SlideShare a Scribd company logo

SNHU assignment IT courses. Washington University

Download as DOCX, PDF
6
6WritersExperts

The document outlines a strategic plan for migrating 75% of ICS's critical technology infrastructure to the cloud, focusing on improved organizational efficiency and compliance with industry standards. It emphasizes the importance of long-term budgeting, vendor management, and documentation to ensure successful implementation and sustainability. Additionally, it details compliance requirements with various regulations, such as GLBA, GDPR, and PCI-DSS, along with the necessity for SLAs and NDAs to protect sensitive data during the transition.

Business
1 of 7
Download to read offline
1
2
3
4
5
6
7
IT 482 Project Two Strategic Plan and Mission The operations plan for the new HCM processes and cloud solutions align with the organization’s mission by allowing the workers to be more effective, providing a more flexible service for clients and revolutionizing the business to meet current standards upheld by leading global brands. This is possible through strategic planning where the organizational objectives are set by ICS's mission statement. The plan is focused on migrating 75% of ICS’s critical technology infrastructure to the cloud within 3 years. The operational plan will define the parties responsible for different tasks, the necessary resources to achieve those tasks, and the risks involved with mitigation measures provided. ICS will also need to set aside a budget that ensures the project has the necessary support to be successfully actualized, and that other business objectives are achieved. The budget ought to include support for the next five to ten years to ensure that it is sustainable and profitable in the long term. This is because strategic planning is inherently long-term and focused on the whole business rather than a few elements. Some of the questions that the strategy aims to answer include; Where does the organization want to be? How will it get there? How will it be supported after getting there? These are some of the core factors that will be needed to ensure the operational plan is successful. Something else that will need to be accounted for is the documentation of all
activities and periodically re-evaluating the progress against an initial list of objectives, requirements and outcomes. The project manager will use these documents to delegate tasks amongst the service acceptance team, evaluate progress and determine points of improvement to ensure a successful outcome. Business Continuity One tactic that can be used to protect personnel and assets in the event of a service interruption is migrating to the Oracle HCM Cloud in phases within an agile environment (Kalem, Donko & Boskovic, 2013). The service acceptance team can identify the workloads and resources that need to be moved first, in addition to the order in which elements of the current system will be moved. This way of transitioning will maintain the performance and reliability of critical business resources and operations. It is impractical to In addition to doing the process in phases, ICS ought to ensure that the five global data centers in Dublin, Chicago, Albuquerque, Singapore and Tokyo keep operating at full capacity before the cloud system is fully functional. Rather than running all the necessary systems, ICS can identify mission-critical applications and systems that can be operated in the data centers while the cloud system is being configured. Another tactic that can be considered is the development of a continuity plan whose main aims are to ensure that downtimes are resolved as quickly as necessary and that critical data is backed up in one of the data centers. Further risk can be mitigated by developing a training program for employees to be well- versed in supporting business operations in the event of unforeseen circumstances. Employees can benefit from being able to retrieve data from backup systems, addressing customer requests and computer security protocols. The latter will be particularly important if security controls are
negatively impacted during the migration. The migration will be a lengthy process and not one that occurs instantly. Using an agile methodology will allow the implementation of the Oracle HCM Cloud to be broken down into more manageable chunks of work. These chunks will allow the organization to schedule testing and maintenance breaks that will collectively ensure that the system works as intended. Vendor Management The process of engaging with Oracle vendors has to be systematic and intentional. First, the organization can contact Oracle and other cloud service vendors to source critical information on pricing and implementation into legacy systems. ICS can use telephone calls and email correspondence to compare the package offered by Oracle to that provided by other cloud service providers. A final selection of the system to implement will be based on price suitability and the ability of the vendor to meet the standards required by ICS. The organization can then request a list of minimum requirements to support the cloud infrastructure as needed by the Oracle HCM cloud system. This will allow ICS to ensure that all resources are in place and can be concurrently phased in as the existing infrastructure is phased out in stages. ICS will also need a way to reduce vendor-related risks such as underperforming metrics and other aspects of due diligence. The organization ought to share business goals with the chosen vendor and select a vendor management team which can frequently evaluate the performance and suitability of the cloud system of ICS processes. ICS will also need to draw up a service contract with the chosen vendor to ensure that they are protected in case of challenges with the implementation of the cloud service (Hulsen, 2019). All of this is possible once the service acceptance team draws up a reference database for all vendor-related information. This
