Information Security and Privacy in Healthcare - Assignment Example

Short essay questions Student’s Name: Instructor’s Name: Course Code & Name: Date of Submission Session one 1. Q It is an apparent fact that the utility of technology in the law profession has heightened in the recent decades, both in Australia and in the U.S. However, there is an evident variance in the extent to which technology has been embraced in the legal systems of these two countries. In Australia, Hilly (2003, p 7) determined that in recent times, IT has evolved to become an essential tool within the legal profession. This has been through the instigation of products such as Ringtail’s Courtbook and Casebook,there has been provision of better services, both by lawyers to their clients and the courts to the wider Australian public. This has revolutionized the traditional view about the utility of IT in the legal system which had obstructed the incorporation of technological advancements in the trial system. Nonetheless, the legal profession has experienced heightened merits of IT and has slowly adopted these tools which have been key in improving the dissemination of legal justice. However, the IT culture is slightly more entrenched in the U.S legal system when juxtaposed with Australia. This is best epitomized by a research conducted by iPhone J.D (2011) which revealed that 27% of the respondents cited having downloaded legal-specific apps for their iPhones, most predominantly those in the fields of practice like family law, real estate, contracts and general law. Against this backdrop, it is apparent that while Australia is still trying to confront the challenges in adopting the usage of IT in its legal system, U.S has made advances in this field, which reveals more usage and embracing of the IT culture. 2.Q Internalization can be perceived as the process of elevating the involvement of enterprises in the international market. On the other hand, Soubbotina and Sheram (2000, p. 6) cited that globalization can be perceived to refer to the heightening level of interdependence between states which has emanated from the elevated integration of trade, ideas and people in a singular marketplace. Internationalization and globalization have posed great dynamics in the contemporary world. This analysis will focus on the tourism industry. In regard to globalization, Peric (2005, 34) determined that this process has resulted in the establishment and operation of global tourism market. This is whereby diverse destinations, which are anticipated to compete on basis in disregard of the country of origin, have an interactive function. On the other hand, internationalization has resulted in multinational, tourism related firms like restaurants and tour guide firms among others. In regard to information technology, Nath and Menon (2006, 1) noted that the imperative role played by IT in the tourism industry, most notably of the world wide web, has heightened in a tremendous mode over the recent decades and this trend is projected to continue. This fact is supported by Pease and Rowe (2005, p. 4) who determined that tourism is currently dominated by the necessity to provide accurate and swift information to the consumers. In this regard, the first step in the achievement of this goal is through the Global Distribution System (GDS), a form of Inter-Organizational System (IOS). Thus, it is apparent that internationalization, globalization and information technology have posed great impacts on the tourism industry, and these impacts are expected to continue, both in the short and long-term. Session two 1.Q  Willinsky (2005, p. 1) noted that there are contradictions on the operations of copyright in regard to the publishing of scholarly work. It is evident that there are effects of publishing a work in full on the internet in respect to copyright law. This includes but not limited to increased cases of intellectual theft, plagiarism and exploitation of the writers by commercial players through the sale of subscriptions. Publishing a work in full on the internet means that the writer has waived his/her right to the sole exploitation of the copyright in the work based on the fact that it has entered the public domain. This is mostly predominant in relation to free access works where any member of the general public can access and use it without prior authorization of the author. Nonetheless, publishing of this works in sites academic sites which require subscription limits the level of public access and to some extent makes the author retain some sense of sole exploitation of the copyright in the work. 2. Q  The whole idea behind the set of guidelines on first sale dictate that after the copyright owner has placed a copyrighted item in the course of trade through selling it, he/she has subsequently expended his exclusive statutory right in regard to controlling its distribution (Winston, 2006, p. 104).Nonetheless, it does not mean that this has been outweighed by the requirement to fully and publicly disclose all material detail aspects of the property which one want to protect. This is best evidenced by the fact that most of the owners of the IP restrict the redistribution of the product to other third parties through issuing limited license. For instance, Apple, an example of IP owners utilizes this distinction to their advantage. In this regard, when a consumer buys a song from i Tunes, he/she does not buy a copy of a musical piece but in essence, only a license for limited use to play the copy for ‘noncommercial and personal use’. Against this backdrop, he/she does not have ‘promotional or commercial use rights’ in that particular music (Winston, 2006, p. 104). 