BTEC IT UNIT 3 P3 M2- Explain the issues related to the use of information

P3- Explain the issues related to the use of information

 

Legal Issues

Data Protection Act 1998– The data protection act applies to virtually all businesses. This act covers how personal information is used by different organisations which can be a private business or the government. The kind of information this covers can be names, addresses, photographs, card details and phone numbers. As a business your company Matlin insurance would be handling and storing a lot of personal information such as names, contact information, employment history, cars, addresses etc. Matlin insurance should follow these 8 principles to make sure they are following and not breaking the law. These are: information must be accurate, kept secure, not transferred outside E.U, used fairly and lawfully, kept no longer than you need it for, handled according to people’s data protection act, used for the right purposes and used in a relevant not excessive way.

This is an example of the business not following the data protection act. This big corporation failed to keep customers information secure as hackers targeted there databases. They were to blame because they are a multibillion corporation which failed to invest in good security measurements.

http://www.thedrum.com/news/2013/01/24/sony-fined-250k-over-serious-data-protection-act-breach
Another example of the data protection act breached is by a company called Torbay care trust. After 1,00+ employees sensitive information such as names, religion, sexuality was leaked and published, this cost the company the £175,000.

http://brianpennington.co.uk/2012/08/16/who-has-breached-the-data-protection-act-in-2012-find-the-complete-list-here/

 

How it can affect the company- If Matlin insurance got hacked or one of employees leaked the data they would be responsible for the information get stolen because they did not have good secuirty measuments in place, they would be breaking the law leading to a fine up to £500,000 which can affect the company the finicially and furthermore jail for the company managers.

  • Matlin Insurance will most likely share important data about customers with other insurance companies and the company might ask for data from other insurance companies however they cannot do this without the customer’s permission. A way businesses try to get around this when customers sign up for insurance whatever it may be in the terms and conditions there is normally a part saying you have gave them the rights to share your data for business purposes.
  • Matlin Insurance must also make sure the data from the customers is kept up to date whethere that may be electronic or paper based. If they do not do this it will affect the company itself such as if they wanted to find information about a specific customer and contact them but they have changed there contact number and it was not updated on the system the business is left in the blank.
  • On the up side if Matlin insurance handeled the information properly it can improve the businesses reputation, this may take many years but as long as they get no complaints against them they can gain full trust from the customers and even the employees.

 

 

 

Freedom of Information Act 2000– This act provides the public access to information held by authorities such as government, council, schools. Under this act anyone living in the world can make a request to get this information. The information has to be recorded such as documents, digital computer files, letters, emails, photographs, sound and video recordings. However if a person asked for their own personal information such as credit references it would not cover this. This act can affect businesses whether they may be of a public organisation or private, however private is less affected.

A business can have a form for people to request information. This is an example of one and normally all the details of the person has to be filled out accordingly and then retrieve information. This particular form is about retrieving information about accidents or injuries but there are other forms for businesses can have.

 

 

 

 

 

 

 

 

This article shows FOIA requests made from people. There are some major articles that got published and if the request was not made, people would never know about this information and a business could just hide it.

 

How it can affect the company- If a person makes a FOI request to Matlin Insurance they would have to reply to that request and give information regarding anything that fits in the critera. For example if a customer made a freedom of information request the company would have to reply within 20 days. You can provide the person making the request whether you hold the information they are hold any information within the request they made and if they do they have to provide that information, again if they asked for personal information you are not obliged to give it.

  • If Maltin Insurance did get a request and they held the wrong kind of information such as secrecy from there customers. The businesses reputation could be at stake leading to further losses such as customers, again if they did not respond to the request it would be just as bad. So they would have to make sure right from the begining they know what kind of information they need.
  • Again Matlin insurance would need need to train there staff on the FOI Requirments to make sure they do not give the wrong kind of information away or disrigard the request. As for affect this will cost the business time and money which could be a big difference between profit and loss of last weeks.
  • However Matlin Insurance can also use this for themselves to find out if any public authorities are holding information about your business such as reports, annual returns, planning procudures, proposed devolpments. Matlin could use this as an advantage and get ahead of there compitetors giving them a good affect.

