Legal Regulations and Compliance
VerifiedAdded on  2023/06/03
|6
|1282
|275
AI Summary
This article discusses legal regulations and compliance in healthcare, PCI-DSS compliance, stalking and bullying, and social media security breaches. It provides expert insights and recommendations on how to handle these issues.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: LEGAL REGULATIONS AND COMPLIANCE
Legal Regulations and Compliance
Name of the Student
Name of the University
Author Note
Legal Regulations and Compliance
Name of the Student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1LEGAL REGULATIONS AND COMPLIANCE
1. Why were these contractors held accountable? How can the agency better handle
managing contractor access to sensitive privacy data in the future? What type of
training do you think should be put in place to better equip the VA staff and
contractors so that this does not happen again?
The health insurance portability and accountability Act explains the essentiality of the
protection f the sensitive data related to the patient. In the above mentioned scenario, the lack
of proper access to the HIPAA Compliant Data by the U.S. Veterans Administration lead to
the scenario of susceptibility of the personal or the private data of the patient towards leakage
or attack (Lye et al., 2018). Thus the individuals involved in the process of the access of the
data were imposed heavy penalties and was held accountable on the basis of the discrepancy
caused by them towards the risk of the manhandling or the leakage of the personal data of the
patients.
In the future perspective, the agency can better handle the management towards the
access sensitive issue of the privacy of the data by reviewing the organization's ongoing
posture of cyber security, identifying and prioritizing the improvement areas and initiate
effective communication with both the internal and the external stakeholders on the topic of
the cyber security risk.
Proper trainings are required for the compliance of the data for the VA staff members
so that the discrepancy does not happen again, Trainings on implementation of the written
policies and the procedures, training relevant to record handling, state and the federal laws,
1. Why were these contractors held accountable? How can the agency better handle
managing contractor access to sensitive privacy data in the future? What type of
training do you think should be put in place to better equip the VA staff and
contractors so that this does not happen again?
The health insurance portability and accountability Act explains the essentiality of the
protection f the sensitive data related to the patient. In the above mentioned scenario, the lack
of proper access to the HIPAA Compliant Data by the U.S. Veterans Administration lead to
the scenario of susceptibility of the personal or the private data of the patient towards leakage
or attack (Lye et al., 2018). Thus the individuals involved in the process of the access of the
data were imposed heavy penalties and was held accountable on the basis of the discrepancy
caused by them towards the risk of the manhandling or the leakage of the personal data of the
patients.
In the future perspective, the agency can better handle the management towards the
access sensitive issue of the privacy of the data by reviewing the organization's ongoing
posture of cyber security, identifying and prioritizing the improvement areas and initiate
effective communication with both the internal and the external stakeholders on the topic of
the cyber security risk.
Proper trainings are required for the compliance of the data for the VA staff members
so that the discrepancy does not happen again, Trainings on implementation of the written
policies and the procedures, training relevant to record handling, state and the federal laws,
2LEGAL REGULATIONS AND COMPLIANCE
appropriate staff access and the agreements of the business associates are required in the
agency.
2. CardData Systems thought they were PCI-DSS Compliant but they were not. What
steps should they or any organization looking to ensure they are compliant must
consider and adhere to?
The payment card industry data security standard or PCI DSS is applicable to the
organization that accepts the process of the card payments. In the above scenario, though the
CardData Systems thought that were PCI DSS compliant but later they found that are not.
For ensuring and considering for the compliances for adhering to, he company needs to
follow certain process and regimes (Brown et al., 2015). There lie three of the essential steps
in the journey for adhering the PCI DSS and to be compliant. These include firstly, the
assess, second, the remediate and finally the reporting. The process of assess includes
performance of the audit identity , the process of remediate includes fixing the vulnerabilities
and reporting means compiling and submitting the remediation validation recording.
