Premium Essay

Analysis and Comparison of Glba and Hipaa

In: Computers and Technology

Submitted By heomap
Words 842
Pages 4
Analysis and Comparison of GLBA and HIPAA

1. Which US government agency acts as the legal enforcement entity for businesses and organizations involved in commerce? The Federal Trade Commission.

2. Which US government agency acts as the legal enforcement entity regarding HIPPA compliance and HIPPA violations?
Office of Civil Rights(OCR) under the Department of Health and Human Services

3. List three (3) similarities between GLBA and HIPAA.
1. Safeguards Rules to protect customer information and consumer personal information. Security Rules
2. Protection of Privacy Rules from third party data sharing.
3. Protection of Financial Privacy Rules

4. List five (5) examples of privacy data elements for GLBA as defined in the privacy rule.
1.Safeguard Rules- protect customer information
2. Pretexting- protect consumers from individuals and companies that obtain their personal financial information under false pretenses.
3. Financial Privacy rules-governs the collection and disclosure of customers personal financial information by financial institutions.
4. Protection against credit reporting agencies
5. Protection from financial institutions that collect information from their own customers.

5. List five (5) examples of privacy data elements for HIPAA as defined in the privacy rule. a. Protection of Electronic Protected Health Information b. Covered entities must put in place secure electronic protection of health information. c. .claims and benefits d. Billing Services e. Healthcare providers

6. List three (3) differences between GLBA and HIPAA. 1. a. HIPPA protects and safeguard Healthcare patient Information
b. GLBA protects and safeguard Financial customer information 2. a. HIPPA – has security rules to protect personal healthcare bill pay, with healthcare clearing houses that

Similar Documents

Premium Essay

Unit 4 Lab 4 Analysis and Comparison of Glba and Hipaa

...Unit 4 Lab 4 Analysis and Comparison of GLBA and HIPAA 1. Which US government agency acts as the legal enforcement entity for businesses and organizations involved in commerce? a. The FTC Its principal mission is the promotion of consumer protection and the elimination and prevention of anticompetitive business practices, such as coercive monopoly 2. Which US government agency acts as the legal enforcement entity regarding HIPAA compliance and HIPAA violations? b. The “American Recovery and Reinvestment Act of 2009”(ARRA), established a tiered civil penalty structure for HIPAA violations 3. List three (3) similarities between GLBA and HIPAA. c. Both require technical safeguards to protect or guarantee the veracity of critical information. d. GLBA protects personal financial information of an organization's customers. And HIPAA protects and guarantees the privacy of an individual's Personal Health Information (PHI). e. Both have a requirement for specific IT controls. 4. List five (5) examples of privacy data elements for GLBA as defined in the privacy rule. f. Name, Address, City State Zip, Account Number, and Social Security Number are five examples of privacy data elements for GLBA as defined in the privacy rule. 5. List five (5) examples of privacy data elements for HIPAA as defined in the privacy rule. g. Name, Address, City State Zip, Ailments/Conditions, and Social Security Number are five examples of...

Words: 879 - Pages: 4

Premium Essay

Basis

...Sarbanes-Oxley Act (SOX) – Passed in 2002, the SOX requires publicly traded companies to submit accurate and reliable financial reporting. This law does not require securing private information, but it does require security controls to protect the confidentiality and integrity of the reporting itself. Gramm-Leach-Bliley Act (GLBA) – Passed in 1999, the GLBA requires all types of financial institutions to protect customers’ private financial information. Health Insurance Portability and Accountability Act (HIPAA) – Passed in 1996, the HIPAA requires health care organizations to secure patient information. Children’s Internet Protection Act (CIPA) – Passed in 2000, CIPA requires public schools and public libraries to use an Internet safety policy. The policy must address the following: * Children’s access to inappropriate matter on the internet. * Children’s security when using e-mail, chat rooms, and other electronic communications. * Restricting hacking and other unlawful activities by children online. * Disclosing and distributing personal information about children without permission. * Restricting children’s access to harmful material. Family Education Rights and Privacy Act (FERPA) – Passed in 1974, FERPA protects the private data of students and their school records. Federal Information Security Management Act (FISMA) – Passed in 2002, the FISMA requires federal civilian agencies to provide security controls over resources that support federal operations...