will allow all involved participants to have ready access to all relevant information, which will facilitate quick decision-making. Compliance and Standards Organizations are expected to demonstrate legal compliance and adherence to industry standards because violations can lead to loss of reputation, lawsuits, or even fines and penalties. Accordingly, ICS must ensure that the selected vendors comply with the following laws and industry standards. a. Gramm-Leach-Bliley Act (GLBA)- the act comprises several sections including the financial privacy rule and the safeguards rule. Compliance with the financial privacy rule will ensure that the organization regulates how it collects and discloses private financial information (Smith & Bartholomew, 2017). Considering that ICS offers its services to the finance industry, it must ensure that all private financial information from its clients is regulated from unauthorized access. The financial rule also safeguards the organization’s reputation by ensuring that its client’s non-personal information is not shared with third parties without consent. Similarly, the safeguards rule requires organizations in the financial industry to develop and implement information security plans describing how they protect personal information. Therefore, complying with GLBA is a requirement for the vendors approved to provide cloud services. b. General Data Protection Regulation (GDPR)- the compliance standard regulates how organizations, including those in the finance and retail industries like ICS, protect personal data. Specifically, ICS must ensure that the vendors to provide cloud services comply with GDPR to secure personal data for its offices within the EU (Solove &
Schwartz, 2020). Violating this standard might result in data breaches where clients’ personal data, such as their names, ID numbers, addresses, phone numbers, and bank details are leaked to the public. In addition to negatively affecting ICS’s reputation, cybercriminals could use the leaked data to commit crimes, indirectly affecting their client’s reputations as well. c. PCI-DSS standards- a requirement for the organization that engages in processing, storing, or transmitting credit card information. ICS offers its services to companies in the retail industry that utilize credit card transactions. Accordingly, ICS should ensure that the vendors guarantee security by preventing credit-card-based fraud. This way, the companies can prevent data breaches and related cybersecurity attacks that are likely to compromise cardholder data. SLAs and NDAs The IT operations plan for the new HCM processes and cloud solution will likewise accommodate service level agreements (SLAs) and nondisclosure agreements (NDAs) to mitigate issues that might impact IT operations and systems planning. Firstly, SLAs are necessary as they set the expectations between the client, i.e., ICS and the service provider, describing the services and products to be delivered (Rao, 2016). The proposed IT operations plan will accommodate SLAs to ensure that the vendors are approved to provide the cloud services. For instance, cloud services include Software as a Service (SaaS) and storage features. Consequently, having the SLA will promote transparency and will ensure that all parties are aware of the consequences of any violations.
Secondly, NDAs are legal contracts that ensure that parties in a contract comply with requirements and maintain a confidential relationship with regard to sensitive data. ICS provides its AI solutions to companies in the finance and retail industries, meaning that it collects personally identifiable information (PII) from its clients. Accordingly, ICS must ensure that the approved vendors sign nondisclosure agreements that will ensure the vendors do not misuse any data they process and store on its behalf. Dove et al. indicate that violating the NDAs will result in legal repercussions for the vendors. Furthermore, NDAs might impact IT operations and systems planning considering that ICS is a global technology innovator and implementor of AI solutions. As such, the vendors must sign the NDAs to guarantee ICS that they will secure and not misuse ICS’s proprietary data, information, and technology solutions. Violating the NDAs will also result in legal repercussions against the vendors.
References Dove, E. S., Joly, Y., Tassé, A. M., & Knoppers, B. M. (2015). Genomic cloud computing: legal and ethical points to consider. European Journal of Human Genetics, 23(10), 1271-1278. Hulsen, D., (2019). Vendor due diligence done right. Retrieved from <https://rfp360.com/vendor-due-diligence/> Kalem, S., Donko, D., & Boskovic, D. (2013, May). Agile methods for cloud computing. In 2013 36th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 1079-1083). IEEE. Rao, B. T. (2016). A study on data storage security issues in cloud computing. Procedia Computer Science, 92, 128-135. Smith, A. M., & Bartholomew, L. C. (2017). Fair Credit Reporting Act and Financial Privacy Update—2016. The Business Lawyer, 72(2), 475-486. Solove, D. J., & Schwartz, P. M. (2020). Information privacy law. Aspen Publishing.

