About This Chapter
Cybersecurity Policy, Governance & Management - Chapter Summary
This chapter offers a comprehensive overview of cybersecurity policy, governance and management you can use to better understand privacy protection, the HIPAA Privacy Rule and the HISTECH Act of 2009. Additional topics covered in this chapter include the ISO/IEC 27000 series, NIST Special Publication 800 series and the Sarbanes-Oxley Act. Find out how well you understand these and other concepts covered in this chapter by taking mini quizzes and a broader exam. If you need to clarify any details presented in the lessons, be sure to submit questions to our experts. After you've completed this chapter, you will be ready to:
- List the roles and responsibilities of the cybersecurity policy development team
- Explain the role of HIPAA and PHI when using technology
- Exhibit knowledge of HIPAA security safeguards
- Detail the purpose of the Government Information Security Reform Act of 2000
- Share facts about Payment Card Industry Data Security Standard (PCI DSS) requirements
- Discuss how to maintain the confidentiality of student records
- Explain privacy and confidentiality concerns under FERPA
1. What Is Privacy Protection? - Laws & Rights
Financial privacy protection is a form of consumer protection. It's designed to protect consumer information held by financial institutions. This lesson discusses financial privacy protection and the Gramm-Leach-Bliley Act.
2. Cybersecurity Policy Development Team: Roles & Responsibilities
A cybersecurity policy development team features writers, lawyers and audit personnel who can ensure that the policy document is complete. In this lesson, you'll learn more about the roles and responsibilities of these team members.
3. HIPAA Privacy Rule: Definition & Procedures
This lesson will discuss elements of the HIPAA privacy rule, including how it came about, who is covered, and what information is protected. This lesson will also discuss some of the principles for uses and disclosure that are contained in the privacy rule.
4. The Role of HIPAA & PHI When Using Technology
You will have heard about HIPAA, if you are employed by a healthcare facility, a health insurance company or any company that may see medical records because of the services they provide. Your daily work is affected by HIPAA rules of privacy and security. Let's learn about HIPAA.
5. HIPAA Security Safeguards: Administrative, Physical & Technical
HIPAA's Security Rule sets forth specific safeguards that medical providers must adhere to. In this lesson, you'll learn more about the administrative, physical and technical safeguards designed to protect patient data.
6. The Sarbanes-Oxley Act: Definition and Explanation
Government regulations play a major role in corporate financial reporting. In this lesson, you will learn about one of the most important regulations enacted in the last two decades - the Sarbanes-Oxley Act.
7. HISTECH Act of 2009: Definition & Purpose
The HITECH Act backs up many of HIPAA's provisions and adds additional requirements for data breaches and business associates, among other topics. In this lesson, you'll get an overview of the HITECH Act.
8. Government Information Security Reform Act of 2000: Definition & Purpose
GISRA laid the groundwork for the start of cybersecurity initiatives for government agencies. In this lesson, you'll learn more about it, its predecessor and why what came after was stronger because of it.
9. Payment Card Industry Data Security Standard (PCI DSS) Requirements
Did you know there are 12 main requirements of the Payment Card Industry Data Security Standard? In this lesson, you'll get a brief overview of all 12 and what they entail for the payment card industry.
10. Maintaining the Confidentiality of Student Records
How do you preserve student records in a way that protects their confidentiality? This article discusses the laws regulating private student information and best practices for compliance.
11. Confidentiality & Privacy Concerns Under FERPA
FERPA regulations are meant to keep student records private and confidential. This lesson discusses FERPA policies, and the procedures and practices institutions must follow if they're subject to FERPA.
12. ISO/IEC 27000 Series: Definition & Purpose
Have you met the ISO/IEC 27000 series family? In this lesson, you'll discover what this series of standards is, its background, and its framework for information security that can be tied to any organization.
13. NIST Special Publication 800 Series: Definition & Purpose
What if cybersecurity came with an instruction manual? Thanks to NIST, it does! This series of special publications is used as the framework for many security policies and programs. Learn more about that in this lesson.
Earning College Credit
Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.
To learn more, visit our Earning Credit Page
Transferring credit to the school of your choice
Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.
Other chapters within the Computer Science 332: Cybersecurity Policies and Management course
- Intro to Cybersecurity
- The Cybersecurity Threat Landscape
- Information Security Policy
- Information Security Strategy Development
- Cybersecurity Risk Management
- Data Access Control
- Partner & Vendor Security Management
- Security Awareness Training
- Information Security Compliance
- Information Security Performance Metrics
- Required Assignments for Computer Science 332