3. Q There are several legal ways in which to protect confidential or sensitive information which is being delivered electronically, for instance, personal healthcare information. The necessity to protect personal and confidential electronic information is revealed by the National Health Policy Forum (1998, p. 3) which determined that electronic information is usually more prone to manipulation and linkage, and is definitely more portable. Some of the best ways which are legally recognized include but not limited to encryption of the data using the most robust possible encryption method available and non-usage of standard email in the transmission of any data which is personal and sensitive in nature. In addition, when there is a necessity of confidential information being transferred using a third party, there must be a writes and signed agreement between both parties prior to the transfer of the information. Lastly, all the portable disks containing the electronic information ought to be password-protected in order to prevent unauthorized use and access of the information held in the device (Centre for management and Organization Development, 2008, p. 6). Session three 1.Q The firm that will be explored in this analysis is Dow Chemicals. This company is primarily engaged in the production of diverse chemicals and operates in 150 manufacturing sites in 35 countries worldwide. Majority of its legal compliance strategies are aimed at reducing the pollution that is emitted through their production processes which is a major concern in the contemporary world, mostly with issues of global warming becoming more apparent (Kenneth, 1994, 1) as well as complying with principles 7 and 9 of the global compact. One strategy has been through the establishment of an Office of Ethics and Compliance which is mandated with the role of reinforcing the long-standing commitment to both ethical and legal conduct in the company (Dow Chemicals website, 2012, 1). Linked to the above strategy was through establishing an independent department to deal with the issues of climate change and alternative energy in the company. This department has increased advocacy on environmental issues both inside and outside the firm, as well as legal compliance (Dow Chemicals Company, 2009, 8). The strength of these strategies is that there is direct involvement of the organizational leadership in a company which is key in cultivating the commitment of the employees. In addition, these strategies entail a holistic approach to environmental sustainability, involving all departments. These strategies towards legal compliance can be improved through excessive collaboration not only inside the firm, but also with other firms in similar line of operation, for instance, Duke Energy and Mitsubishi Chemical Holdings (MCHC) among others. 2.Q The organization in this analysis is the Law council of Australia which provides advice to the governments, federal agencies and courts in regard to the ways on which there can be an improvement in the law and justice system aimed at benefiting the Australian community. Moreover, this organization is mandated with oversees representation of the Australian legal profession as well as maintaining intimate relationships with other legal professional bodies at the global scale among other roles (Law Council of Australia website, 2003). There are several programs in this organization which are aimed at providing continuing legal education to the organization at all levels. Through the legal education committee, this organization has continually cultivated the engagement and cooperation between the legal professional association and the law schools. In addition, this organization has enhanced its program towards heightening the quality in legal education which includes but not limited to developments in legal education, for instance, the ‘law as a second degree only’ model as well as quality of online education. This has also been coupled with the advertising of law schools in Australia and their degrees in foreign countries (Law Council of Australia website, 2003). All these programs have been instigated with the sole aim of providing continuing legal education to the organization at all levels as well as other stakeholders in this profession. Session four 1.Q According to Cannolly (2012, 1), this model was a culmination of an initiative by the Consumer Affairs Division (a part of the treasury) to enhance the confidence of the consumers in electronic commerce. The author further reveals that businesses ought to adopt reasonable business undertakings when engaging in the electronic commerce which is part of the provision in the Treasury’s Consumer Best Practice Model. Nonetheless, the principles which are spelt in the guidelines are not mandatory. There are several advantages in adopting the code of practice particularly when dealing with an overseas market based on the fact that it provides the businesses in Australia with a chance to develop new markets as well as the creation of more profound relationships with their consumers more than it was possible in previous epochs. In addition, oversees consumers are able to take advantage of the wider convenience and choice, heightened