Professional, Legal & Ethical Issues in Data & Database Management Flashcards
What is the study of what is morally right and wrong?
Ethics
Ethics examines the standards of society regarding right and wrong behavior.
What does ethical behaviour in IT ensure?
Responsible, transparent, and socially beneficial use of technology
Ethical IT practices build trust and protect privacy.
What is ethical data management?
Responsible and morally appropriate handling and use of data
It includes ensuring privacy, obtaining consent, and preventing misuse.
What does ethical database management involve?
Implementing ethical principles in database design and operation
This includes ensuring data accuracy and protecting rights of data subjects.
True or False: All unethical behaviour is illegal.
False
Not all unethical behavior is covered by law.
What are the main regulations governing legal data management in the UK?
Data Protection Act (DPA) and General Data Protection Regulation (GDPR)
These laws regulate data collection, processing, and storage.
What does IT governance manage?
IT systems and processes in alignment with business objectives and regulatory requirements
IT governance specifies decision rights and accountability frameworks.
What does GDPR stand for?
General Data Protection Regulation
It aims to safeguard personal data of individuals in the EU.
What does the UK Data Protection Act 2018 regulate?
Collection, processing, and storage of personal data
It ensures individuals’ rights over their data.
What is the purpose of the Freedom of Information Act 2000 in the UK?
Provides individuals the right to access information held by public authorities
It aims to increase openness and accountability.
What does the Sarbanes-Oxley Act (SOX) focus on?
Tightening requirements on financial reporting and auditing
It was introduced after major financial frauds.
What is COBIT?
Control Objectives for Information and related Technology
A framework for governance and management of enterprise information and technology.
What are the five major components of the COSO framework?
- Control environment
- Risk assessment
- Control activities
- Information and communications
- Monitoring
COSO focuses on internal controls.
What is the primary purpose of the Health Insurance Portability and Accountability Act (HIPAA)?
To protect the privacy and security of individuals’ health information
It establishes standards for electronic health records.
What do the BASEL Accords regulate?
International banking regulations to enhance global banking stability
They set standards for capital adequacy and risk management.
What is the British Computer Society (BCS) Code of Conduct focused on?
Ethical principles and responsibilities for IT professionals
It includes public interest and professional competence.
What are the key principles of the ACM Code of Ethics?
- General Moral Imperatives
- Professional Responsibility
- Judgment and Decision Making
- Privacy and Security
- Intellectual Property
- Professional Development
It guides computing professionals in ethical decision-making.
Fill in the blank: _______ is the product of human creativity in various fields.
Intellectual Property (IP)
It includes inventions, designs, and written work.
What are the two types of Intellectual Property?
- Background IP
- Foreground IP
Background IP exists before an activity; Foreground IP is generated during an activity.
What does ethical dilemma mean in the context of database management?
Challenges faced when encountering unauthorized access and privacy violations
Database administrators must prioritize data privacy and report violations.
What is an example of unethical behaviour in IT?
Installing unlicensed software
Other examples include accessing personal information and divulging trade secrets.
What does Intellectual Property (IP) encompass?
Inventions, inventive ideas, designs, patents, patent applications, discoveries, improvements, trademarks, designs and design rights, written work, and know-how devised, developed, or written by individuals or groups.
This includes both registered and unregistered rights.
What are the two types of Intellectual Property (IP)?
Background IP and Foreground IP.
Background IP exists before an activity takes place, while Foreground IP is generated during an activity.
What is a patent?
An exclusive legal right for a set period to make, use, sell, or import an invention.
Granted by a government when the invention is new, useful, and involves an inventive step.
What does copyright protect?
Provides an exclusive legal right for a set period to reproduce and distribute a literary, musical, audio-visual, or other work of authorship.
This includes written work and computer software.
What is a trademark?
An exclusive legal right to use a word, symbol, image, sound, or other distinguishing element that identifies the source of origin for certain goods or services.
This right is granted to prevent others from making, using, selling, or importing similar identifiers.
Why is Intellectual Property (IP) important to consider?
To understand rights, recognize the value of original works, protect and exploit work, know legal measures against illegal use, and be fair in non-profit use.
These considerations are crucial for producers of original ideas and works.
What must database administrators be aware of regarding IP rights?
Legal frameworks governing intellectual property rights.
They must ensure no infringement occurs when managing databases or developing software.
What issues are related specifically to IP rights (IPR) and software?
Software and patentability, software and copyright, commercial software (perpetual use), commercial software (annual fee), shareware, freeware.
These issues highlight the complexities of software usage and licensing.
What should data administrators define and enforce regarding data?
Policies that govern when data can be shared and in what ways it can be used within the organization.
This should be done in conjunction with senior management and legal counsel.
What are best practices for database auditing, governance, and compliance?
Regular database auditing, establishing policies, procedures, and controls for data integrity, availability, and privacy, and documenting data protection practices.
Compliance with relevant regulations and industry standards is also crucial.
What were the key topics considered in the lesson?
Defining ethical, IT governance, and legal issues in IT; distinguishing between legal, IT governance, and ethical issues; additional requirements on data/database administrators; IP issues related to IT; best practices for auditing and compliance.
These topics are essential for understanding the professional context of data management.
