligns with all the correct regulations.

  • DAT 250 Project Two: Organizational Scenarios
    • Scenario A: AmityTech Solutions (CCPA and GDPR)
    • Scenario B: MediGuard (HIPAA)
    • Scenario C: EduTech Innovation (FERPA)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

HLS VII

see attached Policy Memo: Rising Terrorist Threat This writing assignment measures your mastery of ULOs 1.1, 1.2, 1.3, and 4.2. In this assignment, you will craft a professional policy memorandum advising a senior government official (e.g., Secretary of Homeland Security, State Homeland Security Advisor, or Governor) on how to respond

In-the-Wild Studies

 In a field study or an in-the-wild study, how can designers ensure they acquire accurate data concerning the product? Briefly describe some concerns associated with properly conducting field studies. 

Evaluation Methods

  Overview In this activity, you identify methods to evaluate your application interface that align with stated requirements and specifications. This activity will inform next week’s assignment, where you are asked to create an evaluation plan for your application. Instructions Explain 5 appropriate ways or methods to evaluate your chosen

VII

see attached There are numerous artificial intelligence applications used in homeland security for defense, intelligence, diplomacy, surveillance, cybersecurity, and other areas in both the public and private sector. For this assignment, you will create a PowerPoint presentation which examines current and emerging artificial intelligence (AI) and machine learning technologies being

Formative and Summative Evaluations

 What are the differences between formative evaluations and summative evaluations? At which stage in product development do you believe that evaluations should use controlled settings instead of natural settings? Why? 

V HLS

see attached The Office of Innovation and Collaboration is the Department of Homeland Security (DHS) Science and Technology (S&T) Directorate’s conduit to a broad network of external partners. It provides the homeland security community outreach and access to partnerships with world-class subject matter experts, resources, and innovative tools. Discuss why

VI

see attached. For this assignment, you will develop a PowerPoint presentation consisting of 10 to 12 slides that examines one of the 16 critical infrastructure sectors designated by the U.S. Department of Homeland Security. You will explore key threats to the sector and its cybersecurity vulnerabilities. You will propose realistic

Information Systems IT assignment

Case Study Analysis — Jaguar Land Rover Cyberattack Assignment Overview In August 2025, Jaguar Land Rover experienced a ransomware and data exfiltration attack that forced a complete shutdown of IT and manufacturing systems across its global operations. This disruption caused significant financial losses and supply chain delays. Analyze the incident

V

see attached For this discussion, reflect on how the United States has approached intelligence sharing since 9/11 and consider whether the balance between security and individual rights has been successfully maintained. Think about the roles that fusion centers, joint terrorism task forces (JTTFs), and local law enforcement play in identifying

excel

c ase study – Survey Analysis This case study will grant you the opportunity to utilize your critical thinking and data analysis skills. In business, surveys are often a common way to gauge consumer sentiment. In the provided data set, you will analyze Excel data gathered from a customer satisfaction

IV

see attached. In this unit’s lesson, we explored constitutional law, civil liberties, and ethical decision-making in homeland security. These issues become especially acute during large-scale disaster scenarios, where federal and local agencies are called upon to make time-sensitive decisions under conditions of uncertainty, chaos, and public vulnerability. These actions must

4

see attached. Reflect on your beliefs regarding the ethical implications of the United States using unmanned aerial vehicles (UAVs) on foreign soil to counter terrorist attacks in defense of our own or foreign ally interests. How do you believe other nations perceive the United States’ use of UAVs to monitor

HIMS 655 ASS5

As a HIM director of a healthcare system, you have been assigned to lead a team of individuals to develop a rationale for a Health Data Governance Program. In your first team meeting the agenda is to discuss various aspects of successful Health Data Governance Program.  Discuss with your team

The Role of UX in Software Development

  Review this week’s assignment, Application Requirements and Specifications. Discuss the role that the user experience (UX) plays in the development of software requirements. How can UX considerations be effectively integrated into your Requirements and Specifications?

HLS III

see attached. For this assignment, select a disaster or terrorism incident (e.g., Hurricane Katrina, Hurricane Maria, Texas Winter Storm) and analyze how each phase of the emergency management cycle was executed. Additionally: · Evaluate FEMA’s role in support of both local and state agencies and associated legal frameworks. · Examine

3

See attached. In 2001, lone wolf terrorist and bioweapons expert Dr. Bruce Ivins, mailed several United States Postal Services (USPS) letters and parcels filed with anthrax spores to news media outlets, democratic senators, and others. This terrorist incident was considered a weapon of mass destruction (WMD) attack, as anthrax is

II

see attached. The United States homeland security enterprise is intentionally decentralized, relying on a complex interplay between federal and state agencies, local authorities, and community stakeholders. The National Incident Management System (NIMS), the National Response Framework (NRF), and the whole-community approach are designed to create integration and interoperability but not

Data Collection Methods

  Think of your favorite human-computer interaction. Perhaps it was with Alexa, a video game, or something as simple as a TV remote. What made the experience so rewarding? Were the sounds authentic, visuals realistic, feedback precise? Was it intense, relaxing, motivating, or curiosity-inspiring? Discuss your experience and how designers