Database privacy and Legal Issues :: essays research papers

Database privateness and legal issuesData screen truth regulates data management, and information systems manage data. Therefore, data privacy assurance moldinessiness consider system assurance. An IT section should streamline its functions with the industry standards and privacy regulations in order to avoid any disruption. In order to achieve those objectives, the IT department should assess the risks, design a strategic plan to achieve privacy configuration, implement required policies and procedures, and monitor and audit the procedures to ensure privacy compliance. Gavison, in his article "Privacy and the Limits of the Law", describes privacy in terms of haughty access to our physical person, and to our information. In one phrase, it is the "protection from being brought to the heed of others" struck us as particularly relevant to the census riddle (1995). In his article "creating the Privacy Compliant Organization", Parker mentions that there are other forms of privacy to consider, implicates privacy of persons, privacy of individualized behavior, privacy of personal communications, privacy of personal information, and privacy of territory (2001).Risk AssessmentAn IT department should identify and document the information systems that are subject to privacy requirements includes data processor files, databases, archives, microfilm, personal records and copies wherever located. Moreover, it should perform a risk assessment and spreadhead analysis of controls and procedures that are in place. The gap analysis will set off the deficiencies between the current status and the legislative requirements and regulations under which the makeup must operate. Additionally, the risk assessment must be applied to the likely risks that an organization may experience from a breach in privacy which include damage to the corporate reputation, damage to business credibility, financial loss, negative publicity, and fines and illegal records for employees. The result of this phase will be the basis for developing a strategic personal information privacy plan (Parker, 2001).Design a Strategic PlanDesigning a privacy plan involves planning, and implementing a set of direction, methodology, and tools to point number of issues in order to achieve privacy compliant, which includes     Establishing the required infrastructure, including the required positions and appointing key privacy personnel.      Establish the methodologies, which include aggroup members, deliverables, activities, critical path, resources, skills, timelines and approaches to addressing the privacy gaps      Introduce the privacy policies, standards, guidelines and procedures required to meet compliance requirements.     Identify the changes required in the systems, procedures, forms, etc.      Formulate the changes required to address the gaps, a nd     Train the individuals to ensure that they fully understand the requirements of the legislation and the organizations objectives and deliverables to be created (Parker, 2001).