In given scenario is about an ABC Healthcare company which is a startup company with 50 employees working with it. The healthcare company has a data server which has copies of the health records of the patient, personal identifiable data, forms, company financial, bills of the patient and the record of the company. But there is no security process of the data server.
There is no proper guideline and policies for the employees of the company. The network setup is done by different sellers every time and the employee uses the default username and passwords for their login. There is wireless network for the staffs using wireless laptops. The wireless access points that are used by the staffs are also used by the clients of the company. There is no such secure network in the company. Some of the staff members also uses their personal laptops or systems by connecting them to the network and access their personal mail id and uses the network for their personal web browsing. The company has a printer which is used by the employee of the company and all the unused photocopies are piled next to the printer. The unused photocopies are kept in a much unorganized way. The office of the administration sits in a cubicle structure. They have an issue of over hear each other during the work day.
The Information Technology Act 2000 or any enactment does not depict or specify the term Cyber Crime (Taylor, Fritsch & Liederbach, 2014). It can be all inclusive considered as dull face of innovation. The main distinction between a cyber crime and traditional crime is that cyber crime includes crimes that are related to computers.
Ethics are a basic and fundamental piece of health care (Platt, Kass & McGraw, 2014). A typical ethical code for everyone engaged with medicinal services is conceivably significant and is to be invited, but limitations and role of such codes are to be recognized.
Certain ethical issue arises from particular ethical codes (Michels, 2014). In contrast with the activities of the managing some specific codes are to be portrayed that changes the moral condition for the transportation of social insurance and reflects its general characteristics and approach. To endeavor such type of ethical code, it is to make parts of personal care as a target or make incentive different from the circumstances that are useful: it is an idea to work with single duty that is regarded as moral practices (Goodman, 2016). Ethical codes do not give a clear idea about making of moral judgments or gives a strong legitimization that makes those judgments, consider good judgments on them.
An ethical code gives structure and shape to the ethical condition and also compresses the moral position leaving out moral obligation that is related to individual professional. The factors that are considered are individual issues and individual variety (Quinn, 2014). An ethical code gives an encouragement to discourse the moral issues in difficult cases, and importantly and set up moral positions and contended, which gives more extensive and gives more good results. A moral code also can give moral states of mind which are shared by the social insurance workers, and it is very powerful and important.
Unethical behaviors-There is four basic principles that form the basis of moral thought in healthcare:
Respect the poise and uniqueness of all the individuals,
– Protect security of patients
– Treat all you experience with respect
– Patients, their relatives, colleagues
– Preserve self pride and dignity
– Find out at which point the security of the patient is in danger
– Protected situation are promoted in both mental and physical ways
– Keep a look on the safety of the environment.
– Improve conditions that are unsafe
– Confront and report hazardous practices and blunders
– Promote advantage by helping and empowering ways that helps to advance making, for example, ambulation for post operation and breathing profound, and measures the pervented mischief, for example, exchanging of patients in danger for weight injury (Charki, Josserand & Boukef, 2017). These kinds of measures are particularly requested to be made at particular provisional.
Extend level with deference and graciousness of people that are experience. When treated in an impolitely way, reacting in way that tends to the conduct without the regarding of other individual.
Representatives may handle organization of the system to take part in dishonest conduct. For instance, representative may not use the Internet for personal reasons convey an unethical act using the web for shopping purpose (Stylianou et al., 2013). Improper surfing of internet leads to issues that are related to ethics of the company.
Exploitative conduct takes an initiative to incorporate “taking” time from an organization, as the organization has to pay the workers and does not get profit by them (Tarr, 2017). Time that are spent on Internet surfing that are careless, time abuse can contains of widening breaks past by dispensed time.
A representative could advise unscrupulous conduct by annoying colleagues sexually. This includes making bad remarks, making undesirable unwanted gestures or touching improperly (Korpela, 2015). Distressing ordinarily includes undertaking to threaten an associate by making delivering bad remarks about an employee.
Some of the untrustworthy demonstrations can be unlawful. For example, a worker who works on approaches an organization’s financial records, bookkeeper or clerk or steal reserves of organization (Botha, Eloff & Grobler. 2016). A worker approaching documents that are not valid, for example, a HR agent could be fraud and utilize other representatives’ (SSN) Social Security Numbers to attack ledgers or unfaithfully (Hovav & Gray, 2015). For example the 2001 Enron embarrassment, top organization administrators utilized drawing of practices that are related to book keeping to control the stock of the organization cost for their own benefit for the of money.
