Course Syllabus - IST 452 Legal and

Regulatory Environment of Privacy and Security

General Course Information

Department IST

Number 452

Title Legal and Regulatory Environment of Privacy and Security

Credits 3

Description Institutional constraints on security historically focused on

traditional criminal enforcement and a slow but steady increase

in civil remedies through the twentieth century. Professional

security protection could satisfy reasonable assurance criteria

by managing legal and regulatory risks based on commonly-held

understandings of burglary, theft, conversion and widely-

understood but related institutional constraints in the protection

of physical property. This focus retained effectiveness so long

as physical security over tangible property appeared successful,

even extending to the maintenance of control over mainframe

computers and their peripherals. However, the proliferation of

networked computers has made access and storage ubiquitous,

vastly increasing the vulnerability of confidential data, private

information and critical national security infrastructure. Security

and privacy regulation compliance responsibility now falls much

more harshly on both organizations and most of their individual

personnel. These complex new duties constrain organizations in

the data management industry as well as suppliers and users of

data and all participants in the information supply chain, including

consultants, software suppliers, applications service providers,

maintenance, outsourcing and communications providers.



Other factors exacerbate these liability risk management

difficulties. Advances in network computer storage and use, the

broadening perception of heightened value of information and the

pervasive availability of rich data warehousing increase the

vulnerability of data management. Risks of information theft and
Last Updated: 4:22:47 PM Wednesday, March 19, 2008 Page 1 of 17
First Previous Next Last