The Red Clay CEO tasked the companyâs IT Governance Board with developing a set of policies to address IT security requirements (including mandates for protecting privacy) arising from the following rule standard
(a) PCI-DSS (credit card and transaction information)
(b) the HIPAA Security Rule (health related information)
(c) the âRed Flagsâ Rule (consumer credit information: identity theft prevention).
Choose one of the three sources of regulatory requirements listed above. Write a three-paragraph briefing statement that summarizes the regulatory requirements as they apply to the companyâs collection, processing, management, and storage of personal information about Red Clay's clients. Your briefing statement should identify the specific types of personal information covered by the âruleâ or âstandard.â Include a compelling argument for why the company needs to adopt guidance policies that will ensure compliance with laws and regulations related to protecting personal information.
Sample Solution