Legal and Ethical issues in Work Environment - Research Paper Example

? Running Head: Legal and Ethical issues in Work Environment Legal and Ethical issues in Work Environment Legal and Ethical issues in Work Environment Introduction This paper focuses on an analysis of legal and ethical issues in a work environment by looking at certain examples in some organizations and companies. It looks to explain certain working situations relating to both current and previous work environment. This paper also analyzes future work environment on the basis of employment experiences and current events in the employment environment. Most organizations prefer adhering to ethics in the working environment rather than concentrating on the profit maximization goal (Photopoulos, 2008). It also explains the ethical concerns in the above situation by considering two theories to the situation. The paper analyzes the laws that apply to the situation in the working environment and their relevant areas. The paper makes recommendations regarding the situation and issues in the above work environment. It ensures that there are no such mistakes in the work environment in the future. Ethics programs are increasingly becoming popular in the United States, according to statistics in the year 1994. Organizational ethics are codes or standards in an organization that aim at providing a guideline on how employees and employers relate with each other. This paper analyzes the above details by looking at a certain case of data breaches in a business in the United States. These codes are set on the basis of ensuring honesty, respect in the working environment. These ethics encourage acceptable behavior among the employees and employers in the organization. Organizations have different ways of dealing with their ethical issues, though they have a common guideline by the law. There are various laws with the responsibility of looking into the legal issues in the environment. Ethic programs provide policies for organizations to handle their ethical issues. It is important to note that failure to adhere to ethics results to business failure (Goldman & Kaufman, 2009). These ethics in the workplace environment ensure that employees work on the guidelines of ethics and the law relation to the specific ethics. Organizations have different ethics because there is a thin line between what is right or wrong. However, there are legal standards and guidelines regarding ethics in the working environment for both employees and employers. According to findings from the ethics research center in the United States, legal and ethical issues are increasing in the business environment among relationships of employees and employers. The case of data breaches in businesses and organization clearly illustrates the lack of ethics and the liability it creates. It also focuses on the legal issue that lack of ethics brings and how the law deals with such situations. A business situation that presents a legal and ethical issue There are several situations in the business environment that show an example of legal and ethical issue in a particular organization. These issues include certain rights in the capitalism era including rights like the property rights. Lack of ethics causes the surfacing of legal matters in any business situation. Such an example of a situation regarding ethical and legal issues is that of data breaches. This paper looks at the issue of data breaches by analyzing the case of Utah department of health in Europe. A data breach describes a situation where sensitive and confidential data gets to unauthorized people. It entails leakage of information for instance on financial status or personal health information. This is because the information in such cases, it involves sensitive information of patients and clients of businesses. Hackers broke onto the Utah information systems, therefore, getting access of some information of patients. According to records in the United States, over 227,000,000 records contain sensitive information of clients and patients between 2005 and 2008. There was a security breach of the above information in various businesses in the country. Medical data breaches in a business situation creates legal and ethical issue because it causes liability, hence, calls for some legal action to be taken by the relevant authorities. In this case, the business situation is clear in a health institution in the US. This particular case of data breaches indicates how the business failed to protect personal information of patients. The information got to wrong hands due to poor information systems in the health institution. The information systems in the health institution lack the aspect of encryption to protect such information. The institution was involved in data breaches by failing to protecting personal health information of patients secure. The law deals with such cases of unethical behavior and ethical issues according to the liability that such behaviors causes. Another example of a business situation of data breaches is the case of Sony Company in 2011. In this case, the company faced this breach with their product of play station network. This situation led to a compromise of more than 70 users of the network. Another business situation in the same year was that of Citigroup business. In this case, there was breach of data regarding credit card operation of most of their clients. Their personal account information regarding their credit cards was leaked to the public (Hutchins & Caiola, 2007). The result of this situation in the business is identity theft risk in the medical situation and other results like loss of jobs and closure of companies due the liability this action carries. Therefore, it attracts legal action by the law on the business. Research shows that such situations in the business environment are common due to absence of ethics and moral judgment when it comes to taking legal action. The business situation in this case shows lack of data privacy in the workplace environment as being the major results of ignoring ethics in the