Policies to Implement Regulatory Requirements
Review the Week 2 readings and the Red Clay Renovations company profile for background information before responding to this discussion question.
The company’s IT Governance Board has been tasked with developing a set of policies to address IT security requirements arising from
(a) PCI-DSS (credit card and transaction information)
(b) the HIPAA Security Rule (health related information)
(c) the “Red Flags” Rule (consumer credit information: identity theft prevention).
Choose one of the three sources of regulatory requirements listed above. Write a three paragraph briefing statement which summarizes the regulatory requirements as they apply to the company’s collection, processing, management, and storage of personal information about its clients. Your briefing statement should identify the specific types of personal information which are covered by the “rule” or “standard.”
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.
Make sure you use the discussion rubric as well as the above information to ensure you include all the required elements in your discussion response.