Who co-sponsored the act? Who is protected by the act? Who is restricted by the act? How are financial institutions defined? What does the
PART 1
write a thorough description of the Gramm-Leach-Bliley Act’s basic components. Be sure to include the following topics: 1-2 pagesWho co-sponsored the act? Who is protected by the act? Who is restlicted by the act? How are financial institutions defined?What does the act allow? How would you define the major part of the privacy requirement: The Financial Privacy Rule, the Safeguards Rule, and the pretexting provisions? What do each of these spell out in the act? ( THREE PARAGRAPH)
write a thorough description of HIPAA. Be sure to include the following topics in your discussion:••••1-2 pages
Which U.S. government agency acts as the legal enforcement entity for HIPAA compliance violations? Who is protected by HIPAA? Who must comply with HIPAA? What is the relevance of health care plans, providers, and clearinghouses? How would you define the major parts of the Privacy Rule and the Security Rule? (THREE PARAGRAPH)
Part 2: Analyzing and Comparing GLBA and HIPAA 3-4 pages
describe what the GLBA and HIPAA privacy rules have in common. Then, discuss how the two are different. (THREE PARAGRAPHS)
describe what the GLBA and HIPAA security rules have in common. Then, discuss how the two are different. (THREE PARAGRAPHS)
discuss how GLBA and HIPAA requirements align with information systems sercurity. (Q & A)
list two privacy data elements for GLBA and list two privacy data elements for HIPAA that are under compliance. (Q & A)
list two security controls or security countermeasures for GLBA and list two security controls or security countermeasures for HIPAA that support compliance. (Q & A)
Part 3 ALL Q & A 3-5 pages
- Which U.S. government agency acts as the legal enforcement entity for businesses andorganizations involved in commerce?
- Which U.S. government agency acts as the legal enforcement entity regarding HIPAAcompliance and HIPAA violations?
- List three (3) similarities between GLBA and HIPAA.
- List five (5) examples of privacy data elements for GLBA as defined in the Financial PrivacyRule.
- List five (5) examples of privacy data elements for HIPAA as defined in the Privacy Rule.
- List three (3) differences between GLBA and HIPAA.
- How does GLBA’s and HIPAA’s privacy rule translate into information systems security controls and countermeasures?
- What three areas does the GLBA Safeguards Rule encompass?
- What is ePHI?
- What three areas does the HIPAA Security Rule encompass for PHI?
- Are organizations under GLBA and HIPAA required to mail and inform their customers in writing about their privacy tights?
- When you go to your doctor’s office, one of the forms the office asks you to fill in and sign is a HIPAA Release Form authorizing your doctor to share your medical records and privacy data with third parties, including health insurance companies. Is this an example of the HIPAA Privacy Rule or the HIPAA Security Rule?
13. Why is a Business Associate Agreement/Contract required between a HIPAA-covered entity and a downstream medical or service provider to that covered entity?
14. Like HIPAA, GLBA has both privacy and security rules. What are the official names of these rules in GLBA law?
15. True or false: GLBA encompasses insurance companies and stock brokerage firms.