PricingBlogAbout Us

Legal Regulations and Compliance: HIPAA, PCI DSS, and Social Media

Verified

Added on  2023/06/03

|6
|1282
|275
Homework Assignment
AI Summary
This assignment solution addresses legal regulations and compliance, focusing on data privacy and security. It discusses the U.S. Veterans Administration's contractor access to HIPAA-compliant data, emphasizing accountability and improved access management through better training and cybersecurity measures. The solution also covers PCI DSS compliance for CardData Systems, highlighting the assess, remediate, and report steps. It explains the relationship between HIPAA and PHI, their transformation in e-commerce, and the rapid expansion of healthcare in the online marketplace. Furthermore, it differentiates between stalking and bullying, providing examples, and suggests policies for ensuring organizational safety in social media, preventing security breaches. The document concludes by emphasizing the importance of implementing policies for unattended accounts, human error, scams, phishing attacks, and malware attacks to maintain organizational security.
Document Page
Running head: LEGAL REGULATIONS AND COMPLIANCE
Legal Regulations and Compliance
Name of the Student
Name of the University
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1LEGAL REGULATIONS AND COMPLIANCE
1. Why were these contractors held accountable? How can the agency better handle
managing contractor access to sensitive privacy data in the future? What type of
training do you think should be put in place to better equip the VA staff and
contractors so that this does not happen again?
The health insurance portability and accountability Act explains the essentiality of the
protection f the sensitive data related to the patient. In the above mentioned scenario, the lack
of proper access to the HIPAA Compliant Data by the U.S. Veterans Administration lead to
the scenario of susceptibility of the personal or the private data of the patient towards leakage
or attack (Lye et al., 2018). Thus the individuals involved in the process of the access of the
data were imposed heavy penalties and was held accountable on the basis of the discrepancy
caused by them towards the risk of the manhandling or the leakage of the personal data of the
patients.
In the future perspective, the agency can better handle the management towards the
access sensitive issue of the privacy of the data by reviewing the organization's ongoing
posture of cyber security, identifying and prioritizing the improvement areas and initiate
effective communication with both the internal and the external stakeholders on the topic of
the cyber security risk.
Proper trainings are required for the compliance of the data for the VA staff members
so that the discrepancy does not happen again, Trainings on implementation of the written
policies and the procedures, training relevant to record handling, state and the federal laws,
Document Page
2LEGAL REGULATIONS AND COMPLIANCE
appropriate staff access and the agreements of the business associates are required in the
agency.
2. CardData Systems thought they were PCI-DSS Compliant but they were not. What
steps should they or any organization looking to ensure they are compliant must
consider and adhere to?
The payment card industry data security standard or PCI DSS is applicable to the
organization that accepts the process of the card payments. In the above scenario, though the
CardData Systems thought that were PCI DSS compliant but later they found that are not.
For ensuring and considering for the compliances for adhering to, he company needs to
follow certain process and regimes (Brown et al., 2015). There lie three of the essential steps
in the journey for adhering the PCI DSS and to be compliant. These include firstly, the
assess, second, the remediate and finally the reporting. The process of assess includes
performance of the audit identity , the process of remediate includes fixing the vulnerabilities
and reporting means compiling and submitting the remediation validation recording.
3. We know that HIPAA is integral to PHI and vice versa. What is so important?
Please explain the relationship. Also. explain how PHI and HIPAA are being
changed dramatically by e-commerce and the rapid expansion of healthcare in an
online marketplace.
The factors of HIPAA and PHI are considerable and identifiable health data that is
generally used for the maintenance, storing and the transmission by the covered identity of
HIPAA. PHI is integral to HIPAA since both of them provide the protection towards the

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3LEGAL REGULATIONS AND COMPLIANCE
personal health care information by entities providing the patient a wide range of rights
(Joshi, Yesha & Finin, 2016).
In case of the rapid expansion of the online marketplace and the e-commerce, HIPAA
and PHI is changing its structure. People have become more internets friendly and thus they
tend to book appointments and initiate in availing health care facilities via ecommerce
websites.
4. What is the difference between stalking and bullying. Provide a substantive example
of each.
Stalking can be described as an unwanted or repeated surveillance by the action of any of
the individual or a group of people over another person, The behavior of stalking is
connected to harassment though does not include any sort of physical instance but on the
mental violence (Dunlap et al., 2015). Cyber stalking is one of the instance or example in the
current era which includes the use of the electronic communication systems for the
harassment or the manipulation of any individual trough the virtual world. Example includes
threatening someone.
Bullying is the utilization of superior strengths to frighten any individual. The act
includes forcing someone to initiate any activity of the attacker (Skrzypiec et al., 2018). One
of the examples is the cyber bullying which involves disrespecting and insulting any
individual in the platform of social media.
5. What kind of policies would you implement to ensure people in your organization
are safe in the world of social media, and that organizational infrastructure is not
compromised by a social media security breach?
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4LEGAL REGULATIONS AND COMPLIANCE
Some of the best policies to ensure safety in the world of the social media without any
sort of compromise of the infrastructure of the organization by the breaches of the social
media are the following.
Policies for the unattended accounts in the platform of social media that can be easy
targets for the hackers, legislations regarding human error in the context of cyber security
threats, policies for the scams and the phishing attacks, malware attacks and hacks (Cavelty,
2014). These control measures are essential for ensuring organizational security in the world
of increased use of social media.
Document Page
5LEGAL REGULATIONS AND COMPLIANCE
Reference
Brown, D. C., Blythe, S., Kimberg, D. M., & Sabet, M. H. (2015). U.S. Patent No. 9,165,293.
Washington, DC: U.S. Patent and Trademark Office.
Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and
removing vulnerabilities. Science and engineering ethics, 20(3), 701-715.
Dunlap, E. E., Lynch, K. R., Jewell, J. A., Wasarhaley, N. E., & Golding, J. M. (2015).
Participant gender, stalking myth acceptance, and gender role stereotyping in perceptions
of intimate partner stalking: a structural equation modeling approach. Psychology, Crime
& Law, 21(3), 234-253.
Joshi, K. P., Yesha, Y., & Finin, T. (2016, June). An Ontology for a HIPAA compliant cloud
service. In 4th International IBM Cloud Academy Conference ICACON 2016.
Lye, C. T., Forman, H. P., Gao, R., Daniel, J. G., Hsiao, A. L., Mann, M. K., ... & Krumholz, H.
M. (2018). Assessment of US Hospital Compliance With Regulations for Patients’
Requests for Medical Records. JAMA Network Open, 1(6), e183014-e183014.
Skrzypiec, G., Askell-Williams, H., Slee, P. T., & Lawson, M. J. (2018). Involvement in bullying
during high school: A Survival Analysis approach. Violence and Victims, 33(3), 563-582.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.