2 hours 19 minutes
welcome back to student data privacy fundamentals. In this lesson, we will learn about other federal regulations and student online data.
We will discuss basic information about the many federal regulations related to data governance with the FTC and FCC regulate related to data governance and what additional laws besides federal regulations must be considered in a data governance policy.
So far in this module, we have discussed FERPA, the Family Educational Rights and Privacy Act and Copa the Children's Online Privacy Protection Act. But there are several other federal regulations that educational entities must adhere to.
Pippa Ra, the Protection of People's Rights Amendment
I D A. The Individuals With Disabilities Education Act,
Sipa, the Children's Internet Protection Act and even NASA, the National School Lunch Act.
School districts also have to follow federal regulations that aren't directly related to education.
These federal regulations apply to most every organization and business. No matter that industry
HIPPA or the Health Insurance Portability and Accountability Act protects health and medical information.
E. C. P. A. The Electronic Communications Privacy Act allows government officials to subpoena any digital communication from an individual or if the email social media post is 180 days old or older. No subpoenas required.
C F A is the Computer Fraud and Abuse Act, which makes it a crime to Access and ER share protected online data.
The FTC stands for the Federal Trade Commission, which currently upholds over 70 federal consumer protection laws that prevent fraud, deception and unfair business practices,
and the FCC or Federal Communications Commission, which has various federal laws regulating communications by radio, television, wire, satellite etcetera and maintains jurisdiction over broadband access, fair competition, media responsibility, public safety and even homely and security
quiz time. Which of the following federal regulations allows government officials to access online communications?
The Health Insurance Portability and Accountability Act
E C P A or Electronic Communications Privacy Act.
See Sipa, the Children's Internet Internet Protection Act
or D C. F. A A. The Computer Fraud and Abuse Act,
E c. P. A. The Electronic Communications Privacy Act allows government officials to subpoena digital communications in the form of email, social media posts, etcetera and no subpoena is required. If the communication is 180 days old or older,
let's try another quiz question. Which of the following protects personal information in health records.
E C P a
or C F A A.
The correct answer is HIPPA, the Health Insurance Portability and Accountability Act.
In addition to federal laws,
there are other state and local laws that may apply to your organization as well.
That can seem overwhelming and requires a lot of work on your part for protecting your users online might just be some of the most important work you will ever dio.
If your organization was to use third party online services, it is important to create a data governance policy even if it's not required by your local or state governments.
The data governance policy sets expectations for necessary security controls as well. A specifically
outlining data collection use re disclosure and retention procedures when drafting a policy. Remember all applicable laws, especially for bone Copa. If you are an educational organization,
creating a data governance policy may be difficult and time consuming,
but a little pain now can save your organization a lot of pain. Later
in today's video, we discussed many of the federal regulations related to data governance, including ferpa, Copa
I D E. A. Sipa, NASA HIPPA
E. C. P a
and C f A.
We discussed that the Federal Trade Commission protects consumers by regulating business, including online commerce,
that the Federal Communications Commission regulates various media as well as broadband access and other online access.
In addition to federal laws, you must also adhere to specific state and local laws, depending on where your organization is located.
This lesson concludes Module one.
In our next module, we will begin working on our data governance policy.
See you soon.
Information Systems Security Engineering Professional (ISSEP)
This ISSEP course provides students with the foundational knowledge of the concentration area of the ...
6 CEU/CPE Hours Available
Certificate of Completion Offered
MS-500: Microsoft 365 Security Administration
The Microsoft 365 Security Administration (MS-500) training course is designed to prepare students to take ...
7 CEU/CPE Hours Available
Certificate of Completion Offered