competition among the suppliers and increased information in regard to the goods and services that they purchase (Commonwealth of Australia, 2006, p. 1). There are no much disadvantages associated with this codes, just that a few modifications are supposed to be incorporated in them. This is for instance; more profound efforts should be put in place in avoiding the inconsistencies with the existing laws. 2 Q Despite the fact that the current code analyzed above is not mandatory to businesses engaged in the electronic environment, there is a justifiable rationale for the Federal Government to introduce a mandatory code to stop unethical behavior and sharp practices among these businesses. This would be imperative in streamlining the conduct of business in this field which will play a fundamental role in ensuring the confidence of the consumers as well as promoting healthy competition among the players in this field. From the viewpoint in this analysis, this will be fair if at all integrity, transparency and accountability will form the rudimentary foundation in upholding the laid down code, both on the side of the implementers as well as the businesses themselves. There are several penalties which are imposed on corporations which breach of a voluntary and mandatory code under the Australian Consumer law. According to the Commonwealth of Australia (2005, p. 8), there is no provision for imprisonment as a sanction for the breach of the consumer protection law. Nonetheless, a defendant (individual or corporation) can be ordered to pay a monetary fine. On the other hand, the individual who conducted the criminal offence in a certain corporation (if there is a recording of the criminal conviction) may be limited in terms of the ability to travel as well as disqualification from corporate directorship and particular public offices. Session five 1.Q Raab and Goold (2011, p. 11) cited that the capacity in the collection and processing of personal information is in the modern world in the realms of law enforcement, service delivery in the public sector as well as national security. Goold (2007, p. 5) noted that despite the fact that private information is a very delicate right in its very nature, personal information privacy has come under specific threats in contemporary ‘information age-government’ and ‘information economy’. In the context of a government department which has in the past been confronted by challenges of privacy protection, there are a number of steps that can be taken to enhance the culture of privacy protection. The first step is through encryption of any personal information being transmitted electronically using the strongest possible encryption method. Secondly, the access to the server rooms and data centers which are currently used in the hosting of software and hardware in which the personal information is being stored ought to be under stringent restriction whereby only authorized staffs are able to access them after prior clearance from the department (Centre for management and Organization Development, 2008, p. 5). In addition, the staffs that are newly recruited in the department ought to be carefully trained and coached prior to being permitted to access personal files. Moreover, the department should as much as possible avoid storing confidential and sensitive information in portable devices. In case this is unavoidable, all the devices which contain this private information must be encrypted (Centre for management and Organization Development, 2008, p. 14). 2. Q Apparri and Johnson (2010, p. 285) identified several concerns among consumers in regard to health issues. Firstly, the consumers usually have a strong belief that their information should be solely shared with people who are directly involved in their care. Secondly, majority of the patients who concur with the sharing of personal information among physicians reject the disclosure of this information to other third parties, for instance, employees and family members. Against this backdrop, the privacy policy in the website should look like the following; Disclosure and use of personal information -Treatment: We might disclose personal health information to hospitals or doctors directly involved in your care. -Law enforcement: We may disclose PHI to the officials engaged in law enforcement who are investigating a crime, crime victim, missing person or material witness. -Required by law: We may disclose PHI if required to do so by the law. -Public safety and health: We may disclose PHI to the necessary degree in avoiding a severe and looming threat to your personal health or the safety and health of others. Individual Rights -Access: You have the absolute right to access, inspect and/copy your PHI. -Disclosure accounting: You have a right to receive a breakdown of instances in which we or out business associates have disclosed your PHI. Session Six 1. Q Neogi and Cordell (2010, p. 2) noted that despite the transformations which has been instigated by the usage of the internet in the socio-economic and political realms, it is worth noting that it was never structured for global, universal and secure commercial utility. Against this backdrop, the legal uncertainties regarding jurisdiction to some extent threaten to undermine the widespread adoption of the Internet as a form of commerce, mostly in closed economies around the world. Nonetheless, the contemporary concept of globalization and the modern shift towards market liberalization among different state are fundamental tenets in overcoming this setback. 