ICT Ethical Case: The Ethical And Non-ethical Issues (Essay Sample)

Essay Writing
[Student Name Here]
[Institution’s Name Here]
[Professor’s Name Here]
[Date Here]
Introduction (ICT Ethical Case)
While conducting a weekly meeting, our ICT manager (say Harry) reassigned one of my colleagues (say Steve), using an assignment list. Unfortunately, the list captured his confidential information including date of birth, government identification number, social security number and bank account details. This information was obtained through the company’s open network accessed through the enterprise management system. Furthermore, to Steve’s perception, everything was normal as he thought the management had access to his confidential information including bank account details.
The facts
The manager compromised Steve’s confidential information by accessing it through the open network. Although Harry may have accessed the information accidently, he should have never disclosed it in the meeting.
Moreover, given the current state of affairs, the company should implement procedures to prevent similar incidences in the future. For instance, only the relevant information (identification) should be available to the management. Moreover, financial information should be disclosed on a need to know basis and only to the finance department (Sampson & Makela, 2014).
The ethical and non-ethical issues
Privacy - the manager accessed Steve’s confidential information which should have been protected and only disclosed to the relevant parties i.e. Steve. Since there are no laws prohibiting access of information through open networks, the manager should have exercised his ethical duty to avail the relevant data without the confidential information.
Security- Since the management has access to the employee’s confidential information, their security is at risk because the information can fall to the wrong parties after gaining access to the management system (Gunarto, 2011).
Those affected
Two parties are directly affected, they are Steve and Harry. Steve’s confidential information was presented to the masses, this places him under threat which is a serious security violation. Therefore, in this scenario, Steve is the victim of the incidence.
Harry, on the other hand, is responsible for exposing Steve’s confidential data and therefore is responsible for the outcomes. Legally, there are no stipulations prohibiting Harry from accessing Steve’s information, however, his moral values should have stopped him from accessing the information. This outcome is common today where people access sensitive information just because they can (CMOD, 2008).
Ethical issues and implications
Privacy.
The legal framework always seems to trail technological innovation, today there are no laws that explicitly define employee’s information, including data like employee addresses, photos, social security numbers and dates of birth. However, such information should have clear cut guidelines including the very sensitive financial information. Failure to observe such policies or laws should lead severe consequences such as legal prosecution.
Security
Everyone has a right to feel safe and more importantly a right to protect their assets such as confidential information. These rights cannot be limited to a chosen few within the higher hierarchy of an organisation. Organisations like the one identified above should have proper measures to safeguard their systems
What can be done?
Containment is the answer to the current situation where the company should implement measures to prevent further damages from the data exposure. Furthermore, the organisation should implement appropriate measures to avoid a recurrence in the future.
Ethically, the management should adhere to proper moral values where they should serve as an extra layer of security in case the existing systems lack the necessary security infrastructure to protect the employee’s information (Deakin, 2015).
The options
This will include;
• Confidential information should be stored on secure servers that are only accessed by a few with the right authorization and authentication. Through this technique the organization will account for the data including those who access it.
• Secondly, the organization should review its existing service agreements, particularly those that deal with the employees and the vendors of the management system.
• Moreover, reviews can also be done on the internal practices to monitor the flow of operational activities.
• The organization could also implement a comprehensive p...