The security and innovation consistence were altogether not addressed. Law offices probably holds the significant data—that is from private and public sectors that includes financial data, Personally Identifiable Information (PII), Protected Health Information (PHI), Patent Information (IP) and different licensed innovation. Associations rely upon law offices to help shield them from lawful difficulties, keep away from encroachments, and remain in consistence with administrative prerequisites (Rodin, 2015). To do the work effectively, customers must impart touchy and exclusive data to their legitimate advice. Large portions of the connections come over years, even decades, of private exchanges and undertakings (Clark, 2016). As the legitimate business changes that is moderately not regulated to come under various arrangements of rules, law offices are being tested by their customers to demonstrate they have precisely conveyed procedures and innovation to secure information and meet administrative prerequisites (Ndifon, Edwards & Halawi, 2016). Law offices are seeing their agreements incorporate the privilege to acquire consistence data.
The consequences that come from the non-compliance and the consecutive penalties that come from them are as follows:
|
Using of only the computers, computer files and accounts for which the employee has an authorization. |
|
Using of other’s account or knowing their passwords without the concern of that employee is totally illegal. |
|
Using of all the resources given to the employee is the responsibility of the employee to use them properly. The resources include the system they are provided with, software and hardware and the address network port they are provided with (Ndifon, Edwards & Halawi, 2015). The network of the Brown University can be accessed only by the users of the University that are valid and can be used only with their own resources. No other resources can be connected to their own network. |
|
The university has its license agreements and contractual giving a respect to certain third party resources; an employee of the university is to agree with all the terms and conditions of the university. |
|
It is the duty of the employee to protect their system with secure user id and passwords. The configuration of the system should be done in a way so that the unauthorized user may not get access to them and keeps the network secure. |
|
The restricted portions of the network should not be tried to access (Miller et al., 2015). An operating system, software that contains security or other applications that are used for administrative purpose should not be accessed without the concern of the admin. |
|
For any particular guidelines and resource, an employee must know the guidelines and policies of the company. |
|
Utilization of Brown registering as well as system assets in addition with the execution of programming, forms, projects or robotized charges that are exchanged based which are proposed to disturb (or that could sensibly be relied upon to upset) other PC or system clients, or harm or corrupt execution, programming or equipment parts of a framework. |
|
On Brown system as well as processing frameworks, utilization of apparatuses that are ordinarily used to evaluate security or to assault PC frameworks or systems (e.g., secret word “saltines,” powerlessness scanners, arrange sniffers, and so forth.) should not be done unless there have been particularly approved to do as such by the CIS Information Security Group. |
|
Privileges of infringement of any organization or individual that is ensured by a copyright, competitive innovation, other protected innovation or patent, or comparative direction or laws are not at all authorized that is used by the company. |
|
Unapproved repetition of material that are copyrighted including, but not restricted to conveyance and digitization of photos from books, magazines and other sources of copyright, copyrighted music, and the establishment of any programming taken from other copies for which or the client does not have a direct permit is totally not allowed. |
|
Taking the information, record or any such material from the server other than business purpose is totally banned by the organization. |
|
Sending out specialized data, programming, encryption innovation or programming imposing upon universal or control laws that are local fare, is very illegal (Hoyt, R. E., & Yoshihashi, 2014). |
|
Presentation of programs those are malicious into the server or system (e.g., worms, infections, email bombs , Trojan stallions and so forth.) by Wellpoint Inc. Group. |
|
Revealing the password to other clients and giving permission to access those accounts are illegal. This is mainly done at home or other places other than work when it is taken for work from home. |
|
Utilizing of figuring resource for participating in securing or material transmission that is infringing upon the behavior that is inappropriate or working in a laws unfriendly environment in the preview of other employees. |
|
Making the record false that belongs to the organization or related to any organization. |
|
Making explanations about suggested or guarantee, unless the employee complains about that particular thing. |
|
Affecting security disturbances or breaks of system they are corresponded. For reasons for this area, “interruption” organized, yet not restricted to arrange, pinged surges, sniffing, bundle irony, manufactured directing data for malevolent purposes and rejection of administration. |
|
Port filtering or security examining is explicitly disallowed unless the company makes its earlier notice. |
|
System observing that executes which will block data that is not given for the representative’s host, unless the action is a piece of the worker’s simple obligation or occupation. |
|
Verification or security of any host, record or system. |
|
Presenting honeynets, honeypots or same kind of technology on the company network is prohibited. |
|
Using of other’s passwords and host for personal use without their concern (for instance, disavowal of administration assault). |
|
Giving data about, or arrangements of, workers to parties outside the company is restricted. |
The codes of ethics that are followed by various companies are
The professionals of the administration department should go about as a confided in specialist in proficient relations, actualizing duties in the most capable way and practicing information and ability to advance the interests of the prompt and corporate boss (Zuiderwijk, Janssen & Dwivedi, 2015). The quick business should be thought to be the individual or people who, by a set up and foreordained game plan, get straightforwardly the tons of the authoritative expert.
