Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Cybersecurity and the protection of organizational and personal data is a vital component of managing information systems. Contemporary news is packed with stories and commentary on cybercrime, social...

1 answer below »

Cybersecurity and the protection of organizational and personal data is a vital component of managing information systems. Contemporary news is packed with stories and commentary on cybercrime, social networking data privacy issues, and arguments among government leaders about the protection of national and/or personal data and laws governing those issues. Every business and organizational leader in the 21st century needs to have a baseline set of skills in cybersecurity and devote real attention to this area of information systems management - regardless of whether they work in IT or an entirely different business area.

The purpose of this activity is to develop your knowledge and skills in the area of data privacy and protection in the following areas:

  • Understand the impact of Data Protection & Privacy on organizations and their IT operations.
  • Develop a working knowledge of 'best practices' for organizations in the area of Data Protection & Privacy.
  • Developbasic working skills necessary to develop a corporate Data Privacy & Protection policy.
  • Explore the structure and role of data governance within organizations to better and manage corporate information.

Readings & Background Information:

  • Text:Information Systems for Business and Beyond(Links to an external site.)(Chapter 6)
  • Deloitte White Paper:Data Privacy as a Strategic Priority (PDF)Download Data Privacy as a Strategic Priority (PDF)
  • Forbes article:Data Privacy Vs. Data Protection (PDF)Download Data Privacy Vs. Data Protection (PDF)
  • 5 Data Protection Policies Your Organisation Must Have (opens in new window)(Links to an external site.)
  • How to Build a GDPR-compliant Data Protection Policy (opens in new window)(Links to an external site.)
  • Data Privacy Policy - what/why? (opens in new window)(Links to an external site.)
  • Better Business Bureau:Writing an Effective Privacy Policy (opens in new window)(Links to an external site.)

Other Resources:

  • What is GDPR and How Does it impact your business (opens in new window)(Links to an external site.)
  • Examples:
    • University of Memphis IT Security Policies & Guidelines (landing page URL)(Links to an external site.)
    • University of Tennessee (Knoxville) Data Privacy Notice (opens in new window)(Links to an external site.)
    • BSR - Business for Social Responsibility (opens in new window)(Links to an external site.)
    • Sample Data Protection Policy Template (opens in new window)(Links to an external site.)
    • Sample Data Privacy Template (opens in new window)(Links to an external site.)

Detailed Instructions:

There aretwo partsto this activity.

Part 1: Find and analyze concrete examples of an organizationalData Protection & Privacy Policy.

In the first step, you are to find three (3) concrete (real-world) examples of an organizational data protection & privacy policy (or equivalent document). Your examples can be from a for-profit business, non-profit, or government agency. After finding and researching as much as you can about these examples, prepare an analysis of each as follows.

  • Name of the organization and related URLs
  • The type of organization (business, non-profit, government, etc.) and a little about the nature of what they do and whom they serve
  • Examples of any major risk factors associated with data protection faced by this organization (what kind of data? what sorts of risks? etc.)
  • A brief summary of structure of their data privacy and protection policy (or equivalent). What major categories does it include? How is it organized? What sort of audience does it appear to be written for?
  • A short critique based on your knowledge of what should be included in a good corporate data protection & privacy policy. For example, are their major sections omitted? Is it poorly constructed?

Part 2: Build a sample data protection & privacy policy template for use by organizations.

Using the analysis of your examples, develop a proposed starting template for an ideal data protection & privacy policy that could be used by organizations in need of building or updating such a policy for internal use.

Attributes and components to address in constructing this template:

  • Overall organization and structure of the policy template
  • Intended audience (internal, external, technical, anyone, etc.)
  • A consideration of organizational culture as it relates to best practices in maintaining effective data protection & privacy
  • The following components/major elements:
    • Short Section/Title of the element.
    • Rationale for including this element (why it should be included).
    • What portion of data protection & privacy it addresses.
    • General guidelines/instructions for completing this section by a user-organization.
Answered 2 days After Jun 22, 2022

Solution

Tanmoy answered on Jun 24 2022
95 Votes
Data Protection and Privacy Policy        4
DATA PROTECTION AND PRIVACY POLICY
Table of Contents
Part 1: Data Protection & Privacy Policy    3
Part 2: Build a sample data protection & privacy policy template for use by organizations    5
References    7
Part 1: Data Protection & Privacy Policy
    The organization which is chosen for data protection and privacy policy is San Francisco Public Utilities Commission as an example of an organization’s policy. The URL of SFPUC is https:
sfpuc.org/
The second organization is National Park Service (NPS). There are numerous policies which will be able to manage the customer data which will consist of sensitive data. The URL of NPS is https:
www.nps.gov/index.htm#:~:text=NPS.gov%20Homepage%20(U.S.%20National%20Park%20Service)
Finally, the third organization is Department of Homeland Security (DHS). There are many policies which helps in handling of customer data and the manner in which it can be administered. The URL of this site is https:
www.dhs.gov
These company helps in protection and data privacy. The policy of the same are available on the respective company URLs. The policy illustrates that any information which is provided will be kept confidential and will not be disclosed to the third parties. There is necessity of individual consent before sharing their personal information with third parties.
The three examples of an organizational data protection and privacy policy are for-profit business, non-profit and a government agency. For-profit business is Delta Airlines and have data protection and privacy policy which illustrates that the company do not use or disclose any of the personal information of the customers without their explicit content. Non-profit organization is Americares Foundation in USA. They will only share the personal information of the customers only with their members and contributors. They will not share any personal information to any third parties. Finally, the public sector United States Department of Health and Human Services has a data protection and privacy policy which states that they will use the information for delivering quality services to the citizens of...
SOLUTION.PDF
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here
Attach File