More Related Content

PPTX
Procurement Of Software And Information Technology Services
Peister
 
PDF
NCHICA - Contracts with Healthcare Cloud Computing Vendors
WhitmeyerTuffin
 
DOCX
Due by 11316 9pm PSTGiven the pieces of information provided i.docx
sagarlesley
 
PDF
Ensuring PCI DSS Compliance in the Cloud
Cognizant
 
DOCX
Running head CLOUD COMPUTING SECURITY .docx
joellemurphey
 
PDF
Strategies for assessing cloud security
Arun Gopinath
 
PDF
Strategies for assessing cloud security
IBM India Smarter Computing
 
PDF
Ast 0064255 strategies-for_assessing_cloud_security
Accenture
 
Procurement Of Software And Information Technology Services
Peister
 
NCHICA - Contracts with Healthcare Cloud Computing Vendors
WhitmeyerTuffin
 
Due by 11316 9pm PSTGiven the pieces of information provided i.docx
sagarlesley
 
Ensuring PCI DSS Compliance in the Cloud
Cognizant
 
Running head CLOUD COMPUTING SECURITY .docx
joellemurphey
 
Strategies for assessing cloud security
Arun Gopinath
 
Strategies for assessing cloud security
IBM India Smarter Computing
 
Ast 0064255 strategies-for_assessing_cloud_security
Accenture
 

Similar to SNHU assignment IT courses. Washington University (20)

PDF
Cloud computing security issues and challenges
Kresimir Popovic
 
PDF
Cloud: Should I Stay or Should I Go?
Marcelo Martins
 
PDF
What to consider while selecting public cloud service
Netmagic Solutions Pvt. Ltd.
 
PDF
What to consider while selecting public cloud service
Netmagic Solutions Pvt. Ltd.
 
PPT
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
PDF
Why Most Of IT Companies outsourcing?
Kryptos Technologies
 
DOCX
Cloud computing gartner report
Sumeet Mayor
 
PDF
IBM Point of View: Security and Cloud Computing
IBM India Smarter Computing
 
PDF
IBM Point of view -- Security and Cloud Computing (Tivoli)
IBM India Smarter Computing
 
PPTX
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
TechSoup Canada
 
PDF
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
HyTrust
 
DOCX
1 3Financial Service Security EngagementLearning Team .docx
oswald1horne84988
 
PDF
10 questions to ask your cloud provider
HighQ
 
PPTX
Are banks ready for the cloud?
Chris Skinner
 
DOCX
IT 8003 Cloud ComputingGroup Activity 1 SuperTAX Soft.docx
vrickens
 
PPTX
Moving Enterprise Applications to the Cloud
VISI
 
PDF
Cloud Adoption - Journey of IT Service Management
Caroline Hsieh
 
PDF
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Happiest Minds Technologies
 
PPTX
Cloud computing Risk management
Padma Jella
 
PPT
Legal issues in cloud computing
Ritambhara Agrawal
 
Cloud computing security issues and challenges
Kresimir Popovic
 
Cloud: Should I Stay or Should I Go?
Marcelo Martins
 
What to consider while selecting public cloud service
Netmagic Solutions Pvt. Ltd.
 
