Home   MosaicPresentation format
<http://cnfolio.com/TechnologyManagementCase01Sample>
Management and the Technology Professional – B302

The cost of protecting personal data




Following is a sample answer for this case study:

The action which caused the most consequential damage was the HMRC employee who decided to combine data privacy and security issues with the main audit issues. This action is likely to also be the root of the problem. The HMRC employee seemed to be familiar with the issues and decisions involved with the main audit process. However, when he unintentionally included data privacy and security issues into the audit process, he made a significant mistake in placing the value of saving money (not removing the extra fields) above the potential risks of transmitting unnecessary personal information between offices.

Unfortunately, this kind of mistake is very common and very easy to fall into. During daily working situations, many people are often asked to take actions in which they are not familiar with the decision process. Additionally, many people often do not have enough information to make accurate assessments of the potential risks involved with data privacy and security issues. Organizations could reduce the possibility of a problem such as this HRMC case study by raising the importance and encouraging all employees to identify data privacy and security issues that may occur during daily work situations. Issues that have been identified should be evaluated, and referred if necessary, by the relevant staff and with any relevant information.

I often find it helpful to be aware of different decision processes within the same task or project. There may be conflicts between objectives of different types of activities. Additionally, different corporate policies and professional codes may apply to different types of activities. In the case study, the audit objective is not necessarily compatible with the data privacy objective. Similarly, staff involved with the audit process may not be familiar with the requirements of the Data Protection Act.

As the use of personal data continues to spread throughout government and business, it becomes more important for each employee to recognize possible data privacy and security issues and take the initiative to effectively handle such issues.

(330 words)