The assignment here is an example of a privacy policy for a fictional health care provider. Privacy policies ensure compliance with laws and ensure employees are aware of what information is, and is not, protected. Additionally, privacy polices describe what expectations of privacy employees have while working and what customers can expect from an organization. Without defined privacy policies, an organization faces potential legal ramifications in the form of fines or regulatory penalties. Finally, without a policy describing privacy expectations an organization may find they cannot protect customers or employees or prosecute serious crimes committed by employees who have violated privacy principles.
References
References
- Stults, G. (2004, May 09). Sarbanes-Oxley - SANS Information Security Training. Retrieved March 24, 2018, from https://www.sans.org/reading-room/whitepapers/legal/overview-sarbanes-oxley-information-security-professional-1426
- Privacy/HIPAA. (n.d.). Retrieved March 21, 2018, from https://www.calhospital.org/privacyhipaa
- Official PCI Security Standards Council Site - Verify PCI Compliance, Download Data Security and Credit Card Security Standards. (n.d.). Retrieved March 24, 2018, from https://www.pcisecuritystandards.org
- Health and Medical Privacy Laws (California Medical Privacy Series). (n.d.). Retrieved March 24, 2018, from https://www.privacyrights.org/consumer-guides/health-and-medical-privacy-laws-california-medical-privacy-series