Information Security Federal Regulations


Technology has been so carelessly implemented in many places that the government has decided to step in. The primary concern is to ensure that best practices are utilized to prevent careless loss of sensitive data. The class "Federal Regulations and Guidelines" leads discussion of current technologies and how it can result in compromised data, and what the federal organizations have done to protect it's citizens.

A few of the documents that were analyzed include the Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA), and Sarbanes-Oxley (SOX). The full texts of these acts were reviewed, discussed, and our interpretations were presented in class.

Presentations for the three federal regulations previously mentioned, and the final paper that was written for the class is provided in the link above.

Lessons Learned

Federal standards affect all American commerce in more ways than just implying best practices, but for some reason the groups developing the best practices are not technologists - they are politicians. The result is that many of the action items they list as "things to do to prevent xyz" turn out to be much less direct and less applicable in most settings. Therefore, as a technology enthusiast and IT professional, my interpretation of the suggestions outlined in the documents become the driving force of compliance.