Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

You must complete the assignment in a Word document and then upload it to the as

ID: 3920827 • Letter: Y

Question

You must complete the assignment in a Word document and then upload it to the assignment area for grading. Remember, you must cite and reference sources. Your answer must be a minimum of 2 full pages in length following APA guidelines.

For this assignment you will need to review state data and security breach notification laws that define what organizations must do if they have had a data or security breach that impacted citizen privacy data. The National Conference of State Legislatures (NCSL) Web site traces telecommunication and information technology state legislation. Please click the below link and review two states data and security privacy breach notification laws and answer the below questions.

http://www.ncsl.org/IssuesResearch/TelecommunicationsInformationTechnology/SecurityBreachNotificationLaws/tabid/13489/Default.aspx

1. Discuss, in detail, the two states laws on data and security breach notifications that you researched.

2. How does state government data security breach notification laws relate to individual privacy.

Explanation / Answer

Answer:

The breach is defined as the unauthorized acquisition of data which is sensitive. To secure this data, security breach laws basically identifies the bodies who need to access the data and comply with the law such as the business organizations, government entities, and so on.

1. The two state laws on data and security breach notifications that we researched are discussed below:

ALABAMA: Effective on 1st June, 2018

An Alabama resident’s first name or first initial and last name in combination with one or more of the following with respect to the same Alabama resident: (1) a non-truncated social security number or tax identification number; (2) a non-truncated driver’s license number, state-issued identification card number, passport number, military identification number, or other unique identification number issued on a government document used to verify the identity of a specific individual; (3) a financial account number, including a bank account number, credit card number, or debit card number, in combination with any security code, access code, password, expiration date, or PIN that is necessary to access the financial account or to conduct a transaction that will credit or debit the financial account; (4) any information regarding an individual’s medical history, mental or physical condition, or medical treatment or diagnosis by a health care professional; (5) an individual’s health insurance policy number or subscriber identification number and any unique identifier used by a health insurer to identify the individual; or (6) a username or email address, in combination with a password or security question and answer that would permit access to an online account affiliated with the covered entity that is reasonably likely to contain or is used to obtain sensitive personally identifying information.

In determining whether sensitive personally identifying information has been acquired, or is reasonably believed to have been acquired, by an unauthorized person without valid authorization, the following factors may be considered: (1) indications that the information is in the physical possession and control of a person without valid authorization, such as a lost or stolen computer or other device containing information; (2) indications that the information has been downloaded or copied; (3) indications that the information was used by an unauthorized person, such as fraudulent accounts opened or instances of identity theft reported; or (4) whether the information has been made public.

There is no private right of action. However, the Office of the Attorney General may enforce violations of the Alabama Data Breach Notification Act as a deceptive trade practice and maintains exclusive authority to bring an action for civil penalties.

ARIZONA: Effective on 1st June, 2018

An individual’s first name or first initial and last name in combination with any one or more of the following specified data elements: (1) an individual’s social security number; (2) the number on an individual’s driver license issued pursuant to § 28-3166 or non-operating identification license issued pursuant to § 28-3165; (3) a private key that is unique to an individual and that is used to authenticate or sign an electronic record; (4) an individual’s financial account number or credit or debit card number in combination with any required security code, access code or password that would allow access to the individual’s financial account; (5) an individual’s health insurance identification number; (6) information about an individual’s medical or mental health treatment or diagnosis by a health care professional; (7) an individual’s passport number; (8) an individual’s taxpayer identification number or an identity protection personal identification number issued by the IRS; (9) unique biometric data generated from a measurement or analysis of human body characteristics to authenticate an individual when the individual accesses an online account. An individual’s user name or e-mail address, in combination with a password or security question and answer, that allows access to an online account.

A person is not required to provide notice of a security system breach if that person, an independent third-party forensic auditor or a law enforcement agency determines after a reasonable investigation that a security system breach has not resulted in or is not reasonably likely to result in substantial economic loss to affected individuals

This law may only be enforced by the attorney general. The attorney general may bring an action to obtain actual damages for a willful and knowing violation of this section and a civil penalty not to exceed $10,000 per breach of the security of the system or series of breaches of a similar nature that are discovered in a single investigation.

2. The state government data security breach notification laws relate to individual privacy as:

Related Questions

You mix 215.0 gallons of a mixture containing 12.00 wt% NaCI (sodium chloride) a
Question #772189
You mix 215.0 gallons of a mixture containing 12.00 wt% NaCI (sodium chloride) a
Question #773220
You mix 275 gallons of a mixture containing 4 wt% Naci (sodium chlonde) and 96 w
Question #716783
You mix 325 gallons of a mixture containing 4 wt% NaCI (sodium chloride) and 96
Question #984413
You mix 335 gallons of a mixture containing 4 wt% NaCl (sodium chloride) and 96
Question #701296
You mix 48.0 mL of 0.070 M NaOH with 24.0 mL of 0.14 M formic acid (Ka = 1.8 * 1
Question #706484
You mix 50 ml of a weak monoprotic acid with 50 ml of NaOH solution in a coffee
Question #708161
You mix 50.0 mL of a weak monoprotic acid wilh 50.0 ml. of NaOH solution in a co
Question #973851
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
You must complete the assignment in a Word document and then upload it to the as
Next
You must complete the circuit of (Figure 1) in such a way that it draws a curren

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.