chapter 9 political and legal factors. learning objectives define what factors of the external...
TRANSCRIPT
Chapter 9
Political and legal factors
Learning objectives
• Define what factors of the external environment influence an organisation
• Explain how political systems and govt policy affect the organisation
• Identify the govt organisations that influence national and regional policy setting
• Explain the difference between data protection and data security
• Outline the main principles of data protection• Outline the potential risks to data held in the organisation
and possible counter measures• Briefly describe the different types of hazards commonly
found in the workplace• Outline the main features of H&S legislation• Identify who is responsible for compliance with legislation
POLITICAL/LEGAL FACTORS
POLITICALSYSTEMS LEGISLATION
DATAPROTECTION
HEALTH & SAFETY
Chapter Outline
PEST analysis
• Political / legal factors (taxation policy, govt stability, foreign trade regulations)
• Economic factors (interest rates, inflation, business cycles, unemployment, disposable income and energy availability, cost)
• Social / demographic factors (demographics, social mobility, income distribution, lifestyle changes, attitudes to work and leisure, levels of education and consumerism)
• Technological factors (new discoveries and development, govt and industry focus of technological effort, speed of technological transfer and rates of obsolescence)
Environmental analysis
• Political / legal factors (Ch. 9)
• Economic factors (Ch. 10)
• Social / demographic factors (Ch. 11)
• Technological factors (Ch. 11)
• Competitive factors (Ch. 12)
Political systems
• Complete set of• Institutions• Political organisations• Interest groups (e.g. trade unions,
lobby groups)• Relationships between those
institutions• Political norms and rules that
govern their functions (constitution, election law)
Political systems
• Firms have to take account of political systems at 3 levels:• Global (WTO, EU legislation)• National (national govt policy,
national legislation, govt depts)• Local (local govt depts, councils)
Government policy• Govt can influence firms though
legislation and govt policy decisions• E.g.
• Housing• Crime• Education• Defence• Healthcare• Energy• Environmental• Farming• Town planning• Domestic• Foreign
Legislation
• Organisations need to ensure that they comply with legislation
• Failures result in fines, closure, bad publicity a/o loss of customers
• Key areas:• Protecting employee rights• Protecting consumers• Protecting the environment • H&S• Data protection
• Most industries have specific legislation that must be complied with (e.g. food labeling in food industry)
Sources of legal authority
• Supra-national• UN resolutions• International Court of Justice• Other international agreements that apply to signatories• European Parliament• European Courts
• National• National Govt through Acts of Parliament• Senior Courts (House of Lords in UK, Supreme Court in
USA)• Other major courts
• Regional• Regional/federal Govt (Welch assembly in UK, State Govt
in USA)• Local councils can issue bye-laws in many countries
Data protection and security
• Data protection• Is concerned with protecting individuals against the
misuse of information about them held by organisations
• Necessary because of easy interrogation of large files, speed of response, cross-linked computer systems, etc.)
• Data security• Is concerned with keeping data safe from various
hazards that could destroy or compromise it• Includes physical (fire, flood) and human risks
(hacking, virus infection, fraud)
Main principles of data protection
• Personal data (PD) shall be obtained and processed fairly and lawfully
• PD shall be obtained for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with those purposes
• PD shall be adequate,, relevant and not excessive in relation to the purpose for which it is processed
• PD shall be accurate and kept up-to-date• PD should not be kept for longer than necessary• PD shall be processed in accordance with the rights of data
subjects• A data user is responsible for the security and protection of
data against unauthorised access, alternation, destruction, disclosure or accidental loss
UK Data Protection Act
• 7 rights of individuals with respect to information stored about them:1. Right of subject access2. Right to prevent processing likely to cause damage or
distress3. Right to prevent processing for the purposes of direct
marketing4. Rights in relation to automated decision making5. Right to take action for compensation for damages
caused by the data controller6. Right to take action to rectify, block, erase or destroy
personal data7. Right to request that the Commissioner assesses
whether any contravention of the Act has occurred
Data security
Potential threats Counter measures
Physical damage due to
Fire Flooding Terrorist acts Power failures Other
environmental factors (heat cold, humidity, dust)
Well documented fire procedures Staff training Provide fire extinguishers and
smoke/heat detectors, fire-doors Computer equipments might be located
in a segregated area in which AC and dust controls operate effectively
Back-up generators Off-site facilities to cater for the
possibility of total destruction of the in-house computer equipment
Off-site back-up copies of data files
Data security
Potential threats Counter measures
Human damage caused by human interference, such as unauthorised access resulting in theft, piracy, vandalism
Restricted access to computer room (PIN)
Closed circuit TV and security guards Hardware can be physically or
electronically tagged to sound an alarm if it is removed from the building
Hardware can be locked down
Data security
Potential threats Counter measures
Operational problems, such as program bugs and user operational errors
Thorough testing of new programs Strict operating procedures Adequate training of all staff
members
Data corruption, e.g. viruses, hackers
Anti-virus and firewall software Passwords and user number limits Off-site back-up copies of data files
Data theft, e.g. fraud, industrial espionage, loss of confidentiality
Data encryption techniques Passwords and user numbers Physical access controls
Health and safety in the workplace
• Health and safety hazards• Desks/chairs too near to doors• Unsafe electric plugs• Trailing wires, cables and leads• Torn carpets• Unlit or poorly lit corridors and stairs• Top-heavy filing cabinets• Untrained operators using machinery• Unmarked plate glass doors• Wet floors
• Health and safety legislation• Puts responsibility for H&S on BOTH the employer
and employee
Employer’s responsibilities
Employer has the duty to provide:
• Safe ways in and out of the place of work • Safe working environment• Safe equipment and procedures• Arrangements for the safe use, handling, storage and
transport of articles and substances• Adequate information, instruction, training and
supervision• Adequate investigation of accidents
Employee’s responsibilities
Employee has a duty to:
• Be responsible for his/her own H&S• Consider the H&S of other people who may be
affected by his/her actions• Cooperate with anyone carrying out duties under the
Act (incl. employer)
Reducing the frequency and severity of accidents
Develop safety consciousness among staff Develop effective consultative participation Give adequate instruction in safety rules and
measures Materials handling should be minimised Implement in full the code of practice for the
industry Safety inspections should be carried out regularly
Breach of H&S provisions
• If employers do not ensure safe and healthy working conditions for their employees they may be in breach of a common law or statutory duty enabling the employee to make a civil claim against them.
• Alternatively, they may be guilty of a criminal offence and be open to prosecution.
• If employees have been injured at work they may have an action against their employer for damages.
Employment protection
Much legislation in the UK has been aimed at the idea of employee protection, and thus, all forms of termination of employment must be treated with great care.
Several forms of termination of employment exist such as: Retirement Resignation Dismissal Wrongful dismissal Unfair dismissal Disciplinary procedure Redundancy
POLITICAL/LEGAL FACTORS
Part of PESTL analysisPolitical systems and govt policy
DATAPROTECTION &
SECURITY
HEALTH & SAFETY
Chapter summary
Data protection
Preventing misuse of data
Data security
Preventing loss/damage to data
H&S at work legislation
Responsibilities of employers and employees