Regardless of industry, organizations are responsible to protect and secure their customers’ information. Information management is the process of protecting an organization’s data in terms of:
Classification and handling.
Document and records management.
Sensitive physical information.
To reduce the risk of customer information being jeopardized, organizations often establish a separation of duties to ensure employees only have access to information they need to do their jobs.
Organizations need to abide by several U.S. privacy laws and regulations to be in compliance and to protect consumers (see page 195 of your textbook).
Specifically you will write a 2–3-page paper in which you:
Research an organization that has violated U.S. privacy laws and regulations.
Diagnose how the system failed.
Examine how the organization rebounded from the violation.
Recommend measures to prevent the violation from occurring or to reduce the risk.
Determine key lessons learned.