6-3 Project Two Submission: Legal and Ethical Recommendations Brief

Sumer Piggush

Southern New Hampshire University

CYB-260: Legal and Human Factors of Cybersecurity

Professor Chris Sadoski

April 14, 2024

 6-3 Project Two Submission: Legal and Ethical Recommendations Brief

Memorandum

To: Internal Leadership Board

From: Sumer Piggush

Date: April 14, 2024

Subject: Recommendations for Strengthening Data Privacy, Security, and Ethical Considerations

As the Executive-Level Security Consultant for our organization, I also speak for the security

team in presenting the following recommendations regarding data privacy, security, and ethical

considerations in light of our partnership with Helios Health Insurance.

I. Data Privacy

Given the sensitive nature of the information shared between Fit-vantage Technologies and

Helios Health Insurance, ensuring data privacy emerges as a top priority to maintain customer

trust and meet regulatory standards. Our recommendation is in line with relevant laws, notably

the Health Insurance Portability and Accountability Act (HIPAA), which mandates strict

requirements for safeguarding sensitive health data.

HIPAA dictates that customer information must only be accessed with explicit consent and for

legitimate business purposes. Any deviation from agreed-upon terms regarding the use of

customer data requires a fresh service agreement, ensuring transparency and accountability. Our
corporate mission emphasizes the importance of customer verification, reflecting our

commitment to privacy protection and ethical data use.

II. Data Security:

To fortify data security, our methodology integrates a range of protective measures aligned with

industry benchmarks. The inclusion of a two-step verification process during account setup and

retrieval, as delineated in our security protocols, fortifies access management and reduces the

likelihood of unauthorized entry. Furthermore, the implementation of password-secured user

accounts and rigorous authentication procedures for password recovery amplifies our security

measures.

These initiatives are in line with our corporate mission, which emphasizes customer-centric

values and ethical conduct. By adopting these security protocols, we not only protect customer

data but also underscore our dedication to ethical business practices.

III. Ethical Considerations:

The incorporation of ethical considerations significantly shapes our recommendations for

strengthening security measures. Our mission statement emphasizes the importance of

prioritizing customer welfare and fostering trust through transparent and accountable practices.

In the event of a data breach, our ethical obligation is to promptly notify affected customers and

take necessary corrective measures.

Moreover, our commitment to continuous improvement aligns with ethical imperatives to

enhance service quality and uphold customer satisfaction. By integrating ethical principles into
our data privacy and security framework, we reinforce our organizational values and ensure the

ethical use of customer data.

Our recommendations are rooted in legal compliance, industry best practices, and organizational

values. By implementing these measures, we reinforce customer trust and organizational

integrity.

Thank you for your attention to these critical matters. Should you need more clarification or

assistance, please contact me.

Sincerely,

Sumer Piggush

Executive-level Security Consultant