Major Privacy Issues Paper

1037 Words5 Pages

The major privacy issues facing organizations today are the privacy of employee data, customer data, and corporate data. Employee data consists of things like health information, bank account details for direct deposits, and other PII designated data like a social security number or driver’s license number. Customer data elements can be different based on the type of company but some examples are financial data, health information, call detail records, and PII. Corporate data consists of company organizational structures, finances, human resources, legal matters, trade secrets and other intellectual property. A breach of any one of these types of information could be detrimental to any company. The major privacy issues that are facing …show more content…

It is a private industry organization that is made up of representatives from all the major credit card companies. Any business that accepts credit cards must comply with the PCI DSS standards. Enforcement of the PCI DSS standards are handled by the individual credit card companies as opposed to the PCI Council itself. The credit card companies use the threat of financial penalties to maintain compliance with their companies. A loss of credit card data can be very costly so it is imperative to maintain compliance and do everything possible to prevent a …show more content…

Customers may lose faith in the business to maintain their privacy and decide to shop elsewhere. To mitigate these risks some security measures will need to be implemented which are listed here.
1. To prevent data loss due to stolen hard drives, all storage devices should be encrypted and require an authorized login to view the data.
2. The company must train its front-line employees about privacy concerns and security safeguards and must create security policies and procedures and keep them updated by having regular reviews and audits to maintain compliancy. On-going employee training must take place as revisions are made.
3. All websites should use the most current technical recommendations for security such as SSL and TLS 1.2. The web applications must also go through security scans and code analyzers to make sure they are safe from cross site scripting attacks and other similar vulnerabilities.
4. All IT systems should employ a “least privilege” methodology for optimal security.
5. Firewalls should be maintained to the most restrictive configuration possible.
6. All sensitive data should be stored in a secure data center environment with biometric controls, cameras at the entrances, man traps, and staff that must authorize all