Download presentation
Presentation is loading. Please wait.
1
IS3350 Security Issues in Legal Context
Unit 5 Security and Privacy Involving Corporations and Educational Institutions
2
Learning Objective Identify the basic components of the American legal system Describe legal compliance laws addressing public and private institutions
3
Key Concepts Protecting children on the Internet
Family Education Rights and Privacy Act (FERPA) Regulation of privacy and security in corporations Sarbanes-Oxley (SOX) Compliance and security controls
4
EXPLORE: CONCEPTS
5
Critical Aspects of FERPA
Right to inspect and review student education records Right to request that a school correct inaccurate or misleading records Schools required to secure written permission from parent or eligible student to release information from student education record
6
School Disclosure Exceptions in FERPA
School officials with legitimate educational interest Other schools to which a student is transferring Specified officials for audit or evaluation purposes Appropriate parties in connection with financial aid to a student
7
School Disclosure Exceptions in FERPA (cont.)
Organizations conducting certain studies for or on behalf of the school Accrediting organizations Response to judicial order or lawfully issued subpoena Appropriate officials in cases of health and safety emergencies State and local authorities within a juvenile justice system, pursuant to specific State law
8
School Disclosure Exceptions in FERPA (cont.)
Directory information Student and parents must be informed and raise no objectives Name, address, and telephone number Date and place of birth Honors and awards Dates of attendance
9
Critical Aspects of Sarbanes-Oxley (SOX)
Protect investors by requiring accuracy and reliability in corporate disclosures Created new standards for corporate accountability Created new penalties for acts of wrongdoing, both civil and criminal Changes how corporate boards and executives must exchange information and work with corporate auditors
10
Critical Aspects of Sarbanes-Oxley (SOX) continued
Specifies new financial reporting requirements Requires all financial reports to include an internal control report Auditing firms are also required to attest to the accuracy of the assessment
11
Critical Sections of Sarbanes-Oxley Act
Services outside scope of auditor practice Sec. 302 Corporate responsibility for financial reports Sec. 404 Assessment of internal controls Sec. 409 Real time issuer disclosures Sec. 802 Criminal penalties for altering documents Sec. 806 Protection of employees exposing fraud Sec. 807 Criminal penalties for defrauding shareholders
12
Privacy – Principle Concepts
Privacy of employee data Privacy of customer data Privacy of corporate data
13
Privacy in Workplace Law generally allows organizations to monitor employee conduct Protection of proprietary information Maintain privacy of customer information
14
COPPA and CIPA Children are Internet-ready and receptive
Lack the judgment and knowledge of dangers Lack knowledge to evaluate the merits of information U.S Congress Protective Actions Children's Online Privacy Protection Act (COPPA) of 1998 Children's Internet Protection Act (CIPA) of 2000
15
EXPLORE: PROCESS
16
Children's Online Privacy Protection Act (COPPA)
Notice of information practices on home page Notice at each area where personal information from children is collected Notice must be clearly written and understandable Notice may not include any unrelated or confusing materials Notification of parent is required Verifiable parental consent is required
17
EXPLORE: CONTEXT
18
Where do COPPA and CIPA Apply?
Commercial Web sites Online services Educational institutions Libraries
19
CIPA Requirements Schools and libraries must
Use technology protection measures Protect against access to harmful visual depictions Adopt and enforce a policy to monitor the online activities of minors Minors are those 17 years of age or less
20
Summary Protecting children on the Internet
Family Education Rights and Privacy Act (FERPA) Regulation of privacy and security in corporations Sarbanes-Oxley (SOX) Compliance and security controls
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.