Week # 2 Lab 2 Legal Issues in Information Security
Week 2 Lab #2
Assessment Questions
1. Privacy is where a person has control their own personal data
Privacy is the individual’s right to control, the person has the opportunity to assess a situation and determine how’s it’s used. Just because information is secure it doesn’t mean it is secure.
2. In 2002 he received permission to obtain a laptop and hard drive not to acquire the data.
3. Possible consequences might be that personal information being used against the people in the VA system.
4. Yes, the disability ratings are personal healthcare information that would be a HIPPA violation.
5. Termination or demotion or revoked privileges or cut in pay or equipment reimbursement
6. Yes, as no employee would be a suspect until strong evidence is found to incriminate said employee.
7. They were demoted as they put off informing their superiors of the incident.
8. An individual’s private home was burglarized.
9. If the data was encrypted per VA policy the data loss would still be an issue due to how the information was lost.
10. Denial of personal company equipment leaving company premises and or use of VPN connection if work has to be done from home to complete an assignment before a set deadline.
11. The use of a Secure VPN connection or secure encryption would greatly help mitigate this situation.
12. The laptop and hard drive, the analyst, as well as the supervisors
13. Written documentation on the analyst taking equipment and information home would have helped immensely in mitigating this occurrence.
14. True
15. The GAO which stands for Government Accountability Office.
Assessment Questions
1. Privacy is where a person has control their own personal data
Privacy is the individual’s right to control, the person has the opportunity to assess a situation and determine how’s it’s used. Just because information is secure it doesn’t mean it is secure.
2. In 2002 he received permission to obtain a laptop and hard drive not to acquire the data.
3. Possible consequences might be that personal information being used against the people in the VA system.
4. Yes, the disability ratings are personal healthcare information that would be a HIPPA violation.
5. Termination or demotion or revoked privileges or cut in pay or equipment reimbursement
6. Yes, as no employee would be a suspect until strong evidence is found to incriminate said employee.
7. They were demoted as they put off informing their superiors of the incident.
8. An individual’s private home was burglarized.
9. If the data was encrypted per VA policy the data loss would still be an issue due to how the information was lost.
10. Denial of personal company equipment leaving company premises and or use of VPN connection if work has to be done from home to complete an assignment before a set deadline.
11. The use of a Secure VPN connection or secure encryption would greatly help mitigate this situation.
12. The laptop and hard drive, the analyst, as well as the supervisors
13. Written documentation on the analyst taking equipment and information home would have helped immensely in mitigating this occurrence.
14. True
15. The GAO which stands for Government Accountability Office.