Privacy Perspective
Overview
In 2017, internet traffic was generated at a rate of 3,138,420 GB per minute (Domo, n.d.). As the
technologies and techniques that are used to collect, catalog, and analyze the growing amounts of
data become more powerful and widespread, the data we generate will play a progressively more
important role economically, socially, and personally. With the expansion in the quantity and the
possible uses of personal data, the risk to privacy has likewise risen drastically. The difficulty of
categorizing information as public versus private (given specific contexts) and the elevated costs
associated with the preservation of privacy only make the issue more complex.
For this project, you will take a stakeholder role in a business on the forefront of a privacy issue.
You will need to articulate a point of view that reflects your professional stance on privacy, the laws
relevant to the issue, and the business implications of your recommendation.
The project incorporates one milestone, which will be submitted in Module Three. The project will
be submitted in Module Five.
In this assignment, you will demonstrate your mastery of the following course competency:
Articulate an informed position on contemporary issues of privacy and its relation to organizational
mission
Scenario
In a previous module, your instructor provided you with the scenario that you used for the Project
One Milestone. You will continue your analysis of this scenario for this project. You will situate
yourself as an executive-level security consultant with the primary responsibility of advising senior
management in cybersecurity matters. As a member of the internal stakeholder board for the
proposal presented in the scenario, you will be able to offer essential input. Based on the
information and resources from the scenario and your work from the milestone, prepare a
memorandum to the internal stakeholder board specifying your position on the acceptability of the
proposal in the scenario.
Prompt
You must address the critical elements listed below. The codes shown in brackets indicate the
course competency to which each critical element is aligned.
In a memo to the internal stakeholder board, defend your position on the proposed partnership. Your
memo should address the balancing of privacy from the security practitioner's perspective alongside
the corporate mission and business goals.
In your memo, be sure to address the following questions:
Are the privacy laws sufficient to ensure that the sharing and use of data will meet the fair
information practice principles of the organization?
What are the minimum privacy safeguards you would recommend be in place for the individuals'
control over their data?
In your opinion, is the proposal a good decision for the organization? Weigh the privacy
considerations from a security practitioner's perspective as well as the corporate mission and
business goals in justifying your position. What to Submit
Your submission should be 1 to 3 pages in length and should use double spacing, 12-point Times
New Roman font, and one-inch margins. Sources should be cited according to APA style. Use a file
name that includes the course code, the assignment title, and your name—for example,
CYB_100_Project_One_Neo_Anderson.docx.
Scenario
Fit-vantage Technologies is a quickly growing competitor in the personal fitness-tracking industry.
As the company gets closer to launching its newest device, the Flame watch, the Fit-vantage
executives have been approached by Helios Health Insurance Inc. to form a partnership. This
partnership proposes a program allowing Helios subscribers to purchase a Fit-vantage Flame at a
discount in exchange for access to the anonymous data collected from participating customers.
An internal stakeholder board has been formed to determine whether the partnership is in the best
interest of Fit-vantage. Discussions at the stakeholder meetings have raised the following questions
for consideration:
What are the concerns around the privacy of customer data, including the data of Helios
subscribers and Flame owners who are not part of the Helios program?
As health insurance companies are considered covered entities under HIPAA, what new legal
compliance requirements does this partnership require?
How profitable will this partnership be? What is the likely effect on the company's value to
stockholders?
What effects will this partnership have on the current customer base?
How would this partnership align with Fit-vantage's mission and core values?
In this scenario, you will assume the role of an executive-level security consultant with the primary
responsibility of advising senior management in cybersecurity matters. Since you are a member of
the
internal stakeholder board for the proposed partnership, your input is essential. A customer survey
and
financial outlook have been prepared to help inform your recommendations.
To complete this project, review the following documents, which have been provided by your
instructor:
Fit-vantage company profile, which contains the mission statement, core values, and a draft of
the Fit-vantage privacy statement Financial outlook based on the Helios partnership Summary of
the HIPAA Privacy Rule
