Protecting One S Personal Information Online

Personally Identifiable Information is any information that pertains directly to an individual's identity, such as SSN, birthdate, etc., and any information that can be linked to an individual, such as health records, education records, IP address, etc. (McCallister, Grance, Scarfone, 2010).

When it comes to ethically protecting the PII of clients and workers in organizations, information technology and information systems must be engaged in order to ensure that cyber security is a top concern especially in a digital era where information is power and where hacking accounts and firms is a probable threat no matter what one's business is.

The task of approaching PII from an ethical standpoint where regard for clients' and workers' personal information stored by the organization is one that factors into risk assessment and risk management guidelines used in order to create cyber security networks (Vacca, 2009). However, PII is something that may also be collected by firms via the Internet and used to gather information on consumers.

For instance, organizations that use websites can users cookies to track the online movements of Internet users to collect "big data" that can be utilized to draw a better understanding of the consumer's habits, interests, and how to market to him (Wambler, 2015). The question is: is this collection of data and storing of it whether on drives or in the cloud in line with a legal process, or is it violating an ethical code established by law? As McCallister et al.

(2010) observe, firms must obey the laws, guides, regulations and mandates that are given them when it comes to safeguarding PII. If for example, a firm wishes to sell PII to a company that wants to use it for marketing, the firm has the legal responsibility of telling clients that its information will be sold. However, it is not as clear cut as that makes it seem.

There are many laws and guidelines regarding PII and its collection and use, and some violations are prosecuted as civil cases and some as criminal cases. Understanding a firm's responsibility in the light of government regulations regarding PII is a sure way to enhance one's own organization and ensure that it is not violating any laws and is always acting responsibly and ethically about PII.

For example, by using a web audit system, a firm can monitor and keep track of user information, such as IP addresses, URLs, dates/times, and pages visited. This system would gather a great deal of linked PII, which would be accessed by system administrators. The information is not of primary concern and thus does not have a high confidentiality rating; therefore, resources are not geared towards maintaining this information as securely as information such as credit card information that is used in transaction processing web pages.

In this, issues of security are far more important because it relates to direct PII that can be hacked and utilized to steal from the accounts of persons. A firm engaging in transactions online would have an ethical responsibility to ensure that the PII of its users is secure. PII, in other words, is not just related to a person's bank account or health records, it is also related to his browsing activity online. One's habits and actions on sites is being monitored by firms for the purpose.