working environment. Establishing positive work environment encourages ethics with the aim of reducing unethical behavior in businesses. Analysis of the ethical concerns raised by the situation It is important to analyze the ethical concerns that the above business situation raises. This helps look at the impacts that the situation had on both the business and its clients and patients. The analysis also entails looking at the costs that data breaches imposes on the business and patients or clients. The analysis also entails factors impacting recovery in data breaches cases, specifically in the cases above. It helps in reducing the impacts of such breaches by avoiding leakage of data and information to the wrong people. This section looks at this analysis basing itself on the above business situation that clearly shows data breaches in the business (Photopoulos, 2008). It focuses on the major situation of medical institution in the United States and uses other minor cases like that of Citibank to explain further. Data breaches leads to the rise of costs for the business, which were unexpected. The costs rise in a bid to correct the mistake and rectify the fault in their information systems. There are other extra costs from such business situations like those of hiring lawyers because the law takes legal action in such cases. Data breaches cases also calls for recovering the data lost in the situation and preventing the information from spreading to more unauthorized users (Photopoulos, 2008). The case of Utah department of health in Europe raises some ethical concerns on how health institutions keep their health records. This case also raises the concern on the reliability of information systems of health instructions and how secure they are. It also raises ethical concerns on the security of all patient information in the servers of the institution. Configuration of such systems of Utah department of health was poor, therefore, making it easy for hackers to access confidential information. Legal issues regarding ethics in Europe allow the law to take action against data breaches in the country (Hutchins & Caiola, 2007). Ethical theories guide decision making process for businesses by providing a guideline on the ethics that health organizations should follow regarding data breaches. These theories are mostly applicable in the healthcare sector and their data keeping strategies to avoid data breaches. The first theory is that of consequentialism (Goldman & Kaufman, 2009). In this theory, ethics relate to the outcome and consequences of any act that the health care institution engages in its services. This theory ensures that healthcare centers work within a set of ethics. Such ethics should have a good outcome by ensuring that values such as happiness are achieved. This theory aims at increasing the manner in which ethics are exercised in a health care center for all individuals in such institutions. This entails following ethics regarding keeping personal data and information of patients in the health care centers. Another theory relating to ethics in health care institutions is that of deontology theory. This theory aims at focusing on the duties and rights of individuals in the sector. The theory mainly focuses on how key players in this sector adhere to their duties and obligations ethically. It means that their duties are guided by ethics in the heal care. For instance, this theory ensures that they adhere to ethics like confidentiality in personal information of patients (Sanbar, 2007). It helps avoid liability exposure of health care institutions. It does not base itself on the outcome, like the first theory above. The ethical outlook in this particular situation results to the best legal outcome for the health acre business. The first theory of consequantialism gives the best outlook in the case of data breaches in the above department of health in Europe. This is because the theory focuses on the outcome of actions that a health care institution undertakes. It offers a guideline such that the outcome meets ethics of the business. Disclosure requirements This section of the paper analyzes the relevant areas of law regarding data breaches in the health care sector in Europe. These laws regard security regulations of all data and information in the information systems of health care sector. It also looks at the application of a law in the above situation in the Utah department of health in Europe. The laws in this paper include the securities regulations and anti-trust law among others that relate to the above case of and anti-trust law among others that relate to the above case of Utah department. These laws are applicable in the above case, and this paper seeks to explain on areas where they are applicable. The business situation of data breaches in Utah department of health created liability exposures due to the unethical behavior (Sanbar, 2007). The liability comes as a result of the legal activity that relevant laws took on the health care department in Utah from the situation. Relevant laws that act as a guideline to health care regarding handling of personal information are the federal laws in the country. These laws are enacted to protect privacy legislation in various sectors in the country like the credit sector, health care, financial and government areas. Laws in the country ensure that the health care sector faces liability in case its information leaks to the public. These laws also ensure that the health care is liable to such mistakes that are unethical (Goldman & Kaufman, 2009). The securities authorities reduce the cases of unethical behaviors and carelessness in the sector, following the increasing cases of the mistake in the sector. It is also important to note that health care is liable for any leakage of personal information via the internet. This means that in case of hackers in their information systems, health cares are held responsibility. Laws regarding security of personal information require that health care institutions disclose all relevant information to the law implementing