information systems unit 3. information, laws and ethics demonstrate an understanding of the issues...
TRANSCRIPT
Information SystemsUnit 3
Information, Laws and EthicsInformation, Laws and Ethics
Demonstrate an understanding of the Demonstrate an understanding of the issues related to use of informationissues related to use of information
explain the issues related to the use of information (P3)
Assess how issues related to the use of information affect an organisation (M2)
Legal issues, Ethical issues
Legal IssuesLegal Issues
There are many laws that affect the use of information.
Three of these are the:
Data Protection Act 1998 Freedom of Information Act 2000 Computer Misuse Act 1990
Data Protection ActData Protection Act
Data Protection Act 1998
The Data Protection Act 1998 provides a framework to ensure that personal information is handled properly.
It also gives individuals the right to know what information is held about them.
Data Protection ActData Protection Act
The Act works in two ways1. Anyone who processes personal information must register
with the DPA registrar and comply with eight principles.These make sure that personal information is:
fairly and lawfully processed processed for limited purposes adequate, relevant and not excessive accurate and up to date not kept for longer than is necessary processed in line with your rights secure not transferred to other countries without adequate protection.
Data Protection ActData Protection Act
2. The Act also provides individuals with important rights.
These include the right to find out what personal information is held on computerand
most paper records
Freedom of Information ActFreedom of Information Act
The Freedom of Information Act 2000 access to official information gives individuals or organisations the right to ask for
information from any public authority, including central and local
government, the police, the NHS and colleges and schools.
20 days to provide the information refuse if the information is exempt:
eg if releasing the information could interfere with national security or damage commercial interests
Computer Misuse ActComputer Misuse Act The Computer Misuse Act 1990 details three offences:
unauthorised access to any computer program or data most common form of this is using someone else’s user ID and password
unauthorised access with intent to commit a serious crime unauthorised modification of computer contents
impairing the operation of a computer, a program or the reliability of data
preventing access to any program or data Examples of this are the introduction of a virus, modifying or
destroying another user’s files or changing financial or administrative data
Some minor changes to tighten up this Act were introduced as a small part of the Police and Justice Act 2006.
This made unauthorised acts with intent to impair the operation of a computer illegal
Work on your AssignmentWork on your Assignment
You must now start to look at the scenario provided You must now start to look at the scenario provided at the start of this unit and apply it to the tasksat the start of this unit and apply it to the tasks
Work on the relevant sections for the assignment P3 Work on the relevant sections for the assignment P3 & M2& M2
Follow the assignment writing frameFollow the assignment writing frame
Main Heading (heading size 1)Main Heading (heading size 1) - Legal, Ethical and Operational Issues [P3, - Legal, Ethical and Operational Issues [P3, M2]M2]
Heading (heading size 2)Heading (heading size 2) – – Legal IssuesLegal IssuesSub Heading (heading size 3) – Sub Heading (heading size 3) – Data Protection Act 1998Data Protection Act 1998
Sub Heading (heading size 3) – Sub Heading (heading size 3) – Freedom of Information Act 2000Freedom of Information Act 2000Sub Heading (heading size 3) – Sub Heading (heading size 3) – Computer Misuse Act 1990Computer Misuse Act 1990
BREAKTIMEBack at 14:45
DO NOT BE LATE
Ethical IssuesEthical IssuesCodes of PracticeCodes of Practice
Codes of Practice Many organisations will have a code of practice
Clear states what uses can be made of their computing facilities
main uses of computing facilities will be to support the purpose of the organisation
code of practice often defines the extent to which private use of the computer system is permitted Examples of items included in a code of practice
are: Use of email Use of the internet Whistle blowing
Ethical IssuesEthical IssuesCodes of Practice - Use of EmailCodes of Practice - Use of Email
Threatening or harassment banned
Spamming or unsolicited email banned
Limited use for personal email sometimes allowed
However, this is dependant on the organisation and the level of security within it All outside contact via electronic methods may not
be allowed
Ethical IssuesEthical IssuesCodes of Practice - Use of the InternetCodes of Practice - Use of the Internet
Inappropriate websites
Eg gambling Banned – code of practice and filtering
software
Personal use can be allowed – code of conduct
Ethical IssuesEthical IssuesCodes of Practice - Use of the InternetCodes of Practice - Use of the Internet
Inappropriate websites
Posting to websites banned unless own organisational server
where restrictions apply
Whistle blowing Computer users who identify others misuse
are protected – code of practice IT Administrators usually first to detect
misuse
Ethical IssuesEthical IssuesOrganisational PoliciesOrganisational Policies
An organisation’s policies may have a significant effect on how it treats information
operates on a need-to-know basis is likely to impose policies restricting access to information
For example, it may keep its databases, files and email servers in a secure central data centre
IT security and data centre staff may put in place tight controls on who can access or update this data
Ethical IssuesEthical IssuesOrganisational PoliciesOrganisational Policies
A decentralised organisation with decentralised computing is also likely to restrict access to information
security restrictions could include: Access to files, databases or email
limited or no direct connectivity between the organisation’s computers
This could unintentionally prevent staff at one location accessing information held at another location, even though they may need access
Work on your AssignmentWork on your Assignment
You must now start to look at the scenario provided at the start of this
unit and apply it to the tasks
Work on the relevant sections for the assignment P3 & M2
SummarySummary Today you haveToday you have
Demonstrated an understanding of the issues Demonstrated an understanding of the issues related to use of informationrelated to use of information
You have done this byYou have done this by
explaining the legal and ethical issues related to the explaining the legal and ethical issues related to the use of information (P3)use of information (P3)
assessing how legal and ethical issues related to the assessing how legal and ethical issues related to the use of information affect an organisation (M2) use of information affect an organisation (M2)