Regulatory Compliance: Insufficient Protection for Today's Sensitive Data and the Need for a Risk Management Plan
Date of Award
Master of Applied Science
Assessment; Compliance; HIPAA; Information; Management; Risk; Security
Regulatory requirements focused on enhancing information security within both the private and public sectors are on the rise. The increase in attention towards compliance with these requirements may serve to promote a false sense of security, as a good risk management plan is the crucial component to protecting against information security threats. Logically, additional security should equal less data theft; however, breaches of sensitive data continue to be a growing problem. This growth may point to a poor understanding of how to conduct proper risk management in conjunction with regulatory compliance. This project will show the need for identifying gaps between compliance and risk management and will provide a risk management guide that can be used to do so.
Martin, Steven, "Regulatory Compliance: Insufficient Protection for Today's Sensitive Data and the Need for a Risk Management Plan" (2010). Security Management. 9.