Background
Vandelay Industries has made the unfortunate decision to terminate employee George Costanza for cause after its employee monitoring, and an internal investigation revealed reasons to believe that he had been faking a disability. Through our hiring, employment, and termination, Vandelay Industries has collected information about Mr. Costanza including:
His application;
The hiring team’s interview notes;
The company’s conditional offer;
His medical screening;
Results from a background check;
Monitoring data including: (a) internet browsing history, (b) emails, (c) phone logs and recordings, and (d) cell phone location history;
The company’s internal investigation reports; and
His disciplinary and termination records.
Instructions
Please prepare a detailed PowerPoint not to exceed 25 slides training the executive team on the cybersecurity measures taken to secure personnel files. At a minimum, please include the following slides:
Introduction
Access to Personnel Files
Security Measures
Handling and Storage of Personnel Files
Response to Security Incidents
Conclusion
The presentation is not intended to and should not address the Costanza situation directly.
Please utilize the slide notes function in PowerPoint to add speaker notes to each slides. These notes should be used to explain or expand on the slide content as if you were actually presenting the PowerPoint to the CEO and should also note resources relied on for the content of each slide.
Resources
The National Institute of Standards and Technology (NIST) is a federal agency that provides guidance on cybersecurity and information security. The NIST’s websiteLinks to an external site. contains publications concerning protecting sensitive information, including personnel files, such as Special Publication 800-122
Actions
.
The Cybersecurity and Infrastructure Security Agency (CISA) is a federal agency that provides guidance and assistance on cybersecurity and critical infrastructure protection. CISA‘s websiteLinks to an external site. has a number of articles on protecting sensitive information, including guides for small businessesLinks to an external site..
The International Association of Privacy Professionals (IAPP) is a professional organization for privacy and data protection professionals. The IAPP’s website offers a variety of resourcesLinks to an external site. on protecting sensitive information.
The Privacy Rights Clearinghouse is a non-profit organization that provides information and assistance on privacy and data protection issues. The PRC’s website offers a multitude of resourcesLinks to an external site. on these topics.
The Employment Law Handbook (ELH) is a private company with a mission to assist employers, including small businesses, and employees find answers to questions concerning employment law, including Title VII, the ADA and other anti-discrimination laws. The ELH’s website offers articles, guides, and other resourcesLinks to an external site. for employers looking to comply with these laws.
Tips
While your PowerPoint will primarily be graded on the accuracy, clarity and depth of the content, here are tips for preparing your presentation:
Choose a single background for the entire presentation.
Use simple, clean fonts.
Write in bulleted format and use consistent phrase structure in lists.
Use direct, concise language. Keep text to a minimum on the slides.
Provide definitions when necessary.
Use white space to set off text and/or visual components.
Make sure each slide logically leads to the next.
Use a heading for each slide.