Contents
Introduction of the organisation What is legal issues……………………………………………………………………………………..2 Privacy Act 1974…………………………………………………………………………………………..3 Data protection Act 1998……………………………………………………………………………..4 Computer misused Act 1990…………………………………………………………………………5 Freedom of information Act 2000…………………………………………………………………6 Ethical Issues ………………………………………………………………………………………………..7 Whistle blowing…………………………………………………………………………………………….8 Organisational policies and code of practice………………………………………………….9 Information ownership…………………………………………………………………………………..10 Human right Act………………………………………………………………………………………………11 To make sure that information is managed appropriately, a number of policies and procedures have to be put in place as listed below. Security of Information………………………………………………………………………………….12 Back-ups copies…………………………………………………………………………………………….13 Health and Safety………………………………………………………………………………………….14 Organisational Policies…………………………………………………………………………………..15 Business Continuance Plans…………………………………………………………………………..16 Cost/ increasing sophistication………………………………………………………………………17
Barnet and Southgate College is a further education college in North London, England in the United Kingdom. It has three main campuses and two other learning centres in the London Borough of Barnet and the London Borough of Enfield, and is a member of the 157 Group of colleges.
“One college many successes” In this assessment I will explaining the legal and ethical issues in relation to the use of business information at Barnet&Southgate College, as I already shows in my first unit the different type of business information and there purposes. Firstly what is legal and ethical issues of business information? Legal issues of business information? Legal issues are different type of business legislation (law) that protect the use of consumer’s information. Like date of birth address bank details this need to be protected from hackers and other also for some other reasons.
Privacy Act 1974: “establishes a code of fair information practices that governs the collection, maintenance, use, and dissemination of information about individuals that is maintained in systems of records by businesses.” This is refers to the laws that deals with the regulation of personal information about individuals which can be collected by governments and private organizations how they use it and store that information from hacker. Barnet&Southgate college don’t have the right to give student/staff information to anyone expect is a matter of emergence or crime
•
Data Protection Act 1998: “Data may only be used for the specific purposes for which it was collected.”
This is to give protection and lay down rules about how data about people can be used. The 1998 Act covers information or data stored on computer or an organised paper filling system about customer or business, it is there to maintain privacy and integrity of people giving their data to businesses. Barnet and Southgate College is required by law to comply with the Data Protection Act, 1998. This is also how the college controls the use of student and staff personal information is used. Below is Barnet&Southgate college Data protection Act. Be obtained and processed fairly and lawfully and shall not be processed unless certain conditions are met;
Be obtained for a specified and lawful purpose and shall not be processed in any manner incompatible with that purpose; Be adequate, relevant and not excessive for those purposes; Be adequate and kept up to date; Be kept safe from unauthorised access, accidental loss or destruction;
For example Sony fined £250k over ‘serious’ Data Protection Act breach, Back in April 2011 this allowed hackers to break into its online store, exposing a raft of personal information such as names, addresses, dates of birth and credit card information to criminals.
Computer Misuse Act 1990: “Unauthorised access to computer material. Unauthorised access with intent to commit or facilitate commission of further offences.” The computer misuse act is a law that legislates against certain activities using computers, such as hacking in to other people’s systems, misusing software or helping a person to gain access to protected files on someone else’s computer. Unauthorised access to computer material, unauthorised access to computer systems with intent to commit another offence and unauthorised modification of computer material is all illegal. “Adult student at University of Birmingham installed four keyboard spying devices to steal staff passwords used to obtain access to his examination results and improve grades.” An example of computer misused act at Barnet&Southgate is that no student or member of staff in the college are not allow to use another staff or student ID go login to the college intranet and check for any information unless they have been authorise to do so.
Freedom of Information Act 2000: “General right of access to information held by public authorities.” This allows the public to access information held by the government departments, local authorities, the NHS, state schools and police forces. They are obliged to allow the public to view certain information about their status/activities. The public are entitled to request for such information if they are needed. For example at Barnet&Southgate College every student have the right to say anything that don’t go against the college policy which they think that it is affecting their learning process, so that the college will make this changes that is affecting the student or staff. file:///C:/Users/Memouna/Downloads/Confidentiality%20and%20sharing%20information .pdf
Ethical Issues of business information: An ethical issue is a code of practise that exists in an organisation to maintain business ethics on use of email, internet, whistle blowing, organisational policies and information ownership. Use of email: lot of business use email as one of their way of communicating within the organisation to help send information quicker to get their message across to other department in the company. Although e-mail can expand and encourage communication, it is not problem free and, in fact, can pose a problems in an organisation. Email should not be used for unlawful activities, commercial purposes or personal financial gain, except where educational policy permits financial gain. For example when a student or staff uses the college E-mail to bully their colleague, for this not to happen the college have e-mail monitoring in place. Internet: the College aims, at all times, to create and maintain a safe environment for all learners, staff, volunteers and visitors. This includes creating a safe ‘on-line ‘environment for all and monitoring the acceptable use of the internet and social media related to the College. Safeguard all learners, staff, volunteers, Governors and visitors from risk online by ensuring College IT-based systems are strong and reliable and meet all legal requirements.
