Essay on Security Regulation Compliance

1067 Words5 Pages
ORGANIZATIONAL CHANGE: PEOPLE CHANGE
Percy A. Grisby II
Computer Ethics
March 13, 2015
Professor Sonya M. Dennis

1. Overview
Below we are going to discuss 6 Acts/Laws which are meant for the betterment for society and facilitate the workflow, maintain the privacy of every individual citizen of the country, provide legal rights to the workers/labors, owner of an intellectual property, opportunities for financial institutions to expand their business, maintain the data security and integrity.
1.1 FISMA [1]
FISMA (Federal Information Security Management Act) came into existence when Congress realized the importance of Information Security and it included FISMA as a part of E - Government Act of 2002.
FISMA requires regulatory
…show more content…
It’s also known as a Financial Modernization act of 1999. This act allowed banks to engage in a wide array of financial services like merging with stock brokerage and insurance companies, which also gave them way to possess a large amount of public and private client information. The information is usually considered private and risk of misuse is high, therefore Title 5 of the GLBA specially addresses protecting both the privacy and security of information.
1.4 PCI DSS
Payment Card Industry Data Security Standards must be followed by any merchant who handles payment card details. The merchant must comply with the PCI DSS rules in order to be approved and continue to accept online card payments. Failure to do so will place the merchant at risk of having its license to take card payment revoked and will also be regarded as a disciplinary offense. Noncompliance is not an option!
The Payment Card Industry Security Standards Council (PCI SSC) releases the documents stating the standards to be maintained by different merchants and issuing bodies.
The basic requirement to comply with PCI SSC are :
1) Build a secure network.
2) Protect the private data of the card holder.
3) Maintain highly secure management programs.
4) Maintain strict access control measures.
5) Testing of network should be done regularly.
6) Maintain every Information Security Policy and guidelines.

1.5 HIPAA
HIPPA act 1996 is imposed on all
Get Access