Unit 6 Assignment 1: Analysis

Unit 6 Assignment 1: Analysis of the Breach Notification Law Letter

Unit 6 Assignment 1: Analysis of the Breach Notification Law Letter
On April 17, 2011 PlayStation Network (PSN) was breached by an unauthorized source. Sony believed that the source exposed personal and password information – and possibly credit cards – of an estimated 77 million people. This is considered one of tech’s history’s worst security failures (Cooney, 2011). Due to this breach, Sony has broken many laws. The most critical laws that Sony “allegedly” broke were California SB 1386, California Law 1798.81.5, and California Law 1798.29.
California Law SB 1386 states;
“This bill would require state agencies and businesses that maintain computer data systems that contain personal information to disclose, as specified, any breach of the security of the systems, as defined, to any person whose personal information was, or may have been, accessed by an unauthorized person. This bill would also make a statement of legislative findings and declarations regarding privacy and financial security (SB 1386 Senate Bill – AMENDED, 2000).”
Personal information is defined in this section as a person 's first name, or first initial, last name, social security number, driver 's license or California identification card numbers, account number, credit or debit card number, and medical information (Civil Code Section 1789.80-1798.84). Medical information is defined as any individually identifiable information, in electronic or physical form, regarding the individual 's medical history or medical treatment or diagnosis by a health care professional (Civil Code Section 1789.80-1798.84). Personal information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records (Civil Code Section