CITC 2367_Assignment6

.docx

School

Volunteer State Community College *

*We aren’t endorsed by this school

Course

2367

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by adder1

Report
CITC-2367-C01 – Cloud Essentials Module 7.1 Assignment – Identify the Scope of TN’s Data & Security Breach Notification Law Module 7.1 Assignment – Identify the Scope of TN’s Data & Security Breach Notification Law From an individual privacy standpoint, Tenn. Code Ann. § 47-18-2107 subsection (b) (State of Tennessee, 2021) states that in the event of a breach of system security by the information holder, they must disclose the breach to any TN resident whose information may have been acquired. This disclosure must be within 45 days of the discovery of the breach with exceptions for law enforcement needs. Subsection (f) relates how an information holder can be in compliance with the code, by maintaining procedures in place as part of an information security policy. Subsection (g) notes that if the breach would affect more than 1,000 persons in one instance, the information holder must notify both consumer reporting agencies and credit bureaus of the details of the breach. A specific note about breaches from a state agency is brought up in Tenn. Code Ann. 8-4-119 (State of Tennessee, 2021). If a state agency is breached, the agency will report the breach to the comptroller of the treasury. As described in subsection (d), this information is considered confidential, and not an open record. This means that it will not be public knowledge. Obviously, this can be a problem for any TN residents that may have their information stolen from a state agency. State governments need to have the data security breach notification laws because federal law does not address several aspects such as what personal information encompasses, what is an information breach, and who must comply with the law (National Conference of State Legislatures, n.d.). Additionally, requirements for CITC-2367-C01 – Cloud Essentials
CITC-2367-C01 – Cloud Essentials Module 7.1 Assignment – Identify the Scope of TN’s Data & Security Breach Notification Law notice and exceptions for the requirements are detailed in the state laws. The requirements and definitions can vary from state to state, although there is a consensus on the larger aspects of notifications. CITC-2367-C01 – Cloud Essentials
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help