Review the Week 2 readings and the assigned Case Study for background information before responding to this discussion question.
The company’s IT Governance Board has been tasked with developing a set of policies to address IT security requirements arising from
(a) PCI-DSS (credit card and transaction information)
(b) the HIPAA Security Rule (health related information)
(c) the “Red Flags” Rule (consumer credit information: identity theft prevention).
Choose one of the three sources of regulatory requirements listed above. Write a three paragraph briefing statement which summarizes the regulatory requirements as they apply to the company’s collection, processing, management, and storage of personal information about its clients. Your briefing statement should identify the specific types of personal information which are covered by the “rule” or “standard.”
Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting.