Playing by the Rules

Having efficient Information Technology Systems are key to maintaining good business practices and upholding the law. Many laws are set in place that protect the private information of consumers. But one of the flaws of Information Systems is that they sometimes have poor data security, as is reviewed in Chapter 6. It is important to have an information system that has strong data security because if consumer information gets leaked out, it could mean the downfall of a business. There are particular laws that hold firms directly accountable if data is not secured. The Sarbanes-Oxley Act of 2002 holds publicly traded companies accountable for maintaining control over their financial reporting. Companies must keep their infrastructure and processes against accounting errors and deceptive procedures. It is monumental that PCs are secure from unauthorized access and data interception.
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 sets standardized methods for the exchange, security, and confidentiality of health-care data. Strong firewalls need to be installed to protect data. Strong password policies need to be in place and data must be encrypted. The Gramm-Leach-Bliley Act (GLBA) of 1999 requires financial institutions to protect consumers’ nonpublic personal information. In many states, a business that divulges customers’ personal information must notifiy them of the breach, this is very costly and time consuming. The right network and data-security solutions can stop the theft of private data. This information is directly related to the problems that traditional database systems face, which was the topic of chapter 6. Data must be secure and information systems must have ways in order to maintain and ensure the utmost security. I enjoyed this article because it gave me new insight to all the laws around information systems. Not only is it ethical to protect private information, it is also the law.