Financial
Healthcare
Personal Privacy and the Federal Government
Homeland Security
North American Electric Reliability Corporation (NERC)
Cybersecurity
Compliance and Enforcement
Conclusion
References
Financial
Healthcare
Personal Privacy and the Government
Homeland Security
Consumer Financial Privacy - Federal Trade Commission (FTC)
Privacy of Consumer Financial Information Rule (16 C.F.R. Part 313)
Consumer Financial Privacy - Federal Trade Commission (FTC)
Privacy of Consumer Financial Information Rule (16 C.F.R. Part 313)
Protect Investors from fraudulent accounting activities by corporations
Corporate Responsibility Act of 2002
Section 302: senior management to certify the accuracy of the reported financial statement of the corporation
Section 404: management and auditors must have internal controls in place and report on the adequacy of the controls.
Protection of personal information within healthcare and health insurance industries
Protect personal information for theft and fraud
Patient authorization over their data
45 CFR Part 160 – Subparts A and E of Part 164
Regulates the collection, maintenance, use , and sharing of personal information by federal agencies
Department of Justice Office of Privacy and Civil Liberties (OPCL)
5, U.S. Code. Section 552a Records maintained on individuals
Federal data security standards and guidelines
All federal agencies information security protocols to protect federal data
S.2521 is the 2014 updated act
Federal data security standards and guidelines
All federal agencies information security protocols to protect federal data
S.2521 is the 2014 updated act
Federal Energy regulatory Commission
Reduce risk to the North American Power grid – Nonprofit -U.S., Canada, Northern Baja Mexico
The Patriot Act allows investigators to use the tools that were already available to investigate organized crime and drug trafficking
The Patriot Act facilitated information sharing and cooperation among government agencies so that they can better "connect the dots.
The Patriot Act updated the law to reflect new technologies and new threats.
The Patriot Act increased the penalties for those who commit terrorist crimes
Established June 1, 1968 (National Electric Reliability Council). The Non-profit (North American Electric Reliability Corporation) was created in March 28, 2006
Created to ensure the reliability if the North American bulk power systems
Assure the effective and efficient reduction of risks to the reliability and security of the bulk power systems
Established June 1, 1968 (National Electric Reliability Council). The Non-profit (North American Electric Reliability Corporation) was created in March 28, 2006
Created to ensure the reliability if the North American bulk power systems
Assure the effective and efficient reduction of risks to the reliability and security of the bulk power systems
Standard provides a cybersecurity framework for the identification and protection of critical cyber assets that control or affect the reliability of North American bulk power systems.
1600 bulk power system users, owners, and operators. The regulations apply to all electric utilities and other entities (co-ops, etc.) that own or operate generation, transmission, or other facilities (substations) in the bulk electric system.
Cybersecurity threats to the electric grid have become a reality—particularly in the past decade
Proactively addressing these threats is critical to ensuring the security and reliability of the electric grid. NERC, FERC and DOE have been active in this area and are coordinating their efforts to ensure that cybersecurity threats to the North American grid are minimized and, ultimately, prevented entirely
High Impact BES Cyber Systems
Medium Impact BES Cyber Systems
Electronic Access Control or Monitoring Systems (EACMS)
Physical Access Control Systems (PACS)
Protected Cyber Assets (PCA)
These reliability standards apply to electric utilities and other entities that own or operate generation, transmission, or other facilities in the bulk electric system
Entities found to be in violation of reliability standards are subject to financial penalties and other enforcement actions. NERC has offices in Atlanta, Georgia and Washington, D.C.
Financial:
The Gramm-Leach-Bliley-Act
Sarbanes-Oxley Act of 2002
Financial:
The Gramm-Leach-Bliley-Act
Sarbanes-Oxley Act of 2002
Healthcare:
Financial:
The Gramm-Leach-Bliley-Act
Sarbanes-Oxley Act of 2002
Healthcare:
Personal Privacy and the Government:
Financial:
The Gramm-Leach-Bliley-Act
Sarbanes-Oxley Act of 2002
Healthcare:
Personal Privacy and the Government:
Homeland Security:
Federal Information Security Moderization Act (FISMA)
North American Electric Reliability Corporation (NERC)
Homeland Security Presidential Directives (HSPDs)
U.S. Patriot Act
Federal Trade Commission (n.d.). How to comply with the privacy of consumer financial information rule of the Gramm-Leach-Bliley Act. Retrieved from: https://www.ftc.gov/tips-advice/business-center/guidance/how-comply-privacy-consumer-financial-information-rule-gramm
Health and Human Services. (n.d.). The HIPAA privacy rule. Retrieved from: https://www.hhs.gov/hipaa/for-professionals/privacy/index.html
Investopedia. (May 31, 2018). Sarbanes-Oxley Act Of 2002 – SOX. Retrieved from: https://www.investopedia.com/terms/s/sarbanesoxleyact.asp
I.S. Partners. (n.d.). NERC CIP Compliance. Retrieved from: https://www.ispartnersllc.com/internal-audit-compliance/nerc-cip/
North American Electric Reliability Corporation. (2017). CIP Standards. Retrieved from: https://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx
U.S. Department of Justice. (n.d.). Overview of the Privacy Act of 1974 (2015 Edition). Retrieved from: https://www.justice.gov/opcl/overview-privacy-act-1974-2015-edition
U.S. Department of Justice. (n.d.). The USA Patriot Act: Preserving life and liberty. Retrieved from: https://www.justice.gov/archive/ll/highlights.htm
U.S. Department of Homeland Security. (n.d.). Federal Information Security Modernization Act. Retrieved from: https://www.dhs.gov/fisma
Western Interstate Energy Board. (n.d.). North American Electric Reliability Corporation (NERC). Retrieved from: https://westernenergyboard.org/reliability/north-american-electric-reliability-corporation-nerc/
Wikipedia (n.d.). Presidential directive. Retrieved from: https://en.wikipedia.org/wiki/Presidential_directive
Wikipedia (n.d.). North American Electric Reliability Corporation. Retrieved from: https://en.wikipedia.org/wiki/North_American_Electric_Reliability_Corporation
Financial
Healthcare
Personal Privacy and the Federal Government
Homeland Security
North American Electric Reliability Corporation (NERC)
Cybersecurity
Compliance and Enforcement
Conclusion
References
Keyboard shortcuts
↑, ←, Pg Up, k | Go to previous slide |
↓, →, Pg Dn, Space, j | Go to next slide |
Home | Go to first slide |
End | Go to last slide |
Number + Return | Go to specific slide |
b / m / f | Toggle blackout / mirrored / fullscreen mode |
c | Clone slideshow |
p | Toggle presenter mode |
t | Restart the presentation timer |
?, h | Toggle this help |
Esc | Back to slideshow |