Technology Impact Paper The increasing use of information technology inevitably leads to misunderstandings and violations of privacy of personal information, accuracy and quality information, to mention a few. The relevant and appropriate control should be developed and maintained during the work process. Lets illustrate it by the example of several cases where the controlling function of management should be applied. Example 1: John Manton wanted to receive a loan. In order to apply for the loan, he had to fill down the application form as well as the bunch of other documents during one of his visits to the bank. The documents contained his personal financial information, such as name, telephone number, level of income, address, certain details about his assets, etc.
The loan was approved and he received a credit card issued by the bank. Soon a number of unaffiliated companies contacted him with various proposals (such as airlines, telemarketers, non-profit organizations, retailers, etc).
John Manton was surprised and found out that his financial institution shared his personal financial information with these organizations. The bank shared data with these unaffiliated companies in order to help them target new consumers who, probably, might be interested in their services and products. Such disclosure and improper use of personal and financial information was illegal. The controlling function should be applied in order to avoid data disclosure. Personal financial information should be properly protected by security measures appropriate to the sensitive nature of information.
The Essay on Information Technology security control
There are a number of Information Technology security controls. The three most common are: physical, technical, and administrative controls; however, many organizations break down administrative controls into two separate categories: procedural and legal controls. “Security controls are the means of enforcing security policies that reflect the organization’s business requirements, ...
Besides, there are several acts protecting financial privacy (such as the Gramm-Leach-Billey Act that went info effect July 1, 2001).
Under this act, the financial institution should tell its clients about possible outcomes (involving the type of information they collect as well as possible sharing with other organizations).
The financial institution should collect only data necessary for the fulfillment of their operations identified. Moreover, each financial organization should issue the privacy notice in order to help you decide whether you are comfortable with that information-sharing arrangement (FDIC n.p.).
The Gramm-Leach-Billey Act also requires that financial institutions describe how they will protect the confidentiality and security of information (FDIC n.p.).
Besides, the manager had to use both application and general control (that applies to all information systems and covers the processing of information within the application software) in order to avoid the improper use of personal financial information.
Example 2: The concept of information disclosure is very important. One of the fragrant disclosures took place in Japan. They found out that one of Japanese famous hospitals illegally posts personal information concerning the health of patients. The municipal Hachimone City Hospital in Hachinohe has posted the medical information of patients who received surgery for heart disease on its Web site since March 2001. The hospital posted information about 53 patients, including monitoring of their health conditions before and after medical treatments, data of anamnesis (including information of their diseases) and heart rontgenographs (Yomiuri Shimbun n.p.).
The hospital authorities claimed that information posted on the website was used in conferences and contained medical information which can identify a patient.
The Essay on Supervisory control and data acquisition
Supervisory control and data acquisition (SCADA) is a type of industrial control system (ICS). Industrial control systems are computer controlled systems that monitor and control industrial processes that exist in the physical world. SCADA systems historically distinguish themselves from other ICS systems by being large scale processes that can include multiple sites, and large distances. These ...
However, the workers of hospital didnt even try to obtain the consent from most of the patients. They stopped to post the medical data only in June 2004, after they had agreed that such actions were not correct from the point of patients privacy and concepts of disclosure. The legal representatives of Hachimone City Hospital didnt explain the reasons of disclosure but apologized to their patients. This case illustrates the information disclosure of patients medical data. The manager responsible for control had to apply controlling function to avoid information disclosure. Medical personnel (doctors and nurses) know that they dont have to disclose any information they received during treatment process.
Confidentiality, privacy of information and accuracy are the strongest and at the same time the weakest core tenets in medical practice. The doctor who treats patient communicates with him and the patient shares his personal information with the doctor. In such case the doctor knows additional information which was received as a result of patients trust. This medical data should be kept in a secret in accordance with non-disclosure statement. The manager in charge of the control functions should control privacy and respect patients rights and protect his medical data from others. Medical data in computer also can be the subject of unwilling disclosure, so the doctor manager in charge of the control functions should control confidentiality, password protecting, etc. He should also control that the doctors follow prescribed procedures for computer access and security as an added measure to protect patient information.
(Ethics in Medicine Confidentiality, 2005).
Definite precautions should be done in order to provide patient with confidentiality and non-disclosure. For example, some additional papers containing personal medical information regarding medical diagnosis, etc, which are used in conferences and contain medical information which can identify a patient, should be removed at the end of the conference immediately. Although these cases are quite different, both of them refer to lack of controlling function. The manager in charge of the control function should comply fully with all federal, state and local laws and regulations in the collection, storage, use and distribution of information. The manager is responsible for the efficiency and effectiveness of operations, reliability of reporting, and other components of the organizations management. He needs to design and implement proper control activities and mechanisms in order to provide reasonable assurance.
The Essay on Should The Governments Have The Right To Control Information Which Is Accessible To The Public
The issue about the governments right to control information which is accessible to has been widely debated. It is an imperative subject because it poses fundamental litigious questions which may affect the liberty of an individual in their community. Different arguments have been articulated concerning this issue. These include arguments in favor of favor of the status quo, others for the ...
Besides, he needs to monitor and evaluate the control.
Bibliography:
Confidentiality. ETHICS IN MEDICINEUniversity of Washington School of Medicine. Retrieved August 19, 2006, http://eduserv.hscer.washington.edu/bioethics/topi cs/confiden.html FDIC. Your Rights to Financial Privacy. Retrieved August 19, 2006. http://www.fdic.gov/consumers/privacy/yourrights/i ndex.html Yomiuri Shimbun Hospital posts data of patients on Web site, Japan.
22 Jun 2004. Retrieved August 19, 2006, http://www.medicalnewstoday.com/medicalnews.php?ne wsid=9797#.