 

Ethical Issues

Ethical Issues for a business would be different principals that people follow. This can affect people working for a business and how they make decisions. These decisions can be right (ethical) or wrong (Unethical). For a business to have a good standing they normally make sure ethical.

 

Use of internet- When working for a company most of the time you will use the internet whether it will be for research, contacting other businesses, etc. The company would want to make sure the employees are using the internet in the right ways making sure its work related and no other things such as social networking, gambling, etc. On the internet there are many websites that install viruses on the host’s computer and take the information so businesses have to be really careful. To avoid this many companies sign up with a proxy which also have certain filters on the network for what websites the employee can and cannot access, furthermore they can also have a firewall setup in place to make sure there are no incoming ports such as hackers.

This is an example of when an employee signs to a business’s contract. They would have to read this and obey it, otherwise there will be consequences for their actions. Most businesses will give this or similar agreement saying this the employee can and cannot do.

How it can affect the company– Matlin Insurance would have a code of conduct you have to sign up and follow when you became a part of the company. There normally a set of rules such as what websites you are allowed to use, the information you can share and what you can download from the internet under strict circumstances. Matlin Insurance would monitor their employees in the work place so they can protect their network and reputation as company.

  • For example if an employee from Matlin Insurance planted a virus on the network not only they would be breaching the code of practice but also the computer misuse act. Matlin Insurance would have to spend there time repairing the network costing the money and time which they could be doing more useful things.
  • Use of internet can have a big impact on company like Matlin Insurance if it is not used correctly. If a employee went onto the wrong websites and downloaded a virus such as a keylogger, the person who operates that keylogger can get important details the employee is typing into the computer such as bank or personal details, which will then lower the customers trust in the company. Even if Matlin decideds to fire that employee there reputation can still be runied as they could not control there employees which other companies would then use this as an disadvantage towards them.
  • Using the internet in the wrong ways whethere that may be managers or guests can have impact on the preformance and producivity of the business as it stops them from doing work. For example if any employee needed to produce 3 reports for different departments at the end of the week but was too busy gambling he would have nothing to hand so someone else would have to step in and waste more time.

 

Use of Email- Email is used widely throughout the business to communicate with a faster response time and less cost however often the codes of practice apply to this as well. Emails should be used ethically for the right reasons such as for work related, not unethically for the wrong reasons such as spam, inappropriate or personal use. When an employee signs up for a job under the use of internet, using the email system correctly will also apply to this.

This is another example but for Email Use Policy. If a business is heavy orientated around email software it will most likely have this to secure their policy in place. All employees should read this to obey the rules of the business to see what they can and cannot do. This document also shows the consequences of this.

 

 

 

 

 

 

 

 

 

 

How it can affect the company – Insurance Company like Matlin would send hundreds of email a day whether it is to contact other businesses or their customers.

  • This could affect Matlin Insurance if an employee decided to send emails with a virus attachments or unsutiable images, this would be unethically and the company reputation for long term would be ruined if anyone outside the organisation found out about this. This might mean new employees wouldn’t want this as there first choice as a job at the company which means they might not be able to get new staff to manage different departments
  • Matlin Insurance have to get tasks done throughout the day regulary and if spam emails break computer systems the employees work on. This will hault work which means less producivity so the business is on a standstill. This can impact customers as they might not get the help they require in time.
  • Spam emails can also be directed towards the customers especially by the employees, if there inbox is already flooded by the companies emails, this can also discourage them and maybe block the emails which means they might not get important notifcations from Matlin. However to try to prevent this the company would limit how many emails each employee can send so this can’t happen in the first place. Companies also monitor each employee’s inbox through filtering software.

 

 

Operational issues

Security of information- Whenever a business is holding information about a customer it must be kept secure whether this is paper or electronic based, this will also include temporary and deleted data. This is to make the data is not put into bad use such as being manipulated or unauthorised people accessing it. If the information is not kept secure sometimes the company can be to blame because they should have good parameters in place to stop information being leaked or stolen. For paper based information it can be stored easily in a cabinet with a lock on it however if the information is electronic it’s more vulnerable to getting stolen or lost.

