Principles of Information Security Chapter 3 Review

1291 Words Nov 5th, 2013 6 Pages
Chapter 3 Review 1. What is the difference between law and ethics?
The difference between law and ethics is that law is a set of rules and regulations that are universal and should be accepted and followed by society and organizations. Ethics on the other hand was derived from the latin word mores and Greek word Ethos means the beliefs and customs that help shape the character of individuals and how people interact with one another 2. What is civil law, and what does it accomplish?
A wide variety of laws that govern a nation or state and deal with the relationships and conflicts between organisational and entities and people. 3. What are the primary examples of public law?
Criminal, administrative and constitutional law.
…show more content…
The act requires organisations that retain health-care information to use information security information security mechanisms to protect information, as well as policies and procedures to maintain this security. HIPPAA provides guidelines for the use of electronic signatures based on security standards that ensure message integrity, user authentication and nonrepudiation. 8. If you work for a financial service organisation such as bank or credit union, which 1999 law affects your use of customer data? What other affects does it have?
The law from 1999 that affects the use of customer data by financial institutions is the Financial Services Modernisation Act or Gramm-Leah-Bliley Act of 1999. Specifically, this act requires all financial institutions to disclose their privacy policies on the sharing of non-public personal information. It also requires due notice to customers, so that they can request that their information not be shared with third parties. In addition, the act ensures that the privacy policies effect in an organisation are both fully disclosed when a customer initiates a business relationship, and distributed at least annually for the duration of the professional association. 9. What is the primary purpose of the USA PATRIOT ACT?
The purpose of the USA Patriot Act is to deter and punish terrorist acts in the united States and around the world, and to enhance law enforcement investigatory tools. 10. Which 1997 law provides guidance on