What to consider while selecting public cloud service
Netmagic Solutions Pvt. Ltd.
 
Legal And Regulatory Issues Cloud Computing...V2.0
David Spinks
 
Why Most Of IT Companies outsourcing?
Kryptos Technologies
 
Cloud computing gartner report
Sumeet Mayor
 
IBM Point of View: Security and Cloud Computing
IBM India Smarter Computing
 
IBM Point of view -- Security and Cloud Computing (Tivoli)
IBM India Smarter Computing
 
How Your Nonprofit Can Avoid Data Breaches and Ensure Privacy Part 2
TechSoup Canada
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
HyTrust
 
1 3Financial Service Security EngagementLearning Team .docx
oswald1horne84988
 
10 questions to ask your cloud provider
HighQ
 
Are banks ready for the cloud?
Chris Skinner
 
IT 8003 Cloud ComputingGroup Activity 1 SuperTAX Soft.docx
vrickens
 
Moving Enterprise Applications to the Cloud
VISI
 
Cloud Adoption - Journey of IT Service Management
Caroline Hsieh
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Happiest Minds Technologies
 
Cloud computing Risk management
Padma Jella
 
Legal issues in cloud computing
Ritambhara Agrawal
 
Ad

Recently uploaded (20)

PPTX
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
PDF
How to Get Funding for Your Trucking Business
Jake Thornhill
 
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
PDF
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
DOCX
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
PDF
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
PDF
A Brief Introduction About Julia Allison
Julia Allison
 
PDF
Reconciliation AND MEMORANDUM RECONCILATION
MANJU N
 
PDF
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
PDF
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
PDF
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 
PDF
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
PDF
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
PPTX
New Microsoft PowerPoint Presentation - Copy.pptx
itsmesumedh96
 
PPTX
CkgxkgxydkydyldylydlydyldlyddolydyoyyU2.pptx
DSAISUBRAHMANYAAASHR
 
PPTX
Dragon_Fruit_Cultivation_in Nepal ppt.pptx
UmeshTimilsina1
 
PDF
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
PDF
Dr. Enrique Segura Ense Group - A Self-Made Entrepreneur And Executive
Dr. Enrique Segura Ense Group
 
PDF
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
PPTX
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
How to Get Funding for Your Trucking Business
Jake Thornhill
 
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
Types of control:Qualitative vs Quantitative
reshmaaslm06
 
unit 1 COST ACCOUNTING AND COST SHEET
MANJU N
 
Roadmap Map-digital Banking feature MB,IB,AB
Alemayehu
 
A Brief Introduction About Julia Allison
Julia Allison
 
Reconciliation AND MEMORANDUM RECONCILATION
MANJU N
 
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
Katrina Stoneking: Shaking Up the Alcohol Beverage Industry
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
New Microsoft PowerPoint Presentation - Copy.pptx
itsmesumedh96
 
CkgxkgxydkydyldylydlydyldlyddolydyoyyU2.pptx
DSAISUBRAHMANYAAASHR
 
Dragon_Fruit_Cultivation_in Nepal ppt.pptx
UmeshTimilsina1
 
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
Dr. Enrique Segura Ense Group - A Self-Made Entrepreneur And Executive
Dr. Enrique Segura Ense Group
 
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
AI-assistance in Knowledge Collection and Curation supporting Safe and Sustai...
Barry Hardy
 
