| Home | Introduction | Federal Systems | Private Systems | Computer Crimes | Benefits and Potential Changes | Conclusion | Bibliography |
There are as of this time no requirements from the government for private individuals (other than contractors working for the federal government) to secure their computer systems (Moteff 10). However, there are federal laws that pertain to the processing of personal information from people. The Gramm-Leach-Bliley Act (GLBA) of 1999 establishes privacy for customer information. Financial institutions are required to protect certain personal information. GLBA requires financial institutions to do three things: “insure the confidentiality of customer records and information, protect against any anticipated threats or hazards to the security or integrity of such records and to protect against unauthorized access (Peltier 68).” The Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996. Its aim was to make health insurance more accessible to people, even people whom have serious health conditions. The rules within the act give the individual more control over how their health information is used. Health car providers are to “ensure the integrity and confidentiality of individually identifiable health information held or transferred by them; to protect against any reasonably anticipated threats, unauthorized use or disclosure; and to ensure compliance with these safeguards by officers and employees (Peltier 68).” The Sarbanes-Oxley (SOX) Act of 2002 requires management to complete a report on the financial nature of the company. The act does not mention computer security outright. However, there is mention in one of the act’s regulations that the examination of information technology is one of the critical elements to evaluate and assess (Moteff 10-11).
With the onset of the threat of terrorism in this century, there has grown a greater fear of terrorist attacks through technology. The idea of this potential terrorist attack is daunting because technology is such a critical part in our everyday life. To deal with the threat of terrorism, the Department of Homeland Security was established. The Homeland Security Act of 2002 gives the Department of Homeland Security the ability to provide the non-governmental (i.e. private) sector with warning and analysis of threats and potential downfalls of computer systems. It also gives the Undersecretary for Information Analysis and Infrastructure Protection the authority to provide help and information to individuals within the private sector in times of crisis brought on by the potential of attacks and in the case of attack support to recover from a major computer systems disaster (Moteff 11).