Running head: ETHICAL DILEMMA 1

Ethical Dilemma: Scenario 2

Student’s Name

Institutional Affiliation
ETHICAL DILEMMA 2

Ethical Dilemma: Scenario 9.3.2

The assumption used to guide decision making in a data protection scenario is that the

clinical director already knows the sensitivity and confidentiality of the information contained in

the records. He is also aware that release of clients’ information to third parties might be

embarrassing to those who visit the facility and even cause physical harm to who use the shelter

(Baase, 2012). However, it might be possible that the director is unaware of the risks associated

with the new technologies that she wants to introduce. With the current technological

developments, there has been remarkable computing and communication improvements, which

has made it easy to collect and exchange personal information on an unprecedented scale. While

it is a great advancement in the current history of civilization, it does not lack its risks. For

instance, there is a likelihood of violation of privacy of individuals and groups leading to their

embarrassment. It is therefore, important for leaders to ensure that they take precautions to

ensure that data is accurate and that it is protected from unauthorized access or accidental

revelation to inappropriate individuals.

The most affected stakeholders in this scenario include clients who attend the clinic

together with their family members. These clients do not usually deal directly with the clinic’s

director. The clinic director, clinic employees, computer professional and the funders of clinic

operations. While the director’s proposal seems to be an effective one especially in terms of

faster and efficient service delivery, there are various risks associated with it. Information

technology gadgets including computers and smartphones that might not appear to have any

important information can be vulnerable to attacks by third parties, who might be interested to

get access to the organization’s private information. Networked computer systems are more risky
ETHICAL DILEMMA 3

since they can be used as foothold allowing attackers to spread through the network. In addition,

networked devices are more prone to attacks from other devices around the world.

Another major risk that the director needs to be informed is that though mobile

technology will facilitate business, it is prone to risks. Laptops, smartphones and tablets are

subject to being stolen or lost in the process of transit. A phone might fall from the pocket while

in the vehicle or even a laptop stolen from a home that employees visited. In the process, the

clinic is at risk of losing all or some devices hence making it easy for hackers to access all the

information they need from the organization’s network. Additionally, it is even more risky since

employees will be using their own smartphones. In this case, the company systems will be at risk

of potential attacks unless the information in such devices is secured and encrypted.

In most cases, we tend to think that network security risks emanate from our computers.

What we are not aware of is that hackers can cause destructive damage irrespective of the place.

Hackers gain unrestricted rein once they break into an organization’s system. Hackers can steal

records, gain unauthorized access to vital and confidential information or expose the

organization’s best secrets to rivals and for the larger population to see. Therefore, while

planning to install an app in the employees’ smartphones by which they could access records at

social service agencies, it is important to know that hackers might get access to them. Besides,

the employee themselves can be an obstacle to security without knowing it. It might not be

intentional but due to lack of proper training about the most applicable security practices, which

can increase the organization’s vulnerability. The first step that the director should take is to

ensure that employees are trained on how they can protect the organization, especially on secure

file sharing and the nature of websites that might be risky.

ETHICAL DILEMMA 4

To protect against unauthorized access of sensitive information by hackers and possibility

of interception of records during transmission, there is need to implement measures that would

ensure that client’s information remain private. For instance, it would be necessary to use

identification codes for clients instead of real names. In this case, it is important for the

organization to encrypt information in such a way that it will become unreadable by

unauthorized parties (Pelteret & Ophoff, 2016). End to end encryption will also ensure that third

parties do not get access to the organization’s information and that only those communicating

can have access to this information. Data encryption in the given scenario would be necessary

because carrying client information on phones or laptops can be very risky, especially because,

the devices might get lost or be stolen and they might fall in wrong hands. Besides encrypting

client records, it is important to invest in laptops that are installed with extra security features

such as thumbprint readers, which will ensure that only authorized individuals get access to this

information, edit features and track information remotely (Baase, 2012).

In other instances, even the most trusted employees might be lured to or bribed to share

private information to unauthorized persons. For example, a client who is a candidate for the city

or a party in a child custody case might bribe an employee to access information. To minimize

such information leaks, it is important for each employee to have his or her own user ID and

password. Creating a unique password for each employee would make each one of them to be

vigilant because it would be easier to know where the information was accessed from. In

addition, employees will be able to access to specific information that they need. Further, a log

function can be installed to keep track of individuals who gets access and modify records. This

system can also help to monitor and control employee e-mail and web activities.
ETHICAL DILEMMA 5

Although the features identified might make the overall system to become a bit more

expensive, it is important to know that they are the most effective and will help prevent client’s

information from unauthorized access. As technology advances, hackers are also looking for

more improved ways to access organization information and use it for their personal benefit.

This therefore, indicates the reason why this information should be kept private and confidential.

In organizations like clinics that have important information of their clients, it is important that it

is handled with utmost and relative importance. For instance, one might not consider it a problem

sharing their name to a stranger in the process of knowing each other, however, there is private

information that one might not be ready to share until the two become more acquainted to each

other. This can be applied to the concept of data privacy hence requiring the need to put in

measures that can prevent unauthorized access.

There are various reasons for installing features that would ensure information privacy.

According to some theorists, maintaining privacy is a form of a basic human good or right,

which has an intrinsic value and therefore, it becomes a basic element of human well-being.

Implementing these features will lead to confidentiality of information (Pelteret & Ophoff,

2016). Client data is valuable, especially in the current world. All people have personal

information they wish to keep private and therefore, protecting such information is a vital aspect.

Instilling measures such as encryption codes will only allow authorized individuals to access

data. Another major importance of the security recommendations is that it will maintain integrity

of information. In this case, unauthorized parties will not get access to the systems to modify

client information. Information is more valuable when it is correct, putting these measures in

place would prevent third parties from modifying client data. Furthermore, installing these

features will ensure data availability. This means that employees and relevant personnel can
ETHICAL DILEMMA 6

access information when needed. Information can only be meaningful when it is accessed by the

right people and at the right time.

Though you might consider installing only a few of them, it is important to know that

installing all these features will ensure that the system is strongly protected. For instance, you

may decide to install only passwords into the system. In this case, it is important to know that

user ID and passwords only might not be a secure authentication method. Using a single security

measure can be very easy to compromise unlike when there are several features such as

encryption, laptops that are installed with extra security features such as thumbprint readers or

log functions. I would therefore recommend that you install all the features identified as they

would ensure information privacy.

ETHICAL DILEMMA 7

References

Baase, S. (2012). A gift of fire. Pearson Education Limited.

Pelteret, M., & Ophoff, J. (2016). A review of information privacy and its importance to

consumers and organizations. Informing Science: The International Journal of an

Emerging Transdiscipline, 19, 277-301.