Ad

SNHU assignment IT courses. Washington University

  • 1. IT 482 Project Two Strategic Plan and Mission The operations plan for the new HCM processes and cloud solutions align with the organization’s mission by allowing the workers to be more effective, providing a more flexible service for clients and revolutionizing the business to meet current standards upheld by leading global brands. This is possible through strategic planning where the organizational objectives are set by ICS's mission statement. The plan is focused on migrating 75% of ICS’s critical technology infrastructure to the cloud within 3 years. The operational plan will define the parties responsible for different tasks, the necessary resources to achieve those tasks, and the risks involved with mitigation measures provided. ICS will also need to set aside a budget that ensures the project has the necessary support to be successfully actualized, and that other business objectives are achieved. The budget ought to include support for the next five to ten years to ensure that it is sustainable and profitable in the long term. This is because strategic planning is inherently long-term and focused on the whole business rather than a few elements. Some of the questions that the strategy aims to answer include; Where does the organization want to be? How will it get there? How will it be supported after getting there? These are some of the core factors that will be needed to ensure the operational plan is successful. Something else that will need to be accounted for is the documentation of all
  • 2. activities and periodically re-evaluating the progress against an initial list of objectives, requirements and outcomes. The project manager will use these documents to delegate tasks amongst the service acceptance team, evaluate progress and determine points of improvement to ensure a successful outcome. Business Continuity One tactic that can be used to protect personnel and assets in the event of a service interruption is migrating to the Oracle HCM Cloud in phases within an agile environment (Kalem, Donko & Boskovic, 2013). The service acceptance team can identify the workloads and resources that need to be moved first, in addition to the order in which elements of the current system will be moved. This way of transitioning will maintain the performance and reliability of critical business resources and operations. It is impractical to In addition to doing the process in phases, ICS ought to ensure that the five global data centers in Dublin, Chicago, Albuquerque, Singapore and Tokyo keep operating at full capacity before the cloud system is fully functional. Rather than running all the necessary systems, ICS can identify mission-critical applications and systems that can be operated in the data centers while the cloud system is being configured. Another tactic that can be considered is the development of a continuity plan whose main aims are to ensure that downtimes are resolved as quickly as necessary and that critical data is backed up in one of the data centers. Further risk can be mitigated by developing a training program for employees to be well- versed in supporting business operations in the event of unforeseen circumstances. Employees can benefit from being able to retrieve data from backup systems, addressing customer requests and computer security protocols. The latter will be particularly important if security controls are
  • 3. negatively impacted during the migration. The migration will be a lengthy process and not one that occurs instantly. Using an agile methodology will allow the implementation of the Oracle HCM Cloud to be broken down into more manageable chunks of work. These chunks will allow the organization to schedule testing and maintenance breaks that will collectively ensure that the system works as intended. Vendor Management The process of engaging with Oracle vendors has to be systematic and intentional. First, the organization can contact Oracle and other cloud service vendors to source critical information on pricing and implementation into legacy systems. ICS can use telephone calls and email correspondence to compare the package offered by Oracle to that provided by other cloud service providers. A final selection of the system to implement will be based on price suitability and the ability of the vendor to meet the standards required by ICS. The organization can then request a list of minimum requirements to support the cloud infrastructure as needed by the Oracle HCM cloud system. This will allow ICS to ensure that all resources are in place and can be concurrently phased in as the existing infrastructure is phased out in stages. ICS will also need a way to reduce vendor-related risks such as underperforming metrics and other aspects of due diligence. The organization ought to share business goals with the chosen vendor and select a vendor management team which can frequently evaluate the performance and suitability of the cloud system of ICS processes. ICS will also need to draw up a service contract with the chosen vendor to ensure that they are protected in case of challenges with the implementation of the cloud service (Hulsen, 2019). All of this is possible once the service acceptance team draws up a reference database for all vendor-related information. This
