Documente Academic
Documente Profesional
Documente Cultură
Student’s Name
Institutional Affiliation
ETHICAL DILEMMA 2
The assumption used to guide decision making in a data protection scenario is that the
clinical director already knows the sensitivity and confidentiality of the information contained in
the records. He is also aware that release of clients’ information to third parties might be
embarrassing to those who visit the facility and even cause physical harm to who use the shelter
(Baase, 2012). However, it might be possible that the director is unaware of the risks associated
with the new technologies that she wants to introduce. With the current technological
developments, there has been remarkable computing and communication improvements, which
has made it easy to collect and exchange personal information on an unprecedented scale. While
it is a great advancement in the current history of civilization, it does not lack its risks. For
instance, there is a likelihood of violation of privacy of individuals and groups leading to their
embarrassment. It is therefore, important for leaders to ensure that they take precautions to
ensure that data is accurate and that it is protected from unauthorized access or accidental
The most affected stakeholders in this scenario include clients who attend the clinic
together with their family members. These clients do not usually deal directly with the clinic’s
director. The clinic director, clinic employees, computer professional and the funders of clinic
operations. While the director’s proposal seems to be an effective one especially in terms of
faster and efficient service delivery, there are various risks associated with it. Information
technology gadgets including computers and smartphones that might not appear to have any
important information can be vulnerable to attacks by third parties, who might be interested to
get access to the organization’s private information. Networked computer systems are more risky
ETHICAL DILEMMA 3
since they can be used as foothold allowing attackers to spread through the network. In addition,
networked devices are more prone to attacks from other devices around the world.
Another major risk that the director needs to be informed is that though mobile
technology will facilitate business, it is prone to risks. Laptops, smartphones and tablets are
subject to being stolen or lost in the process of transit. A phone might fall from the pocket while
in the vehicle or even a laptop stolen from a home that employees visited. In the process, the
clinic is at risk of losing all or some devices hence making it easy for hackers to access all the
information they need from the organization’s network. Additionally, it is even more risky since
employees will be using their own smartphones. In this case, the company systems will be at risk
of potential attacks unless the information in such devices is secured and encrypted.
In most cases, we tend to think that network security risks emanate from our computers.
What we are not aware of is that hackers can cause destructive damage irrespective of the place.
Hackers gain unrestricted rein once they break into an organization’s system. Hackers can steal
records, gain unauthorized access to vital and confidential information or expose the
organization’s best secrets to rivals and for the larger population to see. Therefore, while
planning to install an app in the employees’ smartphones by which they could access records at
social service agencies, it is important to know that hackers might get access to them. Besides,
the employee themselves can be an obstacle to security without knowing it. It might not be
intentional but due to lack of proper training about the most applicable security practices, which
can increase the organization’s vulnerability. The first step that the director should take is to
ensure that employees are trained on how they can protect the organization, especially on secure
of interception of records during transmission, there is need to implement measures that would
ensure that client’s information remain private. For instance, it would be necessary to use
identification codes for clients instead of real names. In this case, it is important for the
unauthorized parties (Pelteret & Ophoff, 2016). End to end encryption will also ensure that third
parties do not get access to the organization’s information and that only those communicating
can have access to this information. Data encryption in the given scenario would be necessary
because carrying client information on phones or laptops can be very risky, especially because,
the devices might get lost or be stolen and they might fall in wrong hands. Besides encrypting
client records, it is important to invest in laptops that are installed with extra security features
such as thumbprint readers, which will ensure that only authorized individuals get access to this
In other instances, even the most trusted employees might be lured to or bribed to share
private information to unauthorized persons. For example, a client who is a candidate for the city
or a party in a child custody case might bribe an employee to access information. To minimize
such information leaks, it is important for each employee to have his or her own user ID and
password. Creating a unique password for each employee would make each one of them to be
vigilant because it would be easier to know where the information was accessed from. In
addition, employees will be able to access to specific information that they need. Further, a log
function can be installed to keep track of individuals who gets access and modify records. This
system can also help to monitor and control employee e-mail and web activities.
ETHICAL DILEMMA 5
Although the features identified might make the overall system to become a bit more
expensive, it is important to know that they are the most effective and will help prevent client’s
information from unauthorized access. As technology advances, hackers are also looking for
more improved ways to access organization information and use it for their personal benefit.
This therefore, indicates the reason why this information should be kept private and confidential.
In organizations like clinics that have important information of their clients, it is important that it
is handled with utmost and relative importance. For instance, one might not consider it a problem
sharing their name to a stranger in the process of knowing each other, however, there is private
information that one might not be ready to share until the two become more acquainted to each
other. This can be applied to the concept of data privacy hence requiring the need to put in
There are various reasons for installing features that would ensure information privacy.
According to some theorists, maintaining privacy is a form of a basic human good or right,
which has an intrinsic value and therefore, it becomes a basic element of human well-being.
Implementing these features will lead to confidentiality of information (Pelteret & Ophoff,
2016). Client data is valuable, especially in the current world. All people have personal
information they wish to keep private and therefore, protecting such information is a vital aspect.
Instilling measures such as encryption codes will only allow authorized individuals to access
data. Another major importance of the security recommendations is that it will maintain integrity
of information. In this case, unauthorized parties will not get access to the systems to modify
client information. Information is more valuable when it is correct, putting these measures in
place would prevent third parties from modifying client data. Furthermore, installing these
features will ensure data availability. This means that employees and relevant personnel can
ETHICAL DILEMMA 6
access information when needed. Information can only be meaningful when it is accessed by the
Though you might consider installing only a few of them, it is important to know that
installing all these features will ensure that the system is strongly protected. For instance, you
may decide to install only passwords into the system. In this case, it is important to know that
user ID and passwords only might not be a secure authentication method. Using a single security
measure can be very easy to compromise unlike when there are several features such as
encryption, laptops that are installed with extra security features such as thumbprint readers or
log functions. I would therefore recommend that you install all the features identified as they
References
Pelteret, M., & Ophoff, J. (2016). A review of information privacy and its importance to