Chapter 7 Summaries

Storage, communication and disposal of data and information

Organisational goals and information systems
Mission statement defines organisation's purpose or what it is trying to achieve
Organisational goals explain how an organisation intends to go about achieving its
mission
System goal explains the specific role of the information system in achieving the
organisational goal and ultimately the companies mission
Legal obligations of organisations and individuals
Privacy Act 1998
Deals with 3 Main Areas:
Safeguards relating to the collection and use of TFN by federal government agencies
Protection of individuals private information stored by federal government departments
Information about peoples credit-worthiness held by credit reporting agencies and credit
providers
Privacy Amendment (Private Sector) Act 2000
11 National Privacy Principles
0. Manner and purpose of collection of personal information
1. Solicitation of personal information from the individual concerned
2. Solicitation of personal information generally
3. Storage and security of personal information
4. Information relating to records kept by the record keeper
5. Access to records containing personal information
6. Alteration of records containing personal information
7. Record keeper to check accuracy etc of personal information before use
8. Personal information to be used only for relevant purposes
9. Limits on the use of personal information
10. Limits on the disclosure of personal information
Information Privacy Act 2000
Victorian government policy outlining the privacy obligations of state government agencies
and contractors working for the state government.
Health Records Act 2001
Aim to protect patients medical information. Created separately to IPA as to cover both the
public and private hospital sectors. Protects patients information to be used only for their
primary purpose for which it was gathered.
Copyright Act 1968
Intellectual property might be defined as any product of human thought that us unique and
not self evident. The copyright act protects this property.
There are allowances made for formats such as audio music where you are allowed to
burn tracks to another cd for personal use and transfer them to mp3 players.
Other formats are much more heavily restricted such as games and computer software
where there may be multiple complex copyright issues with the design of a game.
Penalties
Most copyright infringements are dealt with as civil matters. When there has been
commercial distribution of pirated material the case will be tried as a criminal matter.
Civil matters will vary in the remedy awarded to the defendant.
In criminal cases, fines may be imposed up to $60500 and or up to 5 years imprisonment.
Ethics and information systems
Ethics refers to behaving ways based on our morals.
Key areas that affect employees, employers and clients or customers:
The responsibilities of employers and employees to each other and clients
Codes of conduct
Company computer use policies
Employee monitoring
Free speech on the internet
Steps to solving ethical dilemmas
11. Identify the problem
12. Identify the stakeholders
13. Identify possible alternatives
14. Identify ethical standards
15. Evaluate options
16. Make a decision
Workplace responsibilities
Between one another and customers or clients. Employer must pay staff for the work
carried out and provide a suitable environment that work can take place.
Organisation is expected to provide good quality products or high level service to
customers.
Codes of conduct and computer use polices
Code of conduct is a set of conventional principles and expectations considered binding on
any member of a particular group.
Computer use policy should be in place by an organisation. This explains clearly to those
using the equipment what management believes should and should not be done on the
computers or peripherals.
Employee Monitoring
Managers often use monitoring systems to check what their employees are doing. This
includes email checks for obscene language or attachments such as .exe or .jpg.
Mangers also monitor the use of the Internet as many employees "misuse" the net for
personal purposes.
Netiquette
Not posting to inappropriate groups
Refraining from commercial advertising
Personal messages to one or two individuals should not be posted to newsgroups
When responding to posting, the minimum necessary context should be quoted
Lines should be less than 70 characters long
Before asking a question a user should read existing questions and the groups FAQ
Threats to data and information
What is security?
Any measures that an organisation can take to minimise the potential loss of data by
intentional or accidental threats.
Intentional Damage
Viruses
Hacking/Cracking
Tampering with files
Information theft
Vandalism of hardware
Theft of hardware
Accidental Damage
User error
Failure to follow file management procedures
Equipment failure/damage
Consequences of violating security and privacy measures
Consequences include but are not limited to:
Breaches of privacy
Loss of intellectual property
Loss of income due to unavailability of information or services