Kibata

Sign In

Our Services

Get 15% Discount on your First Order

Order Now
[rank_math_breadcrumb]

Competencies

Please see attached details

DAT 250 Project Two: Organizational Scenarios

Scenario A: AmityTech Solutions (CCPA and GDPR)
AmityTech Solutions is a well-established technical management company based in North America,
providing comprehensive data management services to businesses across various industries. AmityTech
specializes in offering secure data solutions, robust server infrastructure management, and proactive
cybersecurity measures for its clientele, which spans both the United States and Ireland.

In addition to its core services, AmityTech aggregates anonymized data to create consumer profiles for
targeted advertising. These profiles are strictly segregated from the company’s regular data storage
operations to maintain client confidentiality and ensure compliance with privacy regulations. Currently,
AmityTech manages a database of approximately 300,000 individual consumer profiles.

Despite differentiating between its service offerings, AmityTech encountered a significant breach of
client data due to lapses in compliance procedures. An internal audit revealed that scheduled
compliance audits had not been completed for three consecutive nine-month cycles. A compliance
auditor was also found to have falsified documents and violated security protocols by introducing
personal storage devices (phones and external hard drives) into secured areas. This led to concerns
about a data breach that could have impacted thousands of client accounts. The company must consider
GDPR and CCPA, given where they operate their businesses. There are no required industry standards
regarding how AmityTech should respond from a legal, ethical, or technical standpoint.

Upon discovering the errors and risk of a breach, the issue escalated to senior management, culminating
in a direct meeting with the organization’s owner. The owner and AmityTech’s senior leadership team
ordered the development of a new security protocol to address the current incident and prevent future
occurrences. The leadership also wants recommendations on whether public notice should be given
about the breach and asked for advice in this area.

Scenario B: MediGuard (HIPAA)
MediGuard is a specialized healthcare data management company that partners with hospitals and
healthcare facilities across the United States to provide secure data storage, electronic health record
(EHR) management, and technical support services. With a strong emphasis on patient privacy security,
MediGuard is responsible for compliance with the Health Insurance Portability and Accountability Act
(HIPAA). One of MediGuard’s primary responsibilities is to host and manage EHR systems for its
hospitals, ensuring the availability, integrity, and confidentiality of patient records while adhering to
HIPAA regulations. Additionally, MediGuard collects and stores a wide range of patient data, including
medical histories, treatment plans, diagnostic test results, and billing information.

Despite stringent security protocols, a breach occurred due to lapses in compliance procedures within
the hospital setting, raising concerns about potential HIPAA violations. An internal audit revealed that
scheduled security assessments and data audits had not been conducted as per protocol, leaving
vulnerabilities undiscovered for at least four months. The supervisor who realized this promptly
escalated the issue to senior management at both MediGuard and the hospital administration.
Recognizing the seriousness of the situation and the implications for HIPAA compliance, the CEO of
MediGuard convened a meeting with hospital leadership to address the breach and mitigate its impact
while ensuring current and future adherence to HIPAA regulations.

In response to the breach, MediGuard has been ordered to propose and administer a response for their
hospital partner. They will need to highlight a new security protocol to maintain client trust and patient
safety moving forward. The hospital leadership also wants recommendations on a communication
strategy and whether public notice should be given to patients about the breach. They asked for advice
in this area.

Scenario C: EduTech Innovation (FERPA)
EduTech Innovation provides data management and technical support services to higher education
institutions across the country. Partnering with the data management teams of universities and colleges,
EduTech offers solutions tailored to the unique needs of academic environments, ensuring the security
and integrity of student and faculty data while complying with the Family Educational Rights and Privacy
Act (FERPA). One of EduTech’s primary responsibilities is to develop and maintain the student
information systems (SIS) for its partner institutions, which house student records, course enrollment
data, academic transcripts, and financial aid information. EduTech also assists universities in managing
personnel records, research data, and institutional analytics to support decision making and improve
academic outcomes. Strict measures are in place to protect the privacy and confidentiality of student
education records in accordance with FERPA guidelines.

Unfortunately, a breach occurred due to lapses in compliance procedures within a partner university,
raising concerns about a breach and potential FERPA violations that could impact thousands of students.
An internal audit revealed that scheduled security assessments and data audits had not been conducted,
leaving vulnerabilities undiscovered for an extended period. Furthermore, an auditor was found to have
falsified documents and violated security protocols by accessing sensitive student records and sharing
them across the university without proper authorization.

Upon discovering this, the supervisor promptly escalated the issue to senior management at EduTech
and the university’s administration. Recognizing the seriousness of the situation and the implications for
FERPA compliance, the CEO of EduTech convened a meeting with university leadership to address the
breach and mitigate its impact while ensuring adherence to FERPA regulations.

