Privacy of Information Systems - Essay Example

? Privacy of Information Systems and Privacy of Information Systems The advent of informationsystems in organizations has stirred risks such as insecurity and lack of privacy of information about companies and their customers. Information privacy exists in a system when a person who has authority accesses data. This means that privacy of information ceases when unauthorized parties access the data of a company or consumer. The access to information about a company by an unauthorized person leaks confidential information about the organization. The leakage may then lead to security threats when the unauthorized persons manipulate the data for their benefits (Quinn, 2010). Ethics in information systems guide companies on how to handle their confidential data. Governments also formulate laws that govern the use of information systems to prevent the privacy threats. Professional bodies such as nursing that deal with confidential information of their patients adhere to ethics and laws to prevent the violation of privacy laws of data. The National Health Systems uses information system applications to make their services efficiently. The users of the applications follow the rules of ethics to ensure that they do not violate the privacy of patients’ information. One of the applications used in the health systems is the Summary Care Record (SCR). This application stores information of patients in a central database such that it can be accessed from various hospitals. The access of information in various hospitals enables patients to attend the health institution of their choice (Maccoby, Norman, & Margolies, 2013). The ethical principles that govern the privacy of SCRs include the golden rule, risk aversion, the rule of change by Decartes, and utilitarian hypothesis. The utilitarian theory argues that organizations and individuals should perform functions that benefit more people in the society (Diney, Hu, Smith, & Hart, 2013). National hospitals use the SCR in a way that benefits the whole society. This is because the citizens attend the hospital of their choice whenever they are sick. The doctors and nurses use the system to check the health history of patients; this helps them to determine the best treatment for their clients. The privacy of health records is also guarded by the rule of change that was formulated by Decartes, which argues that firms should use techniques that may be repeated more than once (Tajero, & De, 2012). This means that actions that may not be repeated are unethical, and they may violate the privacy of information. The repeated action in the use of the health records is mainly the use of passwords and identification cards, which ensure that only the authorized medical practitioners access the information of patients. The authorized persons who access information may do so numerous times. An action that may not be repeated is hacking, which leads to the access of the information about a company by unauthorized persons through the exploitation of a system’s weakness (Rosenberg, 2004). Hacking violates the privacy of patients’ information meaning that it is an unethical act. The weakness of Decartes principle is that it fails to specify whether the repeated action is right. This is because in some cases, activities such as hacking are possible to repeat when the hacker identifies the weakness in a system. Since hacking is unethical, repeating it violates the principle of privacy meaning that the rule of change misleads users (Rosenberg, 2004). The other ethical principles that govern the use of hospital computers leading to information privacy include machines in ways that respect the society, not interfering with other people’s work in the computer, and not using the machine to steal. Computer users who observe these tenets promote the confidentiality of their information and that of others (McCarthy, & Halawi, 2013). The social issues in information systems include those that govern the way a company mingles with the society. This is similar to ethics, but it deals with the treatment of the society as a whole. The interaction of hospitals with their society through the Summary Care Records is governed by stakeholder and social contract theories. Stakeholder theory argues that leaders of firms should aim at increasing the welfare of all parties that have an interest in their organizations (Tavani, 2010). This theory promotes the confidentiality of information because hospitals avoid aiming at objectives that violate privacy and concentrate on those that increase the health of the society. The social contract theory argues that leaders have ethical responsibilities of all its stakeholders. Thus, when health practitioners are accessing a consumer’s information in the summary records, they do it while maintaining the confidentiality of the data. Companies that uphold the privacy of the information of their clients formulate codes of ethics that govern the functions of employees. National Hospitals have a code of ethics that governs the practices and conduct of practitioners leading to increased privacy of Summary Record data (Quinn, 2010). The British Medical Association (BMA) is the body that formulates and issues hospitals with the policy. The BMA code of ethics argues that nurses should maintain the highest level of confidentiality of patients’ information (Maccoby, Norman, & Margolies, 2013). The information of patients that should be confidential includes their mental state, genetic composition, drugs issued, illness, and other personal information such as marital state and income (Tajero, & De, 2012). Nurses and doctors who access summary records follow this principle while executing their duties. The policy also requires nurses and doctors to discuss information of patients with relevant parties only. The stakeholders who have the right to discuss a patient’s information include patients, medical doctors, and other nurses (Diney, Hu, Smith, & Hart, 2013). The practitioners who violate the principles of protection that are in the code of ethics may be punished or excluded completely from the association. Hospitals may be faced with situations that force them to observe the code of ethics even when there are alternative techniques of approaching their duties leading to improved welfare and health of a patient. The code of ethics and the utilitarian theory oppose each other in this case leading to a dilemma. The institutions may be forced to make their own judgments by choosing the principle to apply in this case. The laws of the European Union also safeguard the privacy of patients’ information in hospitals. The European Directive on Data Protection (EDDP) is the body that formulates the information system laws. An example of a law formulated by EDDP that ensures the privacy of information stored in the National Hospitals Summary Records is that which requires companies to inform consumers how the system works (Rosenberg, 2004). This is because patients have the right to opt out from the system if they do not want their information to be accessed in numerous health centres. The European Union also does not allow companies and individuals to share information with states that make use of different models of information systems (Quinn, 2010). This prevents the leakage of consumers and company information leading to improvement in privacy. In conclusion privacy in the use of information systems is governed by ethical principles, professional codes of ethics, and legal regulations. Some of these techniques that ensure privacy may oppose each other leading to dilemmas that may consequently cause the violation of confidentiality. In case of conflicts between the code of ethics and the theories of ethics, professions should follow their policies. However, in case of conflict between the code and the legal regulations, professions should uphold state laws. This indicates that professional bodies should formulate their codes of ethics based on the legal regulations in their countries. This will improve the privacy and security of patient information in the summary records. References Dinev, T., Xu, H., Smith, J. H., & Hart, P., 2013. Information privacy and correlates: An empirical attempt to bridge and distinguish privacy-related concepts. European Journal of Information Systems, 22(3), pp. 295-316. Maccoby, M., Norman, C. L., & Margolies, R., 2013. Transforming Health Care Leadership: A Systems Guide to Improve Patient Care, Decrease Costs, and Improve Population Health. Hoboken: Wiley. McCarthy, R., & Halawi, L., 2013. Evaluation of ethical issues in the knowledge age: an explanatory study. Issues in information systems. [Online]. Available at [Accessed 17 November, 2013]. Quinn, M. J., 2010. Ethics for the Information Age. Boston: Addison Wesley. Rosenberg, R. S., 2004. The social impact of computers. Amsterdam: Elsevier Academic Press. Tavani, H. T., 2010. Ethics and Technology: Ethical issues in an age of information and communication technology. Hoboken: Wiley. Tejero, A., & de, l. T., 2012. Advances and current state of the security and privacy in electronic health records: Survey from a social perspective. Journal of Medical Systems, 36(5), pp. 3019-3027. Read More