1 / 20

IS3350 Security Issues in Legal Context Unit 5 Security and Privacy Involving

IS3350 Security Issues in Legal Context Unit 5 Security and Privacy Involving Corporations and Educational Institutions. Learning Objective. Identify the basic components of the American legal system Describe legal compliance laws addressing public and private institutions. Key Concepts.

osric
Download Presentation

IS3350 Security Issues in Legal Context Unit 5 Security and Privacy Involving

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IS3350 Security Issues in Legal Context Unit 5 Security and Privacy Involving Corporations and Educational Institutions

  2. Learning Objective • Identify the basic components of the American legal system • Describe legal compliance laws addressing public and private institutions

  3. Key Concepts • Protecting children on the Internet • Family Education Rights and Privacy Act (FERPA) • Regulation of privacy and security in corporations • Sarbanes-Oxley (SOX) • Compliance and security controls

  4. EXPLORE: CONCEPTS

  5. Critical Aspects of FERPA Right to inspect and review student education records Right to request that a school correct inaccurate or misleading records Schools required to secure written permission from parent or eligible student to release information from student education record

  6. School Disclosure Exceptions in FERPA School officials with legitimate educational interest Other schools to which a student is transferring Specified officials for audit or evaluation purposes Appropriate parties in connection with financial aid to a student

  7. School Disclosure Exceptions in FERPA (cont.) Organizations conducting certain studies for or on behalf of the school Accrediting organizations Response to judicial order or lawfully issued subpoena Appropriate officials in cases of health and safety emergencies State and local authorities within a juvenile justice system, pursuant to specific State law

  8. School Disclosure Exceptions in FERPA (cont.) Directory information Student and parents must be informed and raise no objectives Name, address, and telephone number Date and place of birth Honors and awards Dates of attendance

  9. Critical Aspects of Sarbanes-Oxley (SOX) Protect investors by requiring accuracy and reliability in corporate disclosures Created new standards for corporate accountability Created new penalties for acts of wrongdoing, both civil and criminal Changes how corporate boards and executives must exchange information and work with corporate auditors

  10. Critical Aspects of Sarbanes-Oxley (SOX) continued Specifies new financial reporting requirements Requires all financial reports to include an internal control report Auditing firms are also required to attest to the accuracy of the assessment

  11. Critical Sections of Sarbanes-Oxley Act

  12. Privacy – Principle Concepts Privacy of employee data Privacy of customer data Privacy of corporate data

  13. Privacy in Workplace • Law generally allows organizations to monitor employee conduct • Protection of proprietary information • Maintain privacy of customer information

  14. COPPA and CIPA • Children are Internet-ready and receptive • Lack the judgment and knowledge of dangers • Lack knowledge to evaluate the merits of information • U.S Congress Protective Actions • Children's Online Privacy Protection Act (COPPA) of 1998 • Children's Internet Protection Act (CIPA) of 2000

  15. EXPLORE: PROCESS

  16. Children's Online Privacy Protection Act (COPPA) Notice of information practices on home page Notice at each area where personal information from children is collected Notice must be clearly written and understandable Notice may not include any unrelated or confusing materials Notification of parent is required Verifiable parental consent is required

  17. EXPLORE: CONTEXT

  18. Where do COPPA and CIPA Apply? Commercial Web sites Online services Educational institutions Libraries

  19. CIPA Requirements • Schools and libraries must • Use technology protection measures • Protect against access to harmful visual depictions • Adopt and enforce a policy to monitor the online activities of minors • Minors are those 17 years of age or less

  20. Summary • Protecting children on the Internet • Family Education Rights and Privacy Act (FERPA) • Regulation of privacy and security in corporations • Sarbanes-Oxley (SOX) • Compliance and security controls

More Related