A Business can setup a VPN Server in place so filter devices connected to the network, this also includes out coming and incoming connections. So anything that looks suspicious can get blocked. This is the overall diagram of the system should be setup, if its a small or big system.
If the business decided to store information paper based. They would need cabinets that can old information and can be drilled to the wall so it can be physically stolen. Also most cabinets should come with a key and stored in a safe place from unauthorized access.

How it can affect the company- For Matlin Insurance if information is not kept properly secure there can be different consequences. Sometimes if information is not kept securely and customers find out there information is vulnerable you can lose your customers and your reputation can also get damaged, for example customers might not get insurance from Matlin because of past events.

  • For reasonable precautions the network can have a firewall and filters to stop people from intruding into the network and from hacking into the computer systems. A firewall is easy to setup for a business as most Windows Based computers and servers can Firewalls built in.
  • Extra precautions could be encrypting all the documents and with passwords for limiting access to who can view this information so it’s only kept within a certain amount of people. Microsoft Word has the feature and other zip extractors.
  • Another precaution Matlin Insurance can make is making sure the physical servers that store the important data is fully secured. This can be done with locks on doors so no one can access the server rooms and even alarms if intruders do manage to break in everyone will be on alert. For more safety and security they can install CCTV Cameras around the premises to capture people going in and out of the Rooms if there is any suspicious activity they can report it to the police.
  • The best way to secure the information is by backing up the information into different severs or cloud so even if the information isn’t secure they still have backups of them for security reasons.
  • Matlin Insurance should also have controlled access to monitor who can go in and out of the sever rooms. This will lower the risk of anyone intruding into these rooms. The best way a company can do this is to have a swipe card system in place with only major technicians allowed to enter and anyone else that is important such as managers.
  • For paper based information after the documents are no longer relevant and the company threw away important finical information in the recycling bin this could be read by other people potentially working for companies stealing this information and putting it into bad use. So companies must make sure these documents are shredding them before throwing it away.

 

Backups- Companies store a lot of information and if this is lost due to corruption or hard drives being erased most of the time there is no way to get this data back. It is vital that companies back this information in another place usually far away from the original source. This can be done in different ways for example if the information is paper based they can make a backup by scanning the work via a scanner and storing it electronically. However it is already electronic they can back up the information on a different server.

This is what a business’s backup schedule should look like, they should have it scheduled automatically whether it be week, month or every day and they can also set the backup at specific time. All this would be done through a software like this example shows.

 

 

 

 

 

 

 

 

A business backup would look similar to something like this were the information would be collected from the clients PC’s which would be the employees and stored on a server. The backups would be stored in 2 places, one which would be local hopefully within the business and one offsite which would be in a complete different place.

 

How it can affect the company- Matlin Insurance should make regular backups of their information every week to prevent the information getting lost if the network failed or the servers went done.

  • For Matlin Insurance I would be best for them to do an offsite backup because there such as large company. They would want a place which would be fire and water proof in case any hazards do occur. Even though this does cost more an offsite backup would be more effective
  • If Matlin Insurance did not backup the information up they might have to ask all the customers for the information again which they would not be happy about, the company would also have then breached the data protection act as they did not keep the information secure or at least take reasonable precautions. This might then cost the company money and time rather than just making a simple backup which would not take long at all.
  • For Matlin Insurance this will have a long term affect because if they did lose the information it would be harder to retrieve it back and even then they might not fully recover from the disaster. From this there reputation might also be ruined losing them customers because these customers are afraid that it could happen again as there not a trusted company anymore.
  • Matlin Insurance should get an employee to organise and do this every week to make sure it is done correctly such as when the information is being backed up, where it is being backed up and what kind of information needs backing up. All of these steps should be taken into consideration before the backup is taken place. Also most backups tell you when you have last backed up and can further set a schedule for every so often.

 

Standard

Leave a comment