Since this has never happened to a client before, EduTech must propose steps to respond to the current
concern with a specific focus on FERPA compliance. They must also make recommendations about how
to prevent this from happening in the future. This will include determining whether a public disclosure is
necessary and a communication plan that aligns with all the correct regulations.

  • DAT 250 Project Two: Organizational Scenarios
    • Scenario A: AmityTech Solutions (CCPA and GDPR)
    • Scenario B: MediGuard (HIPAA)
    • Scenario C: EduTech Innovation (FERPA)

Share This Post

Email
WhatsApp
Facebook
Twitter
LinkedIn
Pinterest
Reddit

Order a Similar Paper and get 15% Discount on your First Order

Order Now

Related Questions

Concurrency Control

  There are times when a database is accessed by many users across the enterprise. Transaction logs can help maintain concurrency in a multiuser platform. Describe at least two business scenarios where “commit” and “rollback” would be required. Describe how these functions would be essential for business continuity and concurrency

Healthcare Industry Solutions: Transforming Patient Care and Operational Efficiency

Healthcare industry solutions refer to a wide range of technologies, tools, and strategies designed to improve the way healthcare organizations operate and deliver patient care. These solutions combine software, digital platforms, data analytics, medical devices, and process innovations to address challenges in hospitals, clinics, pharmaceutical companies, insurance providers, and the

Comprehensive SharePoint and Teams Migration Solutions

   Modern businesses depend on collaboration and document platforms to stay productive, and moving these systems during a tenant migration is often complex. CloudBik’s Teams to Teams Migration offers an effective way to transfer Teams environments, including chats, channels, and files, without impacting end-users. At the same time, the SharePoint

Why Businesses Need Tenant to Tenant Migration

   The need for Tenant to Tenant Migration is growing as many companies go through mergers, acquisitions, or restructuring. Having data in two separate tenants can create confusion and extra work for IT teams. Moving everything into one tenant gives users a simple and unified experience. The OneDrive Migration Tool

Easy Data Transfer from Google to Office 365

  Many businesses choose Microsoft 365 over Google Workspace because it connects better with apps like Excel, Teams, and Outlook. But during migration, the main worry is losing data or breaking folder structures. The migrate from Google Workspace to Office 365 blog explains how to transfer emails, calendars, and files safely

HIS-D40-C

I have a question about Health Information System, who can help with questions?

HIS-B39-C

My questions are about Health IS. Who can help with these questions?

Advanced SQL and PL/SQL

  Extracting and interpreting data can be very valuable to an organization. Describe the importance of using sub queries in a database system. Provide at least two business case scenarios to support your response.

creating

Create a Visual Origin Story In Module 1 you are to complete the team-building exercise ” Visual Origin Story: Adventures in collaborative storytelling .” This exercise is from the book:  Murdoch-Kitt, K. M., & Emans, D. J. (2020). Intercultural collaboration by design drawing from differences, distances, and disciplines through visual

HIS-553-A

I have a question about Health Information Systems. Who is willing to help?

Case 4 – 90

I need help please Module 4 – Case Managing Complex IT Organizational Change and Capstone Paper Assignment Overview The Impact of Various Internal and External Organizational “Environments” on IT Management The ability to understand various elements within and outside your topic organization and the extent to which they affect information

SLP 4 – 90

PLEASE HELP Module 4 – SLP Managing Complex IT Organizational Change and Capstone Paper The continuing professional development of IT personnel is a key managerial responsibility. In this light, reflect on a subordinate and prepare a somewhat detailed and actionable professional development plan which would be intended for use in

Logical and Physical Design

  In order to ensure optimal database performance, the logical and physical design should consider the user requirements thoroughly. Suppose you have been hired to transform a conceptual model into a logical model for a sales database. Describe the specific steps that you must perform in order to appropriately construct

tERRORISM I

SEE ATTACHED. 2 Response to natural and man-made disasters have changed quite significantly since the implementation of the National Incident Management System (NIMS). Provide an example of a recent natural disaster or terrorist attack that has occurred in your region in the last 10 years. In what ways do you

Case 2 – 90

I need help please Module 2 – Case Architecting the IT Governance Plan Assignment Overview The Capstone course is a summary of your learning from all previous MSITM coursework. Thus, it has some suggested recent materials in IT governance along with writing/Capstone Case guides, or other materials directly provided by

SLP 2 – 90

Please Help Module 2 – SLP Architecting the IT Governance Plan As a consultant to, or manager of, an IT unit within your selected organization, you must be keenly aware of challenges facing your selected organization. This assignment asks you to identify, intellectually discuss, and broadly report on at least

Planning the DBLC

  The development of a database requires thorough methodology that ensures quality within the solution. Imagine you have been contracted to develop a finance database that will help an organization track monthly expenditures by departments. Discuss the various activities that you would have to achieve each phase, using the DBLC.