Discuss the tradeoffs between security and privacy in Information System.
Chapter 3 Corporate and Individual Accountability: Ethical, Legal, and Social Issues Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Objectives (1 of 5) Explain the difference between ethical and legal Identify five reasons for an organization to promote a work environment where employees are encouraged to act ethically Outline a five-step ethical decision-making process Define the primary intent and two key elements of an effective code of ethics Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Objectives (2 of 5) Identify four benefits of following a professional code of ethics Summarize the differences between U.S. and EU fair information practices Identify three subject areas where measures have been taken to protect personal data Identify four measures you should take to protect your personal privacy Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Objectives (3 of 4) Discuss the tradeoffs between security and privacy Discuss how three U.S. federal statutes protect citizens from government surveillance while at the same time authorize the government to collect data Discuss how the First Amendment and anonymous expression safeguard our freedom of speech Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Objectives (4 of 5) Describe the impact of censorship on the operation of Internet service providers Identify measures taken to address defamation, hate speech, and pornography on the Internet Distinguish between a high-quality software system and safety-critical system Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Objectives (5 of 5) Give three reasons why developing a safety-critical system takes longer and is more expensive Identify two ethical dilemmas that software developers face when building high-quality or safety-critical systems Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Why Learn about Corporate and Individual Accountability? There are consequences of IS uses Key issues Avoid violations of privacy Balance security and privacy While collecting personal data Implement measures safeguarding freedom of speech Tradeoffs when developing information systems Between cost, time, and features Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. What Is Ethics? Ethics Set of principles about right and wrong Used to make choices guiding decisions Ethical behavior Conforms to generally accepted norms Factors affecting ethical behavior Age, cultural group, ethnic background, religion, life experiences, education, gender Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Ethical Versus Legal (1 of 2) Law System of rules Defines what we can and cannot do Legal acts Conform to the law Ethical acts Conform to what an individual believes to be the right thing to do Legal activity does not mean it is ethical Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Ethical Versus Legal (2 of 2) FIGURE 3.1 The Difference Between Acting Ethically and Acting Legally Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Fostering Corporate Social Responsibility and Good Business Ethics (1 of 3) Gaining the goodwill of the community Corporate social responsibility (CSR) goals Perform socially responsible activities Creating an organization that operates consistently Defines employee expectations Provides consistent company behavior Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Fostering Corporate Social Responsibility and Good Business Ethics (2 of 3) Fostering good business practices Good ethics leads to good business and improved profits Bad ethics leads to bad business results Protecting the organization and its employees from legal action Supreme Court ruling: respondeat superior Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Fostering Corporate Social Responsibility and Good Business Ethics (3 of 3) Avoiding unfavorable publicity Motivations to build a strong ethics program Stock value Consumer perception of products and services Degree of oversight from government agencies Support and cooperation from business partners Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Including Ethical Considerations in Decision Making (1 of 3) FIGURE 3.2 Five-step ethical decision-making process Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Including Ethical Considerations in Decision Making (2 of 3) Develop a problem statement Clear, concise description of the issue being addressed Identify alternatives Enlist the help of others if allowable Brainstorm Choose an alternative Evaluate alternatives based on criteria Weigh various laws, guidelines, and principles Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Including Ethical Considerations in Decision Making (3 of 3) Implement the decision Implement in an efficient, effective, and timely manner Communicate Transition plan must be defined Evaluate the results Determine if desired effect was achieved Observe its impact on the organization and stakeholders Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Professional Code of Ethics Professional code of ethics States the principles and core values that an organization wishes to develop in its leaders and members Primary intent is to define desired behavior Four key benefits Improve ethical decision making Set high standards of practice and ethical behavior Engender trust and respect from the general public Provide an evaluation benchmark No universal code of ethics for IS worker exists Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Information Systems and Privacy (1 of 3) Information system use requires balance Needs of those who use the information collected Rights and desires of the people whose information is being used Information about people Used to make decisions Used to target marketing efforts Used to serve customers better Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Information Systems and Privacy (2 of 3) Systems collect and store key data on every customer interaction Data collection by governments and businesses Causing objections by people Individuals have no power to control their own personal information Must balance the scales Combine new laws, technical solutions, and privacy policies Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Information Systems and Privacy (3 of 3) FIGURE 3.3 Governments and organizations gather a variety of data about people Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Measures Protecting Personal Data (1 of 5) Fair information practices Set of guidelines governing the collection and use of personal data General Data Protection Regulation (GDPR) Set of data privacy requirements Applies across the European Union including non-EU organizations Applies to organizations that process information of individuals in the European Union Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Measures Protecting Personal Data (2 of 5) Financial data Inadvertent loss carries a high risk of loss of privacy and potential financial loss Fair Credit Reporting Act Regulates credit-reporting bureaus regarding their collection, storage, and use of credit information Right to Financial Privacy Act Protects the records of financial institutions’ customers from unauthorized scrutiny by the federal government Fair and Accurate Credit Transactions Act Consumers can request and obtain free credit report Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Measures Protecting Personal Data (3 of 5) Health information Concerns over health data privacy erosion Health Insurance Portability and Accountability Act (HIPAA) Requires standardized electronic transactions, codes, and identifiers Enables fully digitized medical records Provides medical data exchange over the Internet Requires health care providers to obtain written consent from patients prior to disclosing any information in their medical records Stair/Reynolds, Principles of Information Systems, 14th Edition. © 2021 Cengage. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part. Measures Protecting Personal Data (4 of 5) Health information (continued) American Recovery and Reinvestment Act Title XIII Health Information Technology for Economic and Clinical Health Act (HITECH) Included strong privacy provisions for electronic health records (EHRs) Bans the sale of health information Promotes the use of audit trails and encryption Provides rights of access for patients Requires