3. We know that HIPAA is integral to PHI and vice versa. What is so important?
Please explain the relationship. Also. explain how PHI and HIPAA are being
changed dramatically by e-commerce and the rapid expansion of healthcare in an
online marketplace.
The factors of HIPAA and PHI are considerable and identifiable health data that is
generally used for the maintenance, storing and the transmission by the covered identity of
HIPAA. PHI is integral to HIPAA since both of them provide the protection towards the
appropriate staff access and the agreements of the business associates are required in the
agency.
2. CardData Systems thought they were PCI-DSS Compliant but they were not. What
steps should they or any organization looking to ensure they are compliant must
consider and adhere to?
The payment card industry data security standard or PCI DSS is applicable to the
organization that accepts the process of the card payments. In the above scenario, though the
CardData Systems thought that were PCI DSS compliant but later they found that are not.
For ensuring and considering for the compliances for adhering to, he company needs to
follow certain process and regimes (Brown et al., 2015). There lie three of the essential steps
in the journey for adhering the PCI DSS and to be compliant. These include firstly, the
assess, second, the remediate and finally the reporting. The process of assess includes
performance of the audit identity , the process of remediate includes fixing the vulnerabilities
and reporting means compiling and submitting the remediation validation recording.
3. We know that HIPAA is integral to PHI and vice versa. What is so important?
Please explain the relationship. Also. explain how PHI and HIPAA are being
changed dramatically by e-commerce and the rapid expansion of healthcare in an
online marketplace.
The factors of HIPAA and PHI are considerable and identifiable health data that is
generally used for the maintenance, storing and the transmission by the covered identity of
HIPAA. PHI is integral to HIPAA since both of them provide the protection towards the
3LEGAL REGULATIONS AND COMPLIANCE
personal health care information by entities providing the patient a wide range of rights
(Joshi, Yesha & Finin, 2016).
In case of the rapid expansion of the online marketplace and the e-commerce, HIPAA
and PHI is changing its structure. People have become more internets friendly and thus they
tend to book appointments and initiate in availing health care facilities via ecommerce
websites.
4. What is the difference between stalking and bullying. Provide a substantive example
of each.
Stalking can be described as an unwanted or repeated surveillance by the action of any of
the individual or a group of people over another person, The behavior of stalking is
connected to harassment though does not include any sort of physical instance but on the
mental violence (Dunlap et al., 2015). Cyber stalking is one of the instance or example in the
current era which includes the use of the electronic communication systems for the
harassment or the manipulation of any individual trough the virtual world. Example includes
threatening someone.
Bullying is the utilization of superior strengths to frighten any individual. The act
includes forcing someone to initiate any activity of the attacker (Skrzypiec et al., 2018). One
of the examples is the cyber bullying which involves disrespecting and insulting any
individual in the platform of social media.
5. What kind of policies would you implement to ensure people in your organization
are safe in the world of social media, and that organizational infrastructure is not
compromised by a social media security breach?
personal health care information by entities providing the patient a wide range of rights
(Joshi, Yesha & Finin, 2016).
In case of the rapid expansion of the online marketplace and the e-commerce, HIPAA
and PHI is changing its structure. People have become more internets friendly and thus they
tend to book appointments and initiate in availing health care facilities via ecommerce
websites.
4. What is the difference between stalking and bullying. Provide a substantive example
of each.
Stalking can be described as an unwanted or repeated surveillance by the action of any of
the individual or a group of people over another person, The behavior of stalking is
connected to harassment though does not include any sort of physical instance but on the
mental violence (Dunlap et al., 2015). Cyber stalking is one of the instance or example in the
current era which includes the use of the electronic communication systems for the
harassment or the manipulation of any individual trough the virtual world. Example includes
threatening someone.
Bullying is the utilization of superior strengths to frighten any individual. The act
includes forcing someone to initiate any activity of the attacker (Skrzypiec et al., 2018). One
of the examples is the cyber bullying which involves disrespecting and insulting any
individual in the platform of social media.
