Case Study APA Format No Plagiarism

Case Study:

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Conduct research on the Internet or select 1 of the 2 examples in your text in Chapter 4, page 117 on a credit card breach. Write a 3 to 4 page paper (Not including title and reference page) in which describe the details of the event. Tell us what could done to prevent the event from happening, list the laws that were broken and if the event violated any of the acts or laws that you read about in chapters 3 & 4. You paper should be in APA format and contain 3 to 4 different sources. Make sure you cite all sources.

Writing Requirements

  • 4 pages in length  (excluding cover page, abstract, and reference list)
  • At least 3-4 peer reviewed sources that are properly cited and referenced
  • APA format, Use the APA template located in the Student Resource Center to complete the assignment.
  • Please use the Case Study Guide as a reference point for writing your case study.

No PlagiarismAPA Format

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

www.jblearning.com

All rights reserved.

Legal Issues in

Information Security

Lesson 4

Security and Privacy of

Consumer Financial Information

Page 2Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Learning Objective

 Describe legal compliance laws addressing

how

financial institutions

protect the

security and privacy of consumer financial

information.

Page 3Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Key Concepts

 Financial institutions and the protection of

information they collect

 Financial regulatory laws and government

regulatory bodies

 The Gramm-Leach-Bliley Act and financial

institutions

 The Federal Trade Commission Red Flags

Rule

 Payment Card Industry Standards

Page 4Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Business Challenges Facing

Financial Institutions

 Bear cost of consumer identity theft

 Company names and logos used in

phishing scams

 Targets of hackers

 Must follow regulations designed to protect

security and privacy of data they collect and

use; rules place compliance burden on

financial institutions

Page 5Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Types of Financial Institutions

Savings and loan associations

Finance companies

Insurance companies

Investment companies

Page 6Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Consumer Financial Information

Name
Social

Security
number

Driver’s
license
number

Address/
telephone
number

Work history

Page 7Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Who Regulates Financial

Institutions?

Page 8Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Federal Financial Institutions

Examination Council (FFIEC)

 Establish principles and standards for

examination of federal financial institutions

 Develop uniform reporting system

 Conduct training for federal bank examiners

 Make recommendations regarding bank

supervision matters

 Encourage adoption of uniform principles and

standards by federal and state banks

Page 9Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

The Gramm-Leach Bliley Act

(GLBA)

 The Financial Modernization Act of 1999

 Protects personal financial information held

by financial institutions

Page 10Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Impacts of

GLBA

 Allows banks, securities, and insurance

companies to merge

 Financial activities include borrowing,

lending, providing credit counseling, debt

collection, and other activities

 Protects nonpublic personal information

(NPI)

Page 11Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Nonpublic Personal Information

(NPI)

 Social Security numbers

 Financial account numbers

 Credit card numbers

 Date of birth

 Name, address, and phone numbers when

collected with financial data

 Details of any transactions or the fact that an

individual is a customer of a financial institution

Page 12Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

GLBA―Principal Parts

GLBA

Privacy
Rule

Safeguards
Rule

Pretexting

Page 13Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

GLBA Privacy Rule

 Financial institutions may not share NPI with

nonaffiliated third parties unless institution gives

notice to consumer

 The notice must tell consumers about types of

data the institution collects and how it uses that

information

• Called a notice of privacy practices

 Consumers have chance to opt out of some data

sharing

Page 14Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

GLBA Safeguard Rule

 Each agency must establish standards

that:

• Protect the security and confidentiality of

customer information

• Protect against threats to the security or

integrity of customer information

• Protect against unauthorized access to or

use of customer information that could

result in harm to a customer

Page 15Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

GLBA Pretexting Rule

 Pretexting

• Trying to gain access to customer information without

proper authority; also known as social engineering

 Illegal to make false, fictitious, or fraudulent

statements to a financial institution or its

customers to get customer information

 Illegal to use forged, counterfeit, lost, or stolen

documents to do the same thing

 Designed to stop identity theft

Page 16Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

The Federal Trade Commission

Red Flags Rule

 Fair and Accurate Credit Transaction Act of

2003 (FACTA)

 Identify Theft Red Flags Rule

Page 17Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Red Flag Categories

Suspicious
Documents

Suspicious
Personal

Identifying
Information

Unusual
Account Activity

Notice of Identity
Theft

Credit Reporting
Agency Alerts

Page 18Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Payment Card Industry (PCI)

Data Security Standards (DSS)

 Safeguards and protects credit card data

 All merchants accepting credit cards must

follow PCI DSS standards

 Single approach makes it easier for

merchants to accept all cards

Page 19Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

PCI DSS Controls and Rules

 Build and maintain a secure network

 Protect cardholder data

 Maintain a vulnerability management

program

 Implement strong access control measures

 Regularly monitor and test networks

 Maintain an information security policy

Page 20Legal Issues in Information Security
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company

www.jblearning.com
All rights reserved.

Summary

 Financial institutions and the protection of
information they collect
 Financial regulatory laws and government
regulatory bodies

 Gramm-Leach-Bliley Act

 Federal Trade Commission Red Flag Rules

 Nonpublic personal information (PII)

Calculate your order
Pages (275 words)
Standard price: $0.00
Client Reviews
4.9
Sitejabber
4.6
Trustpilot
4.8
Our Guarantees
100% Confidentiality
Information about customers is confidential and never disclosed to third parties.
Original Writing
We complete all papers from scratch. You can get a plagiarism report.
Timely Delivery
No missed deadlines – 97% of assignments are completed in time.
Money Back
If you're confident that a writer didn't follow your order details, ask for a refund.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.
Power up Your Study Success with Experts We’ve Got Your Back.

Order your essay today and save 30% with the discount code ESSAYHELP