2. Q There is an imperative need for profound choice of law rules which call for international agreement if internet commerce is to flourish because countries ought to establish laws at the international level which will govern the conduct of internet commerce. This will be chief in streamlining the undertaking of internet commerce which will culminate in its flourishing. 3Lessons to be learned by website businesses from the US jurisdiction cases discussed in this module Some of the lessons leant include the fact that there is need for website businesses to establish robust privacy policies to facilitate minimization of privacy breach cases. In addition, stringent legislations ought to be passed to aid in penalizing those who contravene the set guidelines. However, there have been inconsistencies in the approaches of the courts and on the other hand, the decisions do not provide clear guidelines for businesses contemplating using a website to do business. Therefore, there is need for a holistic approach involving all the stakeholders in streamlining the principle governing businesses in website business. 4 While some argue that the cyberspace is a lawless frontier, it can also be said that its problem is that it is subject to too many laws. Discuss. Cyberspace can be perceived as a set of inter-linked IS which is time-dependent and the users that interact with these systems. Some of the proponents have argued that this is a lawless frontier which is true. Nonetheless, there are very limited laws which govern its undertakings which is the cradle of most of the problems therein, rather than too few laws. B2B 1. Q EDI can be perceived as the transmission of business data through electronic medium within or between firms, in a data format which is processable by a computer and in a structured way (Hill & Ferguson, 1988, p. 3). There are different reasons for this phenomenon. Firstly, it requires limited human intervention in operations. Furthermore, it is convenient and fast based on the fact that data is transmitted electronically and online, hence easy to retrieve. Lastly, with the boom of information technology in the contemporary world, EDI has evolved to become an integral system component of many businesses. 2. Q Some of the legal issues raised by EDI include but not limited to issues of cyberterrorism, as well as breach of privacy in personal information which is being transmitted electronically. In addition, there are legal issues in regard to the unauthorized access of confidential and sensitive information which is transferred electronically which can compromise individual or collective welfare. References Apparri, A, & Johnson, M., 2010, ‘Information security and privacy in healthcare: current state of research’, International Journal of Internet and Enterprise Management, vol. 6, no. 4, pp. 279-314. Cannolly, C, 2012, ‘New Ecommerce Best Practice Model’, Retrieved 4th July, 2012, < http://www.galexia.com/public/research/articles/research_articles-art12.html>. Centre for management and Organization Development, 2008, Protecting the confidentiality of Personal Data, CMOD, Dublin. Commonwealth of Australia, 2006, The Australian Guidelines for Electronic Commerce, Commonwealth of Australia, Canberra. Commonwealth of Australia, 2005, Civil penalties for Australia’s consumer protection provisions: A discussion paper Ministerial Council on Consumer Affairs, Commonwealth of Australia, Canberra. Dow Chemicals Website. Retrieved 4th July, 2012, . Dow Chemicals Company,2009, The Dow Sustainability Report. Dow Chemicals Company, Midland, Michigan. Goold, B., 2007, Privacy, identity and security, In Goold, B. and Lazarus, L. (eds.), Security and Human Rights, Hart Publishing, Oxford. Hilly, E, 2003, ‘An Australian player in the law and technology game: Ringtail’, retrieved 4th July, 2012, . Hill, N., Ferguson, N., 1988, ‘Electronic Data Interchange:A Definition and Perspective’, Retrieved 4th July, 2012, . Kenneth B, 1994, Dow Chemical Company (A): The WRAP Program, World Resources Institute, Dartmouth College. Law Council of Australia website, 2003, ‘Legal Education Committee’, Retrieved 4th July, 2012. National Health Policy Forum, 1998, Protecting theConfidentiality ofHealth Information, National Health Policy Forum, Washington D.C. Nath, A & Menon, D, 2006, Role of Information Technology in Tourism, Indian Institute of Information Technology and Management, Gwalior. Neogi, P., & Cordell, A., 2010, ‘The Internet and the Need for Governance: Learning from the Past, Coping with the Future’, Journal of Internet Banking and Commerce, vol. 15, no. 2, pp. 1-30. Pease, W., & Rowe, M, 2005, An Overview of Information Technology in the Tourism Industry, Edith Cowan University, Perth. Peric, V., 2005, Tourism and Globalization, University of Primorska, Koper. Raab, C., & Goold, B, 2011, Protecting Information Privacy, Equality and Human Rights Commission, London. Soubbotina, T. P. & Sheram, K.A., 2000, Beyond Economic Growth; Meeting the Challenges of Global Development, The World Bank, Washington D.C. Willinsky, J., 2005, ‘Copyright Contradictions in Scholarly Publishing’, Open Journal systems Demonstration Journals, vol. 1, no. 1. Winston, E., 2006, ‘Why sell what you can License? Contracting Around Statutory Protection of Intellectual Property’, George Mason law Review, vol. 14, no. 1, pp. 93-133. Read More