Words: 1342 - Pages: 6

Premium Essay

Big Data

...policies.     3.    For each organization, recommend changes to their policies that could (a) better protect customers’ or consumers’ privacy, and (b) give the organizations more flexibility to use personal information of customers while still avoiding privacy or liability issues. Readings 1. U.S. citizens and non-U.S. citizens’ rights as granted in the 4th amendment, the Freedom of Information Act, the Privacy Act of 1974, the Communication Assistance for Law Enforcement Act (CALEA), the PATRIOT Act, the Protect America Act, and the Foreign Intelligence Surveillance Act 2. Additional privacy protective laws including the Fair credit reporting Act, and the Electronic Communication Privacy Act 3. Industry specific privacy laws–HIPAA, GLBA, and HITECH—p. 124-136 in the custom textbook You may need to use trade journals and newspaper stories in your reference list.  However, try to avoid opinion pieces (like blogs) that may not be factual.  You may state your own opinions, but these must be strengthened by scholarly references.  PS: Prepare your paper in Word format. It should be double-spaced with one-inch margins all around. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines.  Papers must include: cover page, table of contents, introduction, section headings and subheadings, conclusions, APA compliant in-text...

Words: 1023 - Pages: 5

Premium Essay

Dlp Dlp Dlp

...Interested in learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. Data Loss Prevention AD Copyright SANS Institute Author Retains Full Rights . 08 , Au tho rr eta ins ful l rig hts Data Loss Prevention 20 Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 Prevention Data Loss 06E4 A169 4E46 te GIAC Gold Certification Ins titu Author: Prathaben Kanagasingham Advisor: John C.A Bambenek © SA NS Accepted: August 15th 2008 Prathaben Kanagasingham © SANS Institute 2008, 1 As part of the Information Security Reading Room Author retains full rights. . ins Table of Contents ful l rig hts Data Loss Prevention Introduction....................................................................................3 2. Deeper Look at DLP Solution........................................................4 3. Identification of Sensitive Data......................................................6 tho rr eta 1. Data in Motion.....................................................................8 3.2 Data at Rest.....................................................................…9 3.3 Data at End Points.............................................................10 08 , Au 3.1 Choosing a Vendor...

Words: 8522 - Pages: 35

Premium Essay

Cissp

...CISSP: The Domains Table of Contents INTRODUCTION 4 DOMAIN 1: ACCESS CONTROL WHAT’S NEW IN ACCESS CONTROL? AN OVERVIEW 5 5 7 DOMAIN 2: SOFTWARE DEVELOPMENT SECURITY WHAT’S NEW IN APPLICATIONS SECURITY (NOW SOFTWARE DEVELOPMENT SECURITY)? AN OVERVIEW 9 9 10 DOMAIN 3: BUSINESS CONTINUITY & DISASTER RECOVERY WHAT’S NEW? AN OVERVIEW 12 12 13 DOMAIN 4: CRYPTOGRAPHY WHAT’S NEW? AN OVERVIEW 17 17 18 DOMAIN 5: INFORMATION SECURITY GOVERNANCE & RISK MANAGEMENT WHAT’S NEW? AN OVERVIEW 21 21 22 DOMAIN 6: LEGAL, REGULATIONS, INVESTIGATIONS, AND COMPLIANCE WHAT’S NEW? AN OVERVIEW 24 24 26 DOMAIN 7: SECURITY OPERATIONS WHAT’S NEW? AN OVERVIEW 28 28 29 DOMAIN 8: PHYSICAL & ENVIRONMENTAL SECURITY WHAT’S NEW? AN OVERVIEW 32 32 33 DOMAIN 9: SECURITY ARCHITECTURE & DESIGN WHAT’S NEW? AN OVERVIEW 36 36 38 DOMAIN 10: TELECOMMUNICATIONS & NETWORK SECURITY WHAT’S NEW? AN OVERVIEW 40 40 41 INFOSEC INSTITUTE’S CISSP BOOT CAMP COURSE OVERVIEW COURSE SCHEDULE 44 44 45 INTRODUCTION (ISC)²’s CISSP Exam covers ten domains which are:           Access Control Application Development Security Business Continuity and Disaster Recovery Planning Cryptography Information Security Governance and Risk Management Legal regulations, investigations, and compliance Operations Security Physical and Environmental Security Security Architecture and Design Telecommunications...

