User Account

All Pages

Determining the appropriate level of data security

Assignment Help Operation Management
Reference no: EM132182833

Write up to 2 Pages:

Instructions

Analyze the fact pattern presented below and submit one double-spaced document to the Chapters 39, 40 and 42 Individual Assignment dropbox folder by the date specificed on the course calendar. Label each question. Use the IRAC approach to help you organize your analysis (state the issue, discuss all relevant laws and legal concepts, apply the relevant legal principles to each hypothetical, and state your conclusion). Your assignment should not exceed three double-spaced pages.

Hypothetical

Risk Corporation has been in operation for the last five years. The corporation provides insurance services to clients. The articles of incorporation describe Risk Corporation's business purpose as "providing inclusive insurance services to homeowners." The corporation recently began offering clients an option to purchase cleaning services. Although all corporate formalities were satisfied during Risk Corporation's incorporation, Risk Corporation's address was listed incorrectly in the incorporation documents.

Due to a recent increase in the number of cyber attacks affecting companies in the local area, Risk Corporation’s board of directors decides to address the issue of data security during its regularly scheduled board meeting. Although board members were not instructed to learn more about the topic prior to attending the board member, board member Ellen Evans decides to do some outside reading before attending the board meeting. In reading about the issue, Ellen learns that damages from privacy breaches are not covered by Directors and Officers insurance. Alarmed, Ellen decides that Risk Corporation should increase its data security measures to reduce the risk that she would face personal liability as a director for damages resulting from a corporate data breach. Ellen encourages other board members to support the adoption of additional cyber security measures based on her fear that the directors could face personal liability if Risk Corporation suffered a data breach.

Without examining data security practices at other companies, Ellen encourages board members to approve a proposal to spend $5,000,000 in additional data security measures. Although board member Steve Stevens encourages the board to spend additional time evaluating the company's data practices before voting on Ellen's proposal, Ellen succeeds in persuading the board members to vote on her proposal. Pressed for time due to a commitment to attend another corporate board meeting following the meeting at Risk Corporation, Ellen persuades the board to vote on her proposal without waiting for late attendees. As a result, the board approves Ellen's proposal while latecomers continue to enter the boardroom.

Although many board members agree with Ellen, board member Phil Phillips votes against her proposal, convinced that the current security spending proposal is inadequate. Although Phil provides data supporting his position, the board approves Ellen's proposal. Concerned about the future implications for Risk Corporation, Phil Phillips contacts his sister, Sandy Phillips, and encourages her to reconsider her investment in Risk Corporation, based on the company's possible exposure to a data security breach. Although Risk Corporation planned to issue a pubic statement about its new security measures, Phil shares Risk Corporation's security spending plans with his sister prior to the public announcement. After learning about Risk Corporation's data security plan, Sandy decides to sells her shares of Risk Corporation stock.

Six months after the board votes to revise Risk Corporation's data security practices, a significant data breach occurs at the company. Many analysts believe that the security breach could have been avoided had the company enacted more sophisticated security measures. In addition, some analysts believe that the board's passive role in monitoring Risk Corporation's data security measures increased the likelihood that a data security breach would result. Had the board taken a more aggressive role in overseeing Risk Corporation's data security, it is possible that the data breach could have been avoided.

As a result of the data breach, customers’ personal and financial data is confiscated, resulting in financial losses of $10,000,000 for Risk Corporation customers. Following the discovery of the data breach, stock prices at Risk Corporation decline.  Shareholders file a derivative action.

Although Risk Corporation notifies customers of the security breach, the company does not notify customers in a timely manner. Risk Corporation notifies customers after two months, in violation of Wisconsin laws. The board does not take an active role in ensuring that customers are notified of the breach in a timely manner.

Instructions

Using the assigned readings and commentaries for Chapters 39, 40 and 42 (Do not discuss issues from other chapters), fully discuss and evaluate the legal issues posed by the above facts. Your analysis should include issues of potential liability.

Does the incorrect address shown in the incorporation documents void the incorporation? Why or why not? Explain using legal principles from the assigned reading.

If the incorrect address does not void the incorporation, could the shareholders be held personally liable for the customers' losses? Why or why not? What additional information would be helpful in answering this question?

If the incorrect address does not void the incorporation, can Risk Corporation offer cleaning services to clients based on its existing articles of incorporation? Why or why not?

If the incorrect address does not void the incorporation, will the board of directors be held liable? Why or why not? Explain using legal principles from the assigned reading.

Does the fact pattern presented above result in a violation of the Securities Exchange Act of 1934? Why or why not? Explain and discuss the specific nature of any violation and apply the relevant legal principles.

In your opinion, should corporate shareholders have a “say” in determining the appropriate level of data security? Why or why not? If shareholders do have input in determining the appropriate level of data security, should this input be advisory in nature? Explain.

Reference no: EM132182833

Questions Cloud

What real property was included in the sale : Was the contract for the sale of the property required to be in writing? What real property was included in the sale?
Did musicnet violate the antitrust laws : Did MusicNet violate the antitrust laws? Why or why not? Explain how your classmate's suggested fact would affect the outcome of the case.
Correct classification of ring for determining ownership : What is the correct classification of the ring for determining ownership? How long does the finder need to keep the ring before acquiring ownership?
Created revolution in urban transportation : Ride hailing, and the application behind it, driven by Uber literally created a “revolution” in urban transportation.
Determining the appropriate level of data security : In your opinion, should corporate shareholders have a “say” in determining the appropriate level of data security?
Advantages and disadvantages of incontestability clause : What are the advantages and disadvantages of an incontestability clause? Explain.
Roberto owned piece of property in fee simple absolute : Roberto owned a piece of property in fee simple absolute. What property rights did Roberto have before he conveyed the property to Tanya?
Evaluate training and development alternatives currently : Evaluate training and development alternatives currently being used at your organization or within a company you are familiar with.
Determine contractual relationship : Which of the following elements would make a court determine a contractual relationship between agent and principle to be as employer-employee?

Reviews

Write a Review

Operation Management Questions & Answers

  Considering submitting bid on major project

Your company is considering submitting a bid on a major project. You determine that the expected completion time is 150 weeks and the standard deviation is 10 weeks. It is assumed that the normal distribution applies. You wish to set the due date for..

  What role does each function play in network design

Within the organization, what groups, or functions (such as operations, sales, and marketing), are involved in a network design project (Simchi-Levi, Kaminsky, & Simchi-Levi, 2008, 108)? What role does each function play in network design? What strat..

  Developing replacement policy

A rental car company is developing a replacement policy for their cars over 4-year planning horizon. At the beginning of each year, the company must decide whether to replace a car or keep it in operation for another year. A car must be in service fr..

  Campaign project and the expected project completion time

Determine the critical path for the campaign project and the expected project completion time. (Use the expected time for the activity completion time) Determine the probability that the project will be completed in less than 34 days. Determine the p..

  Do you believe that quarks burgers was justified

Jake's franchise was very successful, and every year he received an award from Quark's Burgers for being one of the top 10% of its franchisees.

  Government to acquire private property for public use

Eminent Domain is the doctrine that allows the government to acquire private property for public use. Although the government is required by the 5th and 14th amendments to pay the owner of the property "just compensation," is government use of the do..

  Why are routing and scheduling continual

Why are routing and scheduling continual problems in process layouts?

  Negligence-strict liability and false imprisonment

In the case Labaj v. VanHouten, a business was found liable because it was foreseeable that a guard dog might injure a person it did not know. This illustrates: Negligence, Strict liability, False imprisonment

  Proper implementation of your control system

Prioritize and evaluate the resources that need to be made available to ensure proper implementation of your control system.

  What are your thoughts about self-managed teams

What are your thoughts about self-managed teams? iIs it possible to create a self-managed organization? If you were asked to design a self-managed organization, what do you think the most important thing would be?

  Radio spots for the city of milwaukee tourism bureau

your copy writers are presenting you with their ideas for several thirty-second radio spots for the City of Milwaukee Tourism Bureau.

  Patients is prerequisite for establishing good communication

Discuss the following statement: “Being sensitive to the needs of patients is a prerequisite for establishing good communication.”

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd