Business Continuity Planning Essay

Submitted By ousamaz18
Words: 1931
Pages: 8

P3.1 -DATA PROTECTION
TASK 1 - PRODUCE A REPORT DESCRIBING THE
RISKS AND THE MEASURES EMPLOYEES/EMPLOYERS
NEED TO CONSIDER WHEN DEALING WITHIN DATA
HELD

Legal issuesData protection ActData protection act is a Law created to protect information and data as During the second half of the
20th century many businesses, government and organisations started using computers to keep information about their customers as well as employees on either spreadsheets or databases. Some of the information they started taking record of were for example, Name, Address as well as Contact details and many more. As there is a growing number amount of companies doing this this has been seen as a target from many hackers and thieves as they seek to steal information from the database for example getting somebody's credit card details in order to steal their money and commit fraud.
Freedom of Information Act 2000
The Freedom of Information Act 2000 allows access to the members of the public with request
It is done in two way’s:
Public authorities have the power to publish certain information about their activities; and
members of the public are allowed to request information from public authorities.
Copyright considerations: The copyright normally is owned by to the author but can be given to someone else or to a company provided there is written agreement between the researcher and when it was given away. As well as this it must also include where the research has been sponsored or part by an institute or company which has asked or requested of use of whatever is owned by another party . If an institution employs the founder of the work or the creator during work means the copyright automatically belongs to the employer unless there has been a contract signed by both groups stating opposite. In this situation you would need to obtain permission of the copyright holder.


Legal issues:

Risks of dealing with employees data.
Theft
There are a number of attacks that are carried out which is targeted towards businesses or major firms which holds the data of potentially thousands of employers which could land them an incredible amount of money and confidential data. Most data breaches are reported by colleges and universities as a result of theft. swell as this reports have also found that a lot of hackers or thieves tend to be Former employees or people work on the inside but are working with a group of others to ensure they are successful They try to make money from the sale of the data held and will look for other stored on hard drives, and laptops as well as local storage. Institute. Employers have to be sure of the security available when taking peoples personal data because it could result in legal issues and end up being sued therefore losing a lot of money because of lacking security for employees
Loss
Backup tapes or paper files being misplaced on their way to a storage facility, or laptops left behind at airports or in taxis, are common ways data can end up in the hands of unauthorized people.
Neglect
When old computers or hard drives are sold or recycled, the information contained on them might be deleted, but if not properly removed , that data can be retrieved by anyone with just a few cheap tools.
Additionally, leaving data on media that is not protected with a strong password or with encryption leaves it vulnerable to a hacker or thief. This also applies to paper files, which should be rid using a shredder or a recycling service that ensures proper disposal.
Insecure Practices
Collecting, storing, sending, encrypting, finding and removing data may all have problems for its safety.
Those who are handling sensitive data, may find they are doing one or more of these activities. If proper safety procedures are not taken, data exposure could be the result. For example, breaches of confidential data stored in folders able to access through the Internet, such as through file sharing software.



Ethical Issues
Examples of ethical