5. What kind of policies would you implement to ensure people in your organization
are safe in the world of social media, and that organizational infrastructure is not
compromised by a social media security breach?
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4LEGAL REGULATIONS AND COMPLIANCE
Some of the best policies to ensure safety in the world of the social media without any
sort of compromise of the infrastructure of the organization by the breaches of the social
media are the following.
Policies for the unattended accounts in the platform of social media that can be easy
targets for the hackers, legislations regarding human error in the context of cyber security
threats, policies for the scams and the phishing attacks, malware attacks and hacks (Cavelty,
2014). These control measures are essential for ensuring organizational security in the world
of increased use of social media.
Some of the best policies to ensure safety in the world of the social media without any
sort of compromise of the infrastructure of the organization by the breaches of the social
media are the following.
Policies for the unattended accounts in the platform of social media that can be easy
targets for the hackers, legislations regarding human error in the context of cyber security
threats, policies for the scams and the phishing attacks, malware attacks and hacks (Cavelty,
2014). These control measures are essential for ensuring organizational security in the world
of increased use of social media.
5LEGAL REGULATIONS AND COMPLIANCE
Reference
Brown, D. C., Blythe, S., Kimberg, D. M., & Sabet, M. H. (2015). U.S. Patent No. 9,165,293.
Washington, DC: U.S. Patent and Trademark Office.
Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and
removing vulnerabilities. Science and engineering ethics, 20(3), 701-715.
Dunlap, E. E., Lynch, K. R., Jewell, J. A., Wasarhaley, N. E., & Golding, J. M. (2015).
Participant gender, stalking myth acceptance, and gender role stereotyping in perceptions
of intimate partner stalking: a structural equation modeling approach. Psychology, Crime
& Law, 21(3), 234-253.
Joshi, K. P., Yesha, Y., & Finin, T. (2016, June). An Ontology for a HIPAA compliant cloud
service. In 4th International IBM Cloud Academy Conference ICACON 2016.
Lye, C. T., Forman, H. P., Gao, R., Daniel, J. G., Hsiao, A. L., Mann, M. K., ... & Krumholz, H.
M. (2018). Assessment of US Hospital Compliance With Regulations for Patients’
Requests for Medical Records. JAMA Network Open, 1(6), e183014-e183014.
Skrzypiec, G., Askell-Williams, H., Slee, P. T., & Lawson, M. J. (2018). Involvement in bullying
during high school: A Survival Analysis approach. Violence and Victims, 33(3), 563-582.
Reference
Brown, D. C., Blythe, S., Kimberg, D. M., & Sabet, M. H. (2015). U.S. Patent No. 9,165,293.
Washington, DC: U.S. Patent and Trademark Office.
Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and
removing vulnerabilities. Science and engineering ethics, 20(3), 701-715.
Dunlap, E. E., Lynch, K. R., Jewell, J. A., Wasarhaley, N. E., & Golding, J. M. (2015).
Participant gender, stalking myth acceptance, and gender role stereotyping in perceptions
of intimate partner stalking: a structural equation modeling approach. Psychology, Crime
& Law, 21(3), 234-253.
Joshi, K. P., Yesha, Y., & Finin, T. (2016, June). An Ontology for a HIPAA compliant cloud
service. In 4th International IBM Cloud Academy Conference ICACON 2016.
Lye, C. T., Forman, H. P., Gao, R., Daniel, J. G., Hsiao, A. L., Mann, M. K., ... & Krumholz, H.
M. (2018). Assessment of US Hospital Compliance With Regulations for Patients’
Requests for Medical Records. JAMA Network Open, 1(6), e183014-e183014.
Skrzypiec, G., Askell-Williams, H., Slee, P. T., & Lawson, M. J. (2018). Involvement in bullying
during high school: A Survival Analysis approach. Violence and Victims, 33(3), 563-582.
1 out of 6
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.