Privacy Act Of 2006: Summary And Analysis

998 Words4 Pages

Should organizations whose information systems are “hacked” be liable for damages for the compromise of personal information stored on those systems. A business should absolutely be liable for any damages that are caused by a breach of their system. In today’s economic environment business are looking for ways to expand their market. One of the ways businesses have achieved this is by offering online services to their customers. Computers being hacked is not a new crime. This is a risk these businesses took when developing online services. Ensuring they had the right security and encryption of information should have been their number one concern no matter the cost.
And here we are in 2017 and this is still a very real issue. As recently …show more content…

There are several laws that protect a customer’s right to privacy. The U.S. General Services Administration (Privacy Laws, Regulations and more, 2017) provides links to many of the federal privacy acts so that consumers can be educated. One of the first is the Privacy Act of 1974 which “attempts to regulate the collection, maintenance, use and dissemination of personal information”. The Computer Fraud and Abuse Act of 1986 which “provides additional penalties for fraud and related activities in connection with access devices and computers.” (Privacy Laws, Regulations and more, 2017) They also have a link to the Office of Management and Budget which provides guidance on the implementation of the Privacy Act on information security.
Other federal laws and regulations “the security safeguards to ensure confidential, integrity and available of personal information” (Stevens, 2012) are Health Insurance Portability and Accountability Act(HIPAA) and Gramm-Leach-Bliley Act. HIPAA address the use and disclosure of an individual’s health information. While Gramm-Leach-Bliley Act protects the security and confidentiality of customer information of financial …show more content…

Is there an ethical requirements that should be met. The Federal Trade Commission (Data Breach Response: A Guide for Business, 2016) suggests offering a year of credit monitoring services and to notify customers as soon as the breach has been recognized but is that enough. It is a good start towards the violation of trust the business has breached. Companies should always be transparent. Do delay notification to reduce the negative impact to the business. Ensure to help and provide all information need to any customer whose ID was stolen and fraudulent charges have been made against them. Also, other business who have let the false charges go through need to be more helpful in fixing the mistake when they realize that it was from a data breach. After already being violated, trying to fix a damage credit is like paying twice for being a good customer to a