Words: 11687 - Pages: 47

Premium Essay

Ethics

...ETHICS IN INFORMATION TECHNOLOGY Third Edition This page intentionally left blank ETHICS IN INFORMATION TECHNOLOGY Third Edition George W. Reynolds Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Ethics in Information Technology, Third Edition by George W. Reynolds VP/Editorial Director: Jack Calhoun Publisher: Joe Sabatino Senior Acquisitions Editor: Charles McCormick Jr. Senior Product Manager: Kate Hennessy Mason Development Editor: Mary Pat Shaffer Editorial Assistant: Nora Heink Marketing Manager: Bryant Chrzan Marketing Coordinator: Suellen Ruttkay Content Product Manager: Jennifer Feltri Senior Art Director: Stacy Jenkins Shirley Cover Designer: Itzhack Shelomi Cover Image: iStock Images Technology Project Manager: Chris Valentine Manufacturing Coordinator: Julio Esperas Copyeditor: Green Pen Quality Assurance Proofreader: Suzanne Huizenga Indexer: Alexandra Nickerson Composition: Pre-Press PMG © 2010 Course Technology, Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without the prior written permission...

Words: 204343 - Pages: 818

Premium Essay

Business Continuity and Disaster Recovery Planning for It Professionals

...436_XSS_FM.qxd 4/20/07 1:18 PM Page ii 443_Disaster_Rec_FM.qxd 5/25/07 3:07 PM Page i Visit us at w w w. s y n g r e s s . c o m Syngress is committed to publishing high-quality books for IT Professionals and delivering those books in media and formats that fit the demands of our customers. We are also committed to extending the utility of the book you purchase via additional materials available from our Web site. SOLUTIONS WEB SITE To register your book, visit www.syngress.com/solutions. Once registered, you can access our solutions@syngress.com Web pages. There you may find an assortment of valueadded features such as free e-books related to the topic of this book, URLs of related Web sites, FAQs from the book, corrections, and any updates from the author(s). ULTIMATE CDs Our Ultimate CD product line offers our readers budget-conscious compilations of some of our best-selling backlist titles in Adobe PDF form. These CDs are the perfect way to extend your reference library on key topics pertaining to your area of expertise, including Cisco Engineering, Microsoft Windows System Administration, CyberCrime Investigation, Open Source Security, and Firewall Configuration, to name a few. DOWNLOADABLE E-BOOKS For readers who can’t wait for hard copy, we offer most of our titles in downloadable Adobe PDF form. These e-books are often available weeks before hard copies, and are priced affordably. SYNGRESS OUTLET Our outlet store at syngress...

Words: 189146 - Pages: 757

Premium Essay

Database Management System

...DATABASE S YSTEMS DESIGN, IMPLEMENTATION, AND MANAGEMENT CARLOS CORONEL • STEVEN MORRIS • PETER ROB Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Database Systems: Design, Implementation, and Management, Ninth Edition Carlos Coronel, Steven Morris, and Peter Rob Vice President of Editorial, Business: Jack W. Calhoun Publisher: Joe Sabatino Senior Acquisitions Editor: Charles McCormick, Jr. Senior Product Manager: Kate Mason Development Editor: Deb Kaufmann Editorial Assistant: Nora Heink Senior Marketing Communications Manager: Libby Shipp Marketing Coordinator: Suellen Ruttkay Content Product Manager: Matthew Hutchinson Senior Art Director: Stacy Jenkins Shirley Cover Designer: Itzhack Shelomi Cover Image: iStock Images Media Editor: Chris Valentine Manufacturing Coordinator: Julio Esperas Copyeditor: Andrea Schein Proofreader: Foxxe Editorial Indexer: Elizabeth Cunningham Composition: GEX Publishing Services © 2011 Cengage Learning ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted...

Words: 189848 - Pages: 760

Premium Essay

Aflac

...Table of Contents Index to Financial Statements UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C. 20549 FORM 10-K (Mark One) x ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2011 or ¨ TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the transition period from to Commission File Number: 001-07434 Aflac Incorporated (Exact name of registrant as specified in its charter) Georgia (State or other jurisdiction of incorporation or organization) 58-1167100 (I.R.S. Employer Identification No.) 1932 Wynnton Road, Columbus, Georgia (Address of principal executive offices) 31999 (ZIP Code) Registrant’s telephone number, including area code: 706.323.3431 Securities registered pursuant to Section 12(b) of the Act: Title of each class Common Stock, $.10 Par Value Name of each exchange on which registered New York Stock Exchange Tokyo Stock Exchange Securities registered pursuant to Section 12(g) of the Act: Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. None  Yes ¨ Yes ¨ No  No Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities...

Words: 87920 - Pages: 352