  • 4. will allow all involved participants to have ready access to all relevant information, which will facilitate quick decision-making. Compliance and Standards Organizations are expected to demonstrate legal compliance and adherence to industry standards because violations can lead to loss of reputation, lawsuits, or even fines and penalties. Accordingly, ICS must ensure that the selected vendors comply with the following laws and industry standards. a. Gramm-Leach-Bliley Act (GLBA)- the act comprises several sections including the financial privacy rule and the safeguards rule. Compliance with the financial privacy rule will ensure that the organization regulates how it collects and discloses private financial information (Smith & Bartholomew, 2017). Considering that ICS offers its services to the finance industry, it must ensure that all private financial information from its clients is regulated from unauthorized access. The financial rule also safeguards the organization’s reputation by ensuring that its client’s non-personal information is not shared with third parties without consent. Similarly, the safeguards rule requires organizations in the financial industry to develop and implement information security plans describing how they protect personal information. Therefore, complying with GLBA is a requirement for the vendors approved to provide cloud services. b. General Data Protection Regulation (GDPR)- the compliance standard regulates how organizations, including those in the finance and retail industries like ICS, protect personal data. Specifically, ICS must ensure that the vendors to provide cloud services comply with GDPR to secure personal data for its offices within the EU (Solove &
  • 5. Schwartz, 2020). Violating this standard might result in data breaches where clients’ personal data, such as their names, ID numbers, addresses, phone numbers, and bank details are leaked to the public. In addition to negatively affecting ICS’s reputation, cybercriminals could use the leaked data to commit crimes, indirectly affecting their client’s reputations as well. c. PCI-DSS standards- a requirement for the organization that engages in processing, storing, or transmitting credit card information. ICS offers its services to companies in the retail industry that utilize credit card transactions. Accordingly, ICS should ensure that the vendors guarantee security by preventing credit-card-based fraud. This way, the companies can prevent data breaches and related cybersecurity attacks that are likely to compromise cardholder data. SLAs and NDAs The IT operations plan for the new HCM processes and cloud solution will likewise accommodate service level agreements (SLAs) and nondisclosure agreements (NDAs) to mitigate issues that might impact IT operations and systems planning. Firstly, SLAs are necessary as they set the expectations between the client, i.e., ICS and the service provider, describing the services and products to be delivered (Rao, 2016). The proposed IT operations plan will accommodate SLAs to ensure that the vendors are approved to provide the cloud services. For instance, cloud services include Software as a Service (SaaS) and storage features. Consequently, having the SLA will promote transparency and will ensure that all parties are aware of the consequences of any violations.
  • 6. Secondly, NDAs are legal contracts that ensure that parties in a contract comply with requirements and maintain a confidential relationship with regard to sensitive data. ICS provides its AI solutions to companies in the finance and retail industries, meaning that it collects personally identifiable information (PII) from its clients. Accordingly, ICS must ensure that the approved vendors sign nondisclosure agreements that will ensure the vendors do not misuse any data they process and store on its behalf. Dove et al. indicate that violating the NDAs will result in legal repercussions for the vendors. Furthermore, NDAs might impact IT operations and systems planning considering that ICS is a global technology innovator and implementor of AI solutions. As such, the vendors must sign the NDAs to guarantee ICS that they will secure and not misuse ICS’s proprietary data, information, and technology solutions. Violating the NDAs will also result in legal repercussions against the vendors.
  • 7. References Dove, E. S., Joly, Y., TassĂ©, A. M., & Knoppers, B. M. (2015). Genomic cloud computing: legal and ethical points to consider. European Journal of Human Genetics, 23(10), 1271-1278. Hulsen, D., (2019). Vendor due diligence done right. Retrieved from <https://rfp360.com/vendor-due-diligence/> Kalem, S., Donko, D., & Boskovic, D. (2013, May). Agile methods for cloud computing. In 2013 36th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO) (pp. 1079-1083). IEEE. Rao, B. T. (2016). A study on data storage security issues in cloud computing. Procedia Computer Science, 92, 128-135. Smith, A. M., & Bartholomew, L. C. (2017). Fair Credit Reporting Act and Financial Privacy Update—2016. The Business Lawyer, 72(2), 475-486. Solove, D. J., & Schwartz, P. M. (2020). Information privacy law. Aspen Publishing.