GGUSF US Veterans Affairs and Loss of Privacy Information Answers

User Generated

zngurjhue

Computer Science

Golden Gate University San Francisco

Description

Case Study on U.S. Veterans Affairs and Loss of Privacy Information

  1. What is the difference between privacy law and information systems security? How are they related?
  2. Was the employee justified in taking home official data? Why or why not?
  3. What are the possible consequences associated with the data loss?
  4. Regarding the loss of privacy data, was there any data containing protected health information (PHI) making this a Health Insurance Portability and Accountability Act (HIPAA) compliance violation?
  5. What action can the agency take against the employee concerned?
  6. Would the response of the agency have been different had the data theft occurred at work instead of happening at the employee’s residence? Why or why not?
  7. Why were the VA data analyst’s two supervisors reprimanded and demoted by the VA secretary? Do you think this was justified? Why or why not?
  8. What was violated in this data breach?
  9. If the database had been encrypted because of VA policy, would this data loss issue even have been an issue? Why or why not?
  10. What risk mitigation or security control recommendations would you suggest to prevent this from occurring again?
  11. What information systems security and privacy security policies do you think would help mitigate this breach and loss of privacy data?
  12. What or who was the weakest link in this chain of security and protection of privacy data?
  13. If the VA had performed a security and information assurance audit for compliance, what could the VA do on an annual basis to help mitigate this type of loose policy conformance?
  14. True or false: U.S. taxpayers ended up paying for this VA security breach, notifications, and post- mortem damage control.
  15. 15. Which organization in the U.S. federal government is responsible for performing audits on other U.S. federal government agencies? (Hint: It is also known as the “Congressional Watchdog.”)

Unformatted Attachment Preview

15 Lab #2 - Assessment Worksheet Case Study on U.S. Veterans Affairs and Loss of Privacy Information Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you reviewed a real-world case study that involved the loss of privacy information, and you analyzed what violations occurred, the implications of those violations, and the possible mitigation remedies that could prevent future violations. Lab Assessment Questions & Answers 1. What is the difference between privacy law and information systems security? How are they related? 2. Was the employee justified in taking home official data? Why or why not? 3. What are the possible consequences associated with the data loss? 4. Regarding the loss of privacy data, was there any data containing protected health information (PHI) making this a Health Insurance Portability and Accountability Act (HIPAA) compliance violation? 5. What action can the agency take against the employee concerned? Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual 16 | LAB #2 Case Study on U.S. Veterans Affairs and Loss of Privacy Information 6. Would the response of the agency have been different had the data theft occurred at work instead of happening at the employee’s residence? Why or why not? 7. Why were the VA data analyst’s two supervisors reprimanded and demoted by the VA secretary? Do you think this was justified? Why or why not? 8. What was violated in this data breach? 9. If the database had been encrypted because of VA policy, would this data loss issue even have been an issue? Why or why not? 10. What risk mitigation or security control recommendations would you suggest to prevent this from occurring again? 11. What information systems security and privacy security policies do you think would help mitigate this breach and loss of privacy data? 12. What or who was the weakest link in this chain of security and protection of privacy data? 13. If the VA had performed a security and information assurance audit for compliance, what could the VA do on an annual basis to help mitigate this type of loose policy conformance? 14. True or false: U.S. taxpayers ended up paying for this VA security breach, notifications, and postmortem damage control. 17 15. Which organization in the U.S. federal government is responsible for performing audits on other U.S. federal government agencies? (Hint: It is also known as the “Congressional Watchdog.”) Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved. www.jblearning.com Student Lab Manual
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Here you go....Please let me know if you have any question.

Lab #2- Case Study on U.S. Veteran Affairs and Loss of Privacy Information
1. What is the difference between privacy law and information systems security?
How are they related?
Privacy is the right of an individual for controlling the disclosure and use of his
particular private information. On the other hand, the process utilized for keeping the data
private is information security.
2. Was the employee justified in taking home official data? Why or why not?
As the proper permission was given to the employee for taking the official data at
home; hence, he was justified in this act.
3. What are the possible consequences associated with the data loss?
There are a number of penalties that are related to the loss of data. Identity theft
would be the most critical outcome. Furthermore, this could result in monetary issues for
every individual, although there was no fiscal data stored within the device.
4. Regarding the loss of privacy data, was there any data containing personal
healthcare inf...


Anonymous
Awesome! Perfect study aid.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags