Organizations continue to increase the amount of customer data they collect, store, process, and distribute. The databases that store this information are valuable assets for the organization and lucrative targets for cybercriminals. World governments have developed robust laws and regulations, such as the US Privacy Act of 1974, to protect customer privacy. The concepts of "due care" and "due diligence" are legal terms that governments use to ensure organizations are taking appropriate actions to protect the privacy data they have on their networks and ensure that they place customer safety and privacy rights ahead of profits.

Research the following 3 terms from a minimum of 3 sources:

• Privacy rights
• Due care
• Due diligence

Assume you're a cyber security professional for an organization that collects, stores, processes, and distributes customers' Personally Identifiable Information (PII). You have been asked to review both concepts for an upcoming meeting between your department, leadership, and the legal team at your company.

Address the following in a 350- to 525-wrd report:

• Identify and discuss 1 privacy right law in the world.
• Does the organization have a "due care" responsibility to protect the privacy data?
• What actions can the organization take to show "due diligence" in protecting the PII data?