Introduction
Technology ensures that information is easily accessible. Such easy access to information may be exploited by criminals by targeting businesses and customers. The customer information kept by a business must be protected for the sake of the business brand and its customers. The breach of customers' private details entrusted to a company may lead to hefty fines (Commissioner, 2004). According to Carey (2009), the importance of the customer data protection led to the formulation of the Data Protection Act. The Act was formulated to ensure that businesses protect the data they collect from customers by all possible means. To ensure customer privacy and data protection, the customer data protection must be thought of as a corporate social responsibility (Weber, 2010).
Ethical and Professional Responsibilities of the Bank
Every business must protect the customers' private data and information. Failure to protect such delicate information can be blamed solely on the business. The ABCXYZ bank in the scenario failed to protect its customers from hackers. The ethical approach for the bank would be to acknowledge the breach and its mistake even if it means huge compensations (Taherparvar et al., 2014). Admitting the security breach of a bank would be an ethical approach. For such an attack to occur, the bank must have known the breach but may have largely ignored it for the sake of expediency and saving cost. Ignoring the magnitude of the damage caused to the customers will not only be unethical but cost the bank more regarding fines from lawsuits.
To ensure prevention of a similar occurrence, it is the responsibility of the bank to invest more in the cybersecurity. The cybersecurity must be tamper proof and convincing to customers. The bank may need to identify the critical business functions; equipment and data that need to be restored first to ensure that the customer data at risk is protected first. The process may require the involvement of the customers as a way of increasing confidence and save face. It is, therefore, the responsibility of the bank to identify and prevent future risks where possible. This may be achieved by investing more in cyber security and customer data protection. The bank should educate staff about privacy issues to ensure a culture of security in the business. It is, therefore, the responsibility of the bank to restore and compensate the customers for any losses or damage caused due to the cyber breach (Idowu et al., 2013).
Code of Conduct and Professional Practice in Information Technology (IT)
The operation of specialists in various fields is guided by standard and rules often set by bodies tasked with maintaining balance and professionalism (Fisher, 2008). In the information technology industry, different bodies perform such functions, including The British Computer Society and Association of Information Technology Professionals (Peltier, 2016). The bodies operate under specific ethical codes to maintain professionalism. The CEO of ABCXYZ bank in the case study may have breached a number of the codes in his proposals during the management meeting.
Respecting the Interests of Customers
Respecting customers' interests form part of the IT code of ethics and professionalism. The code maintains that one should not falsify or conceal information for own benefit (Want et al., 2015). During the meeting in the case study, the CEO proposed that the company should falsify the leaked data. The fabrication directly goes against the code of ethics formulated by the IT body aimed at protecting the interests of the customers. The CEO's proposal to deny the magnitude of the breach does not reflect the interest of the customer but that of the bank. Even though the data had not been secured during the meeting in the study, the CEO proposed a false report indicating that customer data had been secured. The falsification of information proposed by the CEO goes against the IT code of conduct in the case study.
Breach of Data Protection Act
The proposal by the CEO to falsify data in the study is against the data protection act. The relevant acts include; provision of false or misleading information which is under section 20(2) and obstruction or failure to cooperate with an authorized officer as per Section 24 of the data protection act (Koops, 2014).
Comparison between ABCXYZ Bank and JPMorgan Chase Hacking incidents
In both scenarios, the hackers were not after customers' money which indicates a pattern in such cyber attacks on banks. Since the transfer of money from the customer account can be traced, the banks may prepare ahead of such attacks as by coming up with firewalls that focus on customer information other than financial records. While the ABCXYZ Bank top management panicked after the attacked and did not contact their customers, the JPMorgan Chase management assured their customers that their money was safe by directly contacting them (Goldstein., & Sanger, 2014).
The ABCXYZ Bank CEO proposed falsification of data and details of the attack. On the other hand, JPMorgan acknowledged the extent of the attack, quoting the type of data accessed and the number of households affected to be 83million (Goldstein., & Sanger, 2014). The level of honesty portrayed by JPMorgan in the article may have boosted customer confidence. JPMorgan also observed ethical standards and professionalism without breaching the data protection act as observed in the ABCXYZ Bank proposals.
The ABCXYZ Bank is stated to be under fire from the media, the public, and the regulatory bodies. The JPMorgan on the other hand though criticised by media for failing to protect the customer data, the blame is directed to the attackers by the authorities who appear to assist the institution to recover.
Conclusion
Customer data privacy is essential in any business. Without the proper checks in place to safeguard customer data, the customers are vulnerable and exposed to cyber attacks. Businesses must operate with caution, ethics and observe the data protection act when dealing with customer records. Transparency and honesty must be the basis of operation when handling customer data. Therefore, ABCXYZ Bank should not adopt proposals tabled by the CEO. By falsifying details of the breach, the proposals do not observe business ethics and professionalism and go against data protection acts.
References
Carey, P. (2009). Data protection: a practical guide to UK and EU law. Oxford University Press, Inc.
Commissioner, D. P. (2004). Data Protection Acts 1988 and 2003: A Guide For Data Controllers. Dublin: Office of the Data Protection Commissioner.
Fisher, C. B. (2008). Decoding the ethics code: A practical guide for psychologists. Sage Publications.
Goldstein, M., Perlroth, N. and Sanger, D.E. (2014) 'Hackers' attack cracked 10 financial firms in major assault', The New York Times, 3 October. Available at: https://dealbook.nytimes.com/2014/10/03/hackers-attack-cracked-10-banks-in-major- assault/?mcubz=0 (Accessed 17 August 2017).
Idowu, S. O., Capaldi, N., Zu, L., & Gupta, A. D. (2013). Encyclopedia of corporate social responsibility (Vol. 21). New York: Springer.
Koops, B. J. (2014). The trouble with European data protection law. International Data Privacy Law, 4(4), 250-261.
Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards: guidelines for effective information security management. Auerbach Publications.
Taherparvar, N., Esmaeilpour, R., & Dostar, M. (2014). Customer knowledge management, innovation capability and business performance: A case study of the banking industry. Journal of knowledge management, 18(3), 591-610.
Want, R., Schilit, B. N., & Jenson, S. (2015). Enabling the internet of things. Computer, 48(1), 28-35.
Weber, R. H. (2010). Internet of Things-New security and privacy challenges. Computer law & security review, 26(1), 23-30.
Cite this page
Paper Example on Intellectual Property Standards. (2022, Jul 11). Retrieved from https://proessays.net/essays/paper-example-on-intellectual-property-standards
If you are the original author of this essay and no longer wish to have it published on the ProEssays website, please click below to request its removal:
- Research Paper Example: Correctional System of the U.S. and Germany
- Paper Sample on the Right to Bear Arms - Second Amendment
- Essay Sample on Segregation and Activism
- Gun Laws in United States Essay
- Chapter Analisys of the Book on Criminological Theory Paper Example
- Arrest Disregarding the Need for Quantum of Information Paper Example
- Essay on Reforming the American Juvenile System: Economic, Social, and Racial Discrepancies