Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
professional mail, with a more insightful series of policies put in place to define acceptable use of e-mail and communications systems (Breaux, Anton, 2008).
Clearly, being able to guard against personal data of employees being accessed, sold or used in any way needs to have even more stringent rules associated with it (Breaux, Anton, 2008). The fact that so many companies today have their employee database compromised and then selectively sold off to telemarketers, it is clear that higher penalties need to be put into place for it professionals who either have lax security in place to allow this to happen, or unfortunately make the terrible mistake of thinking this is a way to make extra cash. As has been seen from the cases of overt theft of employee data, it has not been motivation by retribution but by the need for finds.
Conclusion
To fully discourage the sale of employee data and protect the privacy of data for citizens, the penalties...
There also needs to be a mandatory jail sentence of ten years for this type of crime. As the theft of employee data continues to increase at an exponential rate (Patel, 2009) clearly more effective laws than are in place are needed to make penalties for this so high that they serve as a useful deterrent to this practice.
References
Breaux, T., & Anton, a.. (2008). Analyzing Regulatory Rules for Privacy and Security Requirements. IEEE Transactions on Software Engineering, 34(1), 5-20.
Doss, Erini, & Loui, Michael C. (1995). Ethics and the privacy of electronic mail. Information Society, 11(3), 223.
Lautsch, John C.. (1985). Information Privacy and the MIS Manager. The Journal of Information Systems Management, 2(2), 79.
Patel, M.. (2009). The Threat from Within. Risk Management, 56(5), 8-9.
Protecting Personal Information When considering the ever-changing and highly competitive global landscape of business today, large firms must be able to effectively globalize their operations in order to reach a greater potential client base, stay at the cutting edge of their respective fields and sustain profitability in the long-term. With the current exponential growth of technology and computerization of business and learning, consumers have become much more connected to the
Identity theft is a kind of theft that involves someone stealing the identity of someone else by assuming that person's identity (Lai, Li, & Hsieh, 2012). This is usually a method of gaining access to the person's resources like credit cards and other things in the person's name. This is considered a white-collar crime and it has gained popularity amongst criminals. According to statistics, each year hundreds of thousands of
Personally Identifiable Information is any information that pertains directly to an individual's identity, such as SSN, birthdate, etc., and any information that can be linked to an individual, such as health records, education records, IP address, etc. (McCallister, Grance, Scarfone, 2010). When it comes to ethically protecting the PII of clients and workers in organizations, information technology and information systems must be engaged in order to ensure that cyber security
This is sensitive information that should be securely stored. The records contain confidential information that could be used in identity theft. The records should be securely stored either in soft copy or hard copy. Only authorized personnel should have access to these records. Audit trails should be installed to keep track of the personnel who access the records. The authorized personnel should be analyzed and background checks conducted. Strict
Security Standards & Least Privilege Security Standards and Legislative Mandates Industries are required by law to follow regulations to protect the privacy of information, do risk assessments, and set policies for internal control measures. Among these polices are: SOX, HIPAA, PCI DSS, and GLBA. Each of these regulations implements internal control of personal information for different industries. Where GLBA is for the way information is shared, all of them are for the
The responsibility to seek out and use the most appropriate form of protection for a particular system lies with its user. If a user does not regard these duties with the appropriate seriousness, the consequences could be dire indeed. Another very threatening form of computer crime is the phishing scam. Phishing Phishing involves email from an apparently legitimate source such as a bank or other place of business that requires the user