Chapter 9 Information Ethics, Privacy, And Security Flashcards
Describe what information privacy is and the differences in privacy legislation around the world?
Information privacy concerns the protection of unauthorized access to personal information. Around the world, different privacy legislations exist. European countries tend to favour strong privacy legislation, while the US tends to adopt a more laissez-faire attitude towards privacy legislation, Austin promoting self regulation rather than hard, steadfast policies. Canada’s Laws closely follow the European model. PIPEDAis Canada’s premier privacy legislation- it imposes strict rules on how businesses of all shapes and sizes must protect and handle personal (customer) information. The gist of PIPEDA is the notions of consent, choice, and control. The legislation gives organizations rules on how personal information is collected, shared, and stored.
List 11 common stipulations an organization can follow when creating an employee monitoring policy?
- Be as specific as possible
- Always enforce the policy
- Enforce the policy in the same way for everyone
- Expressly communicate that the company reserves the right to monitor all employees
- Specifically state when monitoring will be performed
- Specifically state what will be monitored (email, IM, Internet, network activity, etc.)
- Describe the types of information that will be collected
- State the consequences for violating the policy
- States all provisions that allow for updates to the policy
- Specify the scope and manner of monitoring for any information system
- When appropriate, obtain a written receipt acknowledging that each party has received, read, and understood the monitoring policies
Explain what information ethics is and its importance in the workplace?
Organizations need to be aware of the ethical and moral issue surrounding information and information systems. These issues are lightly influenced by people’s individual ethical beliefs – there are no hard and fast rules for determining what is and what is not ethical. In the workplace, ethical issues include the design and deployment of information systems that do not respect human dignity, and using information-technology to monitor employee performance in inappropriate ways.
Identify the differences between various information ethics and privacy policies in the workplace?
A variety of policies exist in organizations to help enforce proper information Ethics and information privacy behaviors. Typical policies include: ethical computer use; information privacy; acceptable use privacy; email privacy; Internet use; anti-spam; and employee monitoring.
Describe information security, and explain why people are the first line of defense in terms of protecting information?
Information security is about protecting information from harm or misuse. The biggest issue facing information security is not a technical issue, but the people one. Even the tightest technical security measures and the most severe of your information privacy policies can be severely compromised by just one lackadaisical or corrupt worker (an “insider”) Who has access to confidential or private information and is careless or malicious about how this information is used. The Effectivenessof information security measures and information policies is highly dependent upon the people in the organization who enforce and enact these measures and policies.
Describe how information technologies can be used to enhance information security?
A variety of information technology Solutions are available to organizations to help keep information protected and secure. These include user IDs and passwords, smartcards or tokens, biometrics, intrusion detection software, encryption, and corporate firewalls.