Outcomes addressed in this activity:
Identify recent legislation related to privacy.
Analyze recent legislation related to privacy.
Identify ethical issues related to privacy legislation.
Discuss recent legislation related to ethical computing.
The purpose of this Assignment is to analyze a recent legislation related to privacy and to evaluate the impact of that legislation on an organization.
Assume you are an IT security specialist for a large U.S. online retail organization that does business internationally. Your CIO has asked you to thoroughly review the new General Data Protection Regulation (GDPR) recently implemented in the European Union. He wants to understand exactly what the organization must do to comply with this regulation when doing business with EU customers.
Provide a detailed discussion about the rules for businesses and the rights of the EU citizens.
Include a discussion of the following:
What does the GDPR govern?
What rights do the EU citizens have with regard to their data?
What is considered personal data under this regulation?
What is considered data processing under this regulation?
Describe the role of the data protection authorities (DPAs).
Discuss, in detail, how the GDPR will change business and security operations for your organization. Provide the CIO with a recommended checklist for GDPR compliance and discuss processes and policies that may need to be changed in order to comply with GDPR.
In your conclusion, address what you think will be the financial impact to the organization, both in terms of compliance and any lack of compliance.
The paper should be 3–4 pages.
Use Times New Roman 12 pt font.
Use APA formatting for paper, citations, and references.
Be sure to cite your sources and provide the appropriate references.
Be sure to include both in-text citations and references for all sources. Your sources and content should follow proper APA citation style.