Storage, communication and disposal of data and information
Organisational goals and information systems Mission statement defines organisation's purpose or what it is trying to achieve Organisational goals explain how an organisation intends to go about achieving its mission System goal explains the specific role of the information system in achieving the organisational goal and ultimately the companies mission Legal obligations of organisations and individuals Privacy Act 1998 Deals with 3 Main Areas: Safeguards relating to the collection and use of TFN by federal government agencies Protection of individuals private information stored by federal government departments Information about peoples credit-worthiness held by credit reporting agencies and credit providers Privacy Amendment (Private Sector) Act 2000 11 National Privacy Principles 0. Manner and purpose of collection of personal information 1. Solicitation of personal information from the individual concerned 2. Solicitation of personal information generally 3. Storage and security of personal information 4. Information relating to records kept by the record keeper 5. Access to records containing personal information 6. Alteration of records containing personal information 7. Record keeper to check accuracy etc of personal information before use 8. Personal information to be used only for relevant purposes 9. Limits on the use of personal information 10. Limits on the disclosure of personal information Information Privacy Act 2000 Victorian government policy outlining the privacy obligations of state government agencies and contractors working for the state government. Health Records Act 2001 Aim to protect patients medical information. Created separately to IPA as to cover both the public and private hospital sectors. Protects patients information to be used only for their primary purpose for which it was gathered. Copyright Act 1968 Intellectual property might be defined as any product of human thought that us unique and not self evident. The copyright act protects this property. There are allowances made for formats such as audio music where you are allowed to burn tracks to another cd for personal use and transfer them to mp3 players. Other formats are much more heavily restricted such as games and computer software where there may be multiple complex copyright issues with the design of a game. Penalties Most copyright infringements are dealt with as civil matters. When there has been commercial distribution of pirated material the case will be tried as a criminal matter. Civil matters will vary in the remedy awarded to the defendant. In criminal cases, fines may be imposed up to $60500 and or up to 5 years imprisonment. Ethics and information systems Ethics refers to behaving ways based on our morals. Key areas that affect employees, employers and clients or customers: The responsibilities of employers and employees to each other and clients Codes of conduct Company computer use policies Employee monitoring Free speech on the internet Steps to solving ethical dilemmas 11. Identify the problem 12. Identify the stakeholders 13. Identify possible alternatives 14. Identify ethical standards 15. Evaluate options 16. Make a decision Workplace responsibilities Between one another and customers or clients. Employer must pay staff for the work carried out and provide a suitable environment that work can take place. Organisation is expected to provide good quality products or high level service to customers. Codes of conduct and computer use polices Code of conduct is a set of conventional principles and expectations considered binding on any member of a particular group. Computer use policy should be in place by an organisation. This explains clearly to those using the equipment what management believes should and should not be done on the computers or peripherals. Employee Monitoring Managers often use monitoring systems to check what their employees are doing. This includes email checks for obscene language or attachments such as .exe or .jpg. Mangers also monitor the use of the Internet as many employees "misuse" the net for personal purposes. Netiquette Not posting to inappropriate groups Refraining from commercial advertising Personal messages to one or two individuals should not be posted to newsgroups When responding to posting, the minimum necessary context should be quoted Lines should be less than 70 characters long Before asking a question a user should read existing questions and the groups FAQ Threats to data and information What is security? Any measures that an organisation can take to minimise the potential loss of data by intentional or accidental threats. Intentional Damage Viruses Hacking/Cracking Tampering with files Information theft Vandalism of hardware Theft of hardware Accidental Damage User error Failure to follow file management procedures Equipment failure/damage Consequences of violating security and privacy measures Consequences include but are not limited to: Breaches of privacy Loss of intellectual property Loss of income due to unavailability of information or services