Have procedures in place to appropriately manage online abuse, illegal activity and incidents which threaten online safety of the student. file:///C:/Users/Memouna/Downloads/Online%20Safety%20policy%20July%202015%20FI NAL%20(1).pdf Whistle blowing “making a disclosure that is in the public interest”. It will usually occur when an employee discloses to a public body, usually the police or a regulatory commission that their employer is partaking in unlawful practices. Have made the disclosure in good faith; in other words you must be disclosing that information because it is in the public interest and is clearly wrong. For example for whistle blowing not happen Barnet&Southgate College they have the safeguard department that is responsible for making sure that this doesn’t happen and also the student will first tell their tutor and if they don’t solve the problem the will also have to tell their curriculum manger if they too didn’t, they will also go to the principle. http://www.barnetsouthgate.ac.uk/content/download/5962/40424/file/Procedure %20to%20follow%20in%20response%20to%20a%20disclosure.pdf
Organisational policies and code of practice this is a document that describing the organization's situation on a particular aspect of compliance with regulations, standards, and guidelines for staff in the company, organisational policies help provide effectiveness in the running of an organisation. Below are links of example of Organisational policies and code of practice of Barnet&Southgate College. Barnet&Southgate college policies that is provided for the effective running of the college, it demonstrate values and commitment to good practice and meet its legal obligations as a college. Below is an example of Barnet&Southgate college policies and code of practice and the consequences of breach this policies and code of practice. http://www.barnetsouthgate.ac.uk/content/download/4777/33492/file/St udent%20Code%20of%20Conduct%20updated%2014-15.pdf http://www.barnetsouthgate.ac.uk/content/download/5961/40420/file/Saf eguarding%20policy%20with%20Prevent%20SEPTEMBER%202015%20 approved.pdf http://www.barnetsouthgate.ac.uk/content/download/4103/28833/file/B% 20and%20S%20Equality%20and%20Diversity%20Policy.pdf When most people think of ethics (or morals), they think of rules for distinguishing between right and wrong, such as the Golden Rule ("Do unto others as you would have them do unto you"), a code of professional conduct the college have adopted to specific codes, rules, and policies relating to ethical issues. Like for example equality and diversity Barnet and Southgate College is committed to achieving equality and diversity for all its learners, staff and the broader community which it serves. We welcome, celebrate and value the diversity of our learning community and seek to promote an inclusive learning and working environment where everyone can achieve to their full potential. We have a zero tolerance of discrimination, harassment or bullying of any kind.
http://www.barnetsouthgate.ac.uk/content/download/4102/28829/file/Eq uality%20Objectives%202014-18.pdf https://www.youtube.com/watch?v=AN0aGz7DV-0 Information ownership: is the act of having legal rights and complete control over a single piece or set of data elements. This also what a company can do to protect this information or who will protect it from hackers Human right Act 1998: “It means that you can defend your rights in the UK courts and that public organisations (including the Government, the Police and local councils) must treat everyone equally, with fairness, dignity and respect.” To make sure that information is managed appropriately, a number of policies and procedures have to be put in place as listed below. Operational issues: This is a range of tasks that allows people to investigate the use of computer and information in an organisation it is also a problem with the process of carrying out a specific task Security of Information: this are security that are designed to protect people infromation and softerware data from harckers as you many companies keep their information on IT systems, but as the reliance on technology increases, so does the risk posed by system failure and malicious attacks (e.g. viruses). This why Barnet&Southgate college have their IT and security so that they will be able to protect student and staff information so all staff and student have secure login ID for using the college intranet and IT system. , for example: result and their personal data. Below is a link that’s shows Barnet&Southgate College Security of Information: file:///C:/Users/20267703/Downloads/Confidentiality%20and%20sharing%20inform ation%20(1).pdf Back-ups copies: is a backup that copies all selected files but does not mark each file as having been backed up. In other words, the archive attribute is not cleared. And also there are many ways of backing up your data, using USB pen drives, external hard drives, burning to CD/DVDs and now using cloud storage. A backup should be updated weekly and should be stored in a safe place such as a fireproof safe to avoid the backup from getting damaged along with the original. And there different reason why we back our computer or phones for example; • • • • •
hardware faults or failure software or media faults virus infection or malicious hacking power failure human errors by changing or deleting files
Barnet&Southgate College back up their intranet every day at 12:00 noon for the above reason because if student or staff loss their work or document they will go to the IT department to help them recover it.
Computer Health and Safety: this is the use of computer for a long period of time without taking a break, it’s important to think about computer health and safety in an organisation, because technology can create a number of health and safety issues for your employee. Some people tend to look at monitors and displays for long periods which can cause eye-strain or headaches. Barnet&Southgate College have a policy about the use of computers, as a student or staff you can only use a computer for a certain amount of time for example in the LRC you can only use the computer for 120minute file:///C:/Users/Memouna/Downloads/Online%20Safety%20policy%20July%202015%20FINAL%20(2) .pdf Organisational Policies: this are set of rules, and guidelines that are approved by an organization, this policy are set to influence a specific activity for the safety of their employee and customers that take place within the organisation Barnet&Southgate college have a lot of police to make sure that all their staff and student are safe from any forms of danger as you know it an educational sector they make sure that all their policy are enforced for the safety of their student and staff http://www.barnetsouthgate.ac.uk/the-college/college-policies Business Continuance Plans: These are the steps put in place to make sure a company is capable of surviving any problem that can cause their information to be destroyed. For example regular backups of their electronic information so that if any natural disaster or power failure they will be able to recover does information. As a result of the plan, employees may need to change the way they work for example, storing information centrally rather than on their hard-drive. Although business continuance is important for any enterprise, it may not be practical for any but the largest to maintain full functioning throughout a disaster crisis. Large college like Barnet&Southgate College they need a Continuance Plans because student and staff stored their work and other information in the college intranet. file:///C:/Users/Memouna/Downloads/drugs_policy-2%20(1).pdf Cost/ increasing sophistication: most organisation would like to implement the above policies but there are always costs involved. When deciding what policies to adopt and what measures to take, businesses need to consider the implementation and maintenance costs versus the benefits to the organisation? To implement any policy at Barnet&Southgate College cost money even though they are a college they need money to pay staff that are going to do the job and also as you
know technology have taken over they need IT technician to upload it on the college website update it daily.