Assignment Unit 4 Legal and Ethical issues
Legal issues
Legal issues that affect Northbrook college are:
Data Protection Act 1998: This controls the personal information that the government or organisations have of you and how it will be used. This gives individuals the right to know what information is held about them. The Data Protection act as 8 principles;
1) Data may only be used for the purpose it is collected.
2) Data must not be passed on to other people without the consent of the person whom it is about.
3) People have the right of access to the information held about them.
4) Personal information may be kept for no longer than is necessary and must be kept up to date.
5) Personal information may not be
…show more content…
The codes will certainly protect IT administrators who run the servers and will often be the first to detect misuse.
Northbrook shows the codes of practice as they welcome everyone to college despite the students abilities, background and characteristics – including the adult’s age, sex, sexual orientation, religious persuasion, racial origin, ethnic group, and cultural and linguisiotic heritage.
An organisation’s policies may have a significant effect on how it treats information.
This is the equality and diversity policy of Northbrook. This is what every organisational policies should be.
Information ownership
This would prevent staff at one location accessing information held at another location even though the company would be happy for them to do so.
The department that produced the data should own every field of data in every record.
They should have the responsibility for making sure that it is entered into the computer system in a timely way, that it is correct and that it is consistent.
This links in with plagiarism at Northbrook.
Security of information and back ups
Northbrook keep all data and information stored at broad water campus in a fireproof cabinet. They have backups frequently to make sure all information is kept safe and not lost.
Health and safety polices to abide by
Northbrook have a Health and safety page on Blackboard for all students and
9. What measures in terms of physical storage are taken to ensure the privacy of the medical record?
This policy is aimed to reduce the risk that information that is of significant value to us will be lost, corrupted, inappropriately used or disclosed. Examples of information of this kind includes customer information, business strategy, network and configuration information and market sensitive information.
Important information should not be given to others who do not required to know that information.
Confidential information is also extremely fundamental. Individuals must have access to their personal records, which must consist of accurate information. They must also have given their consent to have these records exist in the first place, and the records must be securely stored.
Several statues have been enacted in order to uphold the fundamental rights to the privacy of an individual’s information. In particular, these
On the other hand, one must also protect sensitive patient information from being distributed to unauthorized persons, that is, one should strive to maintain patient privacy.
Physical safeguards should include facility and building access controls, workstation use, mobile device use procedures, and hardware inventory controls. Access control should include a policy to tract anyone who has access to the PHI location and safeguards to prevent theft, access and tampering of stored PHI data. The use of both workstations and mobile devices must be addressed in respect to the protection of PHI data. Workstations should be protected from unauthorized people viewing the screen data and a plan for the use and access of PHI data while working at the workstation. The use of mobile devices
* Managers must make sure that they comply with this act’s ten principles in regard to maintaining the standards for privacy. According
II. Organizational Security Plan and Policya. Security Risks:1. Flood – Burlington, Iowa is located off of the Mississippi River and has flooded in the past. Preventative measures for flooding will include stored sandbags to be placed around the perimeter of the main office and keeping up with weather mandates for the Burlington area. 2. Power Outages – Regardless of the cause, power outages can occur at random times. A UPS device will be placed within the main office to prevent loss of power, during which an automated backup will be enabled.3. Intellectual Theft with Removable Storage - InavaSight holds the intellectual property rights of all information and data developed, viewed, obtained, performed, sent or received for and within the
Data that has been given or permitted to be taken from a certain organization must only be done so as long as the individual agrees to this. This should not be given out or sold without permission.
Although it is essential to be able have ready access to information and to share it when necessary, we must take steps to ensure that we protect confidential information because:
Privacy law – the Privacy Act 1988 regulatates the handling of private information about individuals
Some of the Personal Data we hold about you may be 'sensitive personal data ' within the meaning of the Data Protection Act 1998, for example, information about your gender or your date of birth.
It is obvious that the purpose of data protection is to protect personal information and the privacy of individuals through a regulatory protection regime. The regime governs both when and how organisations may keep and process private information or data. It provides organisations with obligations that must be complied with and grant data protection rights to individuals. As noted in the Computer Law & Security Review (2012), issues about privacy and data protection are being discussed broadly and are likely to receive more attention in the future.
Information in this digital age is very important and an imperative for the conduct of business and commerce; [ ] and today one of the most important result.[ ] The unauthorised access to information and databases and the constant and reckless methods information is shared and transmitted today has necessitated that databases and compilations should be protected. It was held in Feist Publications v. Rural Telephone Service Co.[ ] that compilations or databases cannot be a subject matter for copyright.[ ]