INFORMATION PRIVACY PLAN

Practical Application of Information Privacy Plan



Practical Application of Information Privacy Plan

Q.1) Discuss why information security and privacy are important considerations in the design, development and maintenance of HRIS

The HRIS is a national system that provides direct access to information resources (HR) in support of operational activities, the client-server technology and Internet-Intranet technology. The privacy of information has become a substantial problem in recent years. With identity theft becoming a common problem, and increasingly sensitive about who sees their personal information and maintaining security in doing certain information that maintained in the HRIS is relevant to the university and ensure that limited password protection to that information, university can make students more comfortable with the security of the information. Either electronic or paper records should be treated with proper care. Establishment of security and end user privileges requires a balance of incorporation, the human resources policy, knowledge of the system and day to day operations.

Q.2) In each of the three scenarios, discuss what information privacy principles been breached.

The 1st scenario can be described as the IPP 11 and IPP 4 breach. These are referred to as the breach of security and disclosure (Wylie, 2003). The IPP4 requires the files stored should be protected and held in security not to be accessed by an unauthorized person, changes, misuse or any disclosure could lead to the breach of IPP4. The 2nd scenario divulges information such as describing the motive behind the call (i.e. misconduct hearing) and nature of the allegation of information. Thus, the breach of IPP 11 occurred. As the IPP 11 defines the disclosure limits. There is a possibility that Christine may be unaware that her partner involved in a misconduct allegation. She professes that she knows all about the hearing. The 3rd scenario defines an act of sending a card of birthday seems fairly inoffensive. We can say that Janet has the right of feeling that her privacy been breached. The usage of the personal information that has been collected for the sole purpose (administration of University) and not only this but also using it to obtain a person's address or date of birth for the birthday card seems to be the breach of IPP 9 and 10.

Q.3) In each of the three scenarios, discuss how each of the information privacy principles been breached.

In First scenario, the person who allowed the file to be accessed has breached IPP 4. IPP 11 is the disclosure of personal information. When roger read those files, someone from outside the University premises been disclosed with that information. Roger should be known with the fact that he is not the employee of the University. The information being effectively disclosed to someone (albeit inadvertently) because it could be said that Roger is not employed by the University. University is unaware, or we can say have no knowledge and thus, have no control on the utilization of that information. It does not matter that the disclosure is unintentional or inadvertent (Islan, ...