Reference no: EM133257848

In this project, you will demonstrate your mastery of the following competency:

• Make ethically informed decisions based on awareness of legal and organizational parameters
• Describe best practices for data management

Scenario

You are a data management professional working for Riddle Security, a third-party vendor that collects and stores data for companies in the United States and Canada. You have been informed that, several months ago, Riddle had a data breach incident that affected stored confidential data from their clients. You will examine the details of the incident in the scenario provided, identify which categories of information were compromised, and determine the possible ramifications for the company.

You've been tasked with addressing the identified issues in a presentation to Riddle Security's leadership. Your presentation will include a synopsis of the situation, as well as considerations of data privacy and the roles of data professionals. Leadership will use this presentation as part of their decision-making process to update company policies.

Directions

Begin by reviewing the scenario in the Supporting Materials section. Use the PowerPoint template located in the Supporting Materials section to create your presentation. You will use the speaker notes for each slide to elaborate on your slide content. Consider each bullet point when creating your speaker notes. In your presentation, you must address the following critical elements:

• Compare global policies and regulations regarding data privacy.
  • Consider data privacy regulations in the United States versus other countries.
  • Consider whether Riddle Security would need to change its data-gathering practices if the company were to expand internationally (such as within the European Union).
• Explain factors that impact an organization's policies on data privacy.
  • Explain the effect that data privacy policies can have on a company, including how the issues exposed in Riddle Security's audit may impact the company's reputation.
  • Discuss the ethical considerations that affect privacy policies.
• Describe the purpose of a compliance audit and its influence on policy decisions in the future.
  • Explain the purpose of compliance audits in organizations.
  • Discuss how compliance with audit requirements could have prevented the issues experienced by Riddle Security.
  • Identify potential consequences for continued non-compliance with audit requirements.
• Discuss how data privacy laws affect how organizations operate.
  • Indicate how data privacy laws influence decision making in regard to data policy.
  • Give an example of how the passing of a more restrictive data privacy law would affect how Riddle Security operates.
• Describe the roles and responsibilities of data management professionals who contribute to data security and policy.
  • Give examples of roles that might influence, or be influenced by, data security policies.
  • Describe how customer facing and technical data roles differ in their approaches to data security policies.
• Discuss how data management professionals apply ethical decision making in their roles.
  • Give an example of where a data policy might have an ethical gap.
  • Explain where you might go for guidance if an industry does not have written ethical guidelines, or their new products have had unforeseen ethical consequences.
    Describe how you would handle a lack of ethical guidelines and how this might relate to the Riddle Security breach.
• Discuss how technology in data management, security, and privacy has changed over time.
  • Give examples of how changes in technology in the last ten years have impacted data regulations.
  • Discuss how changing technologies could have affected Riddle Security's breach either in a positive or negative way.