Description
Chapter Eight (8): Information Governance(IG) and Legal Functions: According to the authors, Smallwood, Kahn, and Murphy, IG is perhaps one of the functional areas that impact legal functions most. Failure to meet them could be literally put an organization out of business or land executives in prison. Privacy, security, records management, information technology (IT), and business management functions are very important. However, the most significant aspect of all of these functions relates to legality and regulatory compliance from a critical perspective.
For this discussion, identify the industry you will be writing about in your final paper and discuss the regulatory compliance requirements that the company has to meet and the corresponding security, privacy, and records management functions that would need to be enabled for that organization. Remember to cite your sources and critically respond to two other learners.
Requirements:
1. Make your initial post with at least one scholarly reference.(minimum 250 words)
2. Use information from your readings and other sources. Use proper citations and references in your post (scholarly references should match the content)
3. Need two response posts also (150 words each)
Here are the two posts for which responses are needed.
Post -1 :
According to Lajara (2013), Information Governance (IG) offers guidelines, monitoring controls, and standards that ensure the quality, value, and compliance of information. I will be discussing the regulatory compliance requirement that a healthcare facility has to meet and the security, privacy, and records management functions that need to be enabled. When implementing an IG policy for a healthcare facility needs framing and informing with internal and external frameworks, set standards and models, and the best practices relating to the industry and the scope of the IG policy to be implemented (Smallwood, 2014). Every organization including the healthcare facility I will be discussing should follow the set regulatory compliances. These regulatory compliances should be followed by all organizations and has an impact on how an organization operates (Mattord & Whitman, 2007). IG ensures that the legal compliances are followed to avoid legal actions being taken against an organization not complying with regulatory requirements.
Smallwood (2014) highlights the privacy and protection of data, reporting obligations, electronic discovery (eDiscovery) readiness, information authenticity and integrity, and regulatory records retention as the key legal processes that organizations must adhere to in their operations.
In healthcare, the Health Insurance Portability and Accountability Act (HIPAA) legislation protects the patient’s information privacy and security (Johnston & Warkentin, 2008). Healthcare facilities have to follow the HIPAA privacy rule that is a federal privacy law enacted for protecting health information and prevent data breaches. Health information is critical, and healthcare facilities should follow HIPAA guidelines to avoid lawsuits in case the privacy of patient's information is compromised. By complying with HIPAA regulations, healthcare facilities can protect the privacy of patients' information as well as their overall security. Compliance with HIPAA regulations and following IG implementation best practices by the healthcare facility are key in meeting the regulatory compliance requirements.
Post-2:
ERM:
After reviewing the case study, the following issues come at play and are very important as part and parcel in the implementation of the risk management program. First, there is need for the organizations to deploy risk as a business opportunity as there are uncertainties and the Enterprise Risk management is very critical for the organization. Another important aspect is the need looking at the risk-taking capabilities and new opportunities that comes at playing the organization. When an organization has one of the robust ERM like the in the case study, it presents new opportunities that provides a framework for identification and analysis of risk that the organization can take (Hoyt & Liebenberg,2011). Besides, the project can control risk and opportunities and indeed the performance of the project is solely dependent on several challenges that the organization faces whch is accompanied with external influences whch re outside the scope of the project control.
In addition, ERM is very important as it is the thin line between success and he health life of the organization. When the organization fails to map out the risks that are existence, it will be poorly prepared in facing all the risk events in the organization. When the risks are well prepared, it increases the chances of success of any particular project in the organization.
Importance of ERM:
First, is the ERM provides standardized tool in risk reporting which comes with analysis of risk and provision of the standardized reports This provides the need to understand the leadership on the risk areas in the business(Grace et al 2015).On the other hand, it improves the focus and perspective on risk by providing new potential indicators and events that are accompanied with warning. The new metrics and measurement of risk aids in improving value and the reporting analysis that helps the business in tracking potential chances in risk vulnerabilities in the business.
Here is the second post
Regulatory Compliance Requirements
Compliance is not an easy process since it is expensive; it consumes time, and regulations are progressively changing. It is hard to get by in from employees or management that consider compliance an obstacle to productivity. Also, it is challenging to realize when an organization falls out of compliance. However, taking a company like Apple has put into place the requirements required to ensure that it meets the regulatory and compliance standards.
The first requirement that the company has met is that it has kept the regulatory changes; that is, it has been checking for up to date standards and regulations. The company has educated its employees on the importance of compliance and always understanding the rules that one is complying with and the reason for compliance (Elgammal, et al, 2016). As another requirement, the company has designated the compliance champion by hiring a compliance officer who handles the compliance cases. The company has invested in the right compliance tools that help in constantly monitoring compliance. The tools assure that the organization complies with the regulations and standards (Tikkinen, Rohunen, & Markkula, 2018). Lastly, the company has made a bridge between the company's security team and legal. It has ensured a cohesion between the legal department and the security team to guarantee the company's compliance.
However, the company requires to develop the necessary policies and procedures that will be aligned with record management. Also, the company involves a document management system that will be detecting incidents of compliance cases. The system helps in mitigating the risk of a lawsuit for the organization.
Explanation & Answer
Attached.
Information Governance Regulatory Compliance Requirements
Name
Institution Affiliation
Course
Instructor
Date
Regulatory Requirements for Netflix
Regulatory compliance requirements are formulated based on cultural, legal, economic,
and technological reasons. These requirements are modeled on the unique and specific needs of
the countries and regions that Netflix as a leader in the audio-visual industry, provides its
services.
Netflix has to comply with the cultural regulations of countries and regions where it
intends to sell audiovisual products. These requirements insist that the content aired must meet
certain criteria based on political, religious, and cultural norms. For instance, Netflix had to
comply with Saudi Arabia’s strict laws against freedom of expression, Kenya’s conservative
moral values (Ikigai Law, 2019), and the European Union requirement that at least 30% of aired
content should be European to promote Europe’s culture (Europarl, 2018; La Torre, 2014).
There are legal regulatory requirements that Netflix must satisfy. There are general,
reproduction, and publication requirements for the administration of audio-visual content. For
instance, content must not disturb social stability and social order. Furthermore, all content must
comply with the principles in a country’s constitution (WIPO, 2002). Also, Netflix is obliged to
pay its digital taxes just like any other business in host countries.
Content regulation and rating matter. Generally, audio-visuals are rated to protect minors’
from harmful advertising, adult content, violence, and...