The administrative managerial expert might endeavor to keep up and upgrade the nobility, status, skill, and principles of the calling and its specialists (Bretschneider & Parker, 2016). The regulatory expert, while applying for or being recorded for work, might not make misrepresented, deluding, or false claims concerning preparing or capabilities.
The administrative expert should demand that judgments concerning proceeded with business, pay, and advancement be founded on proficient information, capacity, experience, and execution. The regulatory expert should endeavor to enhance working conditions and to guarantee measure up to business openings inside the calling and all through the association by which utilized.
The professional of the administration impart to every single concerned resident a commitment to advance the general welfare and security, has an exceptional commitment to participate with and advance the interests of other associated callings and to practice specific worry for those straightforwardly influenced by the activities of bosses served.
References:
Botha, J., Eloff, M., & Grobler, M. (2016, September). Ethical and legal issues involved in the pro-active collection of personal information with the aim of reducing online disclosure. In IFIP International Conference on Human Choice and Computers (pp. 72-85). Springer International Publishing.
Bretschneider, S., & Parker, M. (2016). Organization formalization, sector and social media: Does increased standardization of policy broaden and deepen social media use in organizations?. Government Information Quarterly, 33(4), 614-628.
Charki, M. H., Josserand, E., & Boukef, N. (2017). The paradoxical effects of legal intervention over unethical information technology use: A rational choice theory perspective. The Journal of Strategic Information Systems, 26(1), 58-76.
Clark, B. W. (2016). The Effectiveness of a Compliance Strategy to Improve Information Security in the US Healthcare Sector (Doctoral dissertation, Utica College).
Faucher, C., Jackson, M., & Cassidy, W. (2015). When online exchanges byte: An examination of the policy environment governing cyberbullying at the university level. The Canadian Journal of Higher Education, 45(1), 102.
Goodman, K. W. (2016). Ethics, medicine, and information technology: intelligent machines and the transformation of health care. Cambridge University Press.
Hovav, A., & Gray, P. (2014). The Ripple Effect of an Information Security Breach Event: A Stakeholder Analysis. CAIS, 34, 50.
Hoyt, R. E., & Yoshihashi, A. K. (2014). Health informatics: practical guide for healthcare and information technology professionals. Lulu. com.
Korpela, K. (2015). Improving cyber security awareness and training programs with data analytics. Information Security Journal: A Global Perspective, 24(1-3), 72-77.
Michels, D. L. (2014). AJ-2PROTECTION OF PERSONAL HEALTH INFORMATION AND ETHICS OF HEALTH INFORMATION TECHNOLOGY IN THE US. Annals of Oncology, 25(suppl 5), v5-v5.
Miller, A., Moon, B., Anders, S., Walden, R., Brown, S., & Montella, D. (2015). Integrating computerized clinical decision support systems into clinical work: a meta-synthesis of qualitative research. International journal of medical informatics, 84(12), 1009-1018.
Ndifon, L., Edwards, J. E., & Halawi, L. (2016). Impact of Electronic Health Records On Patient Outcomes. Issues in Information Systems, 17(4), 187.
Pipyros, K., Mitrou, L., Gritzalis, D., & Apostolopoulos, T. (2016). Cyberoperations and International Humanitarian Law: A review of obstacles in applying International Law rules in Cyber Warfare. Information & Computer Security, 24(1), 38-52.
Platt, R., Kass, N. E., & McGraw, D. (2014). Ethics, regulation, and comparative effectiveness research: time for a change. Jama, 311(15), 1497-1498.
Quinn, M. J. (2014). Ethics for the information age. Pearson.
Rodin, D. N. (2015). The cybersecurity partnership: A proposal for cyberthreat information sharing between contractors and the federal government. Public Contract Law Journal, 44(3), 505.
Stylianou, A. C., Winter, S., Niu, Y., Giacalone, R. A., & Campbell, M. (2013). Understanding the behavioral intention to report unethical information technology practices: The role of Machiavellianism, gender, and computer expertise. Journal of business ethics, 117(2), 333-343.
Tarr, M. (2017). Law Firm Cybersecurity: The State of Preventative and Remedial Regulation Governing Data Breaches in the Legal Profession. Duke L. & Tech. Rev., 15, 234-327.
Taylor, R. W., Fritsch, E. J., & Liederbach, J. (2014). Digital crime and digital terrorism. Prentice Hall Press.
Zuiderwijk, A., Janssen, M., & Dwivedi, Y. K. (2015). Acceptance and use predictors of open data technologies: Drawing upon the unified theory of acceptance and use of technology. Government information quarterly, 32(4), 429-440.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