authorities. The disclosure requirements are usually stated during the signing of contracts between the health care institutions and the regulatory bodies. For instance, there is a new law in Europe regarding safety of confidential information requires such institutions handling such confidential information to enhance information security programs. The law also requires these institutions to inform clients of any data breaches early enough to avoid these liabilities. It requires all institutions in Europe collecting sensitive information to put appropriate measures to protect all the information from data breaches (Hutchins & Caiola, 2007). A good example of such laws in the country is the Security Act of 2006. This law guides all veterans’ affairs so that they are secure. This Act of 2006 was made to deal with data breaches by responding to all cases brought forward by both the institutions and clients. The regulatory bodies base their judgments on the Security Act of 2006 to respond to data breaches cases in the health care sectors. The Act is mostly applicable in the department of Veterans Affairs in the country. Another important law in Europe regarding data breaches is the Health Information Technology for Economic and Clinical Health Act of 2009. This Act came into place in August 2009 with the aim of providing notification for data breaches cases. According to section 13402 of the Act of 2009, all breaches of personal health information are illegal (Sanbar, 2007). Therefore, legal action is taken on such health care institutions that breach data of patients. This law includes such breaches occurring in the institutions on or after the enactment of the law. This law was enacted in September 20009, therefore, it takes legal action for all cases occurring on that date and after its enactment. The Federal Trade Commission in the country also enacted another section of the same Act. Section 13407 of the same Act was put in place with the aim of providing a notification to the patients in case of a breach of their data and information (Goldman & Kaufman, 2009). This section applies to all businesses in the health care sector that store their data in the web. This section in the Act notifies patients when their data is breached by their health care institution. The law ensures that all patients have information regarding their data in the institution so that in those cases, they are in a position to take legal action. The law also makes the institutions liable of their unethical behavior. It is essential for health care sectors to have insurance covers to take care of such liabilities arising from the above situations. Insurance covers make it easy for businesses to deal with legal actions and claims from its clients who take legal action against such breaches regarding data and information. (Photopoulos, 2008) Insurance covers should provide a large coverage so that the health care sectors work within the set laws by the government. Federal laws in the country guide the behavior of health care in terms of security of confidential information. The laws ensure that there is no liability by health care centers incase sensitive personal information leaks to the public. To protect data, one must first know where it is. An identity finder helps to locate sensitive data especially passwords and any other personal information that we may not want to be leaked. It is not safe to store delicate data on our personal computers as the information may be leaked. It is therefore necessary to delete sensitive information (Basta & Zgola, 2011) . This, should not be done just by dumping them in the computer`s trash bin as they may be retrieved as one pleases. A shredder may be used to discard information on papers. Password protection is not sufficient. One needs to protect the whole disk. One can even opt to store such information in hard disks or specific files in the computer, thus preventing having to go through a hard time to retrieve the information as this may cause loss of data. One may also employ security measures that prevent loss of data to evade accidental loss of sensitive information. People who have evil motives or those seeking to earn a living from sale of data end up stoking computers in a bid to find this data. This thus makes it vital for one to ensure that your data is safe from such hackers. To minimize data losses, one must consider all the available methods of curbing the delicate matter at hand. Some former employees may as well decide to gang up, get the very sensitive data of the institution and leak it in a bid to bring forth the destruction and thereafter failure of the company (Stevens, 2010). This thus further explains why an organization should ensure that it`s data is well and safely kept. Sensitive data must be kept safe by encryption. All disks and folders should be encrypted. It makes the process of decrypting an entire device easy. This enables a passphrase recovery incase one forgets the password. References Hutchins, J. P & Caiola, A. P. (2007). U.S Data breach notification law: state by state: America Bar Association. Goldman, P & Kaufman, H. (2009). Anti-fraud risk and control workbook: John Wiley & Sons. Stevens, G. (2010). Federal information security and data breach notification laws: DIANE Publishing. Sanbar, S. S. (2007). Legal medicine: American college of legal medicine: Elsevier Health Sciences. Douligeris, C & Serpanos, D. N. (2007). Network security: Current status and future directions: John Wiley & Sons. American Society for Healthcare Risk Management. (2001). Risk management handbook for health care organizations: John Wiley & Sons. Basta, A & Zgola, M. (2011). Database Security: Cengage Learning. Photopoulos, C. (2008): Managing catastrophic loss of sensitive data: a guide for IT and security professionals: Syngress. Jordan-Marsh, M. (2010). Health technology literacy: a transdiscplinary framework for consumer-oriented practice: Jones & Bartlett Publishers. Nermati, H. r. (2010). Pervasive information security and privacy developments: trends and advancements: Idea Group Inc. Read More