You should address the following questions in your report and add any further information you may think is appropriate to complete Task 1.
- Map each paragraph of the ABC IT Company Policy statement to 1 or more of the 10 National Privacy Principles (NPPs).
- Does this policy comply with the "10 Steps to Protecting Other People's Personal Information" as outlined by the Office of the Privacy Commissioner Explain why or why not.
- What alterations or additions would you make to this policy
- What suggestions do you have for ways that new work practices, resulting from the policy update, could be implemented
Submit a copy of this new procedure to your manager.
Implement the new work procedure that you created in Task 2 as a trial to collect personal information from at least three clients.
Create and submit a report (minimum 300 words) to your manager outlining the results of your trial. You should address any information integrity, confidentiality, system security and availability issues identified in the work practices identified during your trial. You may also include any other relevant information you feel is appropriate to complete this task.
Locate a relevant industry code of ethics and deliver a short 5 minutes’ presentation to the team (your class) that discusses one or more of the practices listed in the code. Your presentation must provide two examples of situations in which the ethical practice would apply.
- Develop a new ethical work procedure to implement one principle or a value from any relevant industry code of ethics or code of professional conduct followed within the IT industry. Present and explain this procedure to your manager (Trainer) and team (your class) to obtain feedback on the procedure ensuring application of the code.
- Review the procedure taking into account the feedback provided by your manager and team to create an updated version of the procedure.
Submit the final version of the new ethical work procedure to your Manager.
New Work Procedures and Data Collection Tools
ABC IT Company Policy statement
National Privacy Principles (NPPs)
What Data Do We Collect?
NPP 1: Collection
NPP 10: sensitive information
When Do We Destroy The Data We Collect?
NPP 2: Use and disclosure
How Do We Store The Data We Collect?
NPP 9: transborder data flows
How Do We Protect The Information We Store?
NPPs 3-4 information quality and security
Who Do We Disclose Information To?
NPP 2: use and disclosure
What ABC IT Company Must Do
NPPs 3-4: Information quality and security
NPP 5: Openness
The Responsibilities of ABC IT Company Employees
NPP 6: access and correction
NPP 1: collection
NPP 8: anonymity
No this policy does not comply with all the 10 steps. This policy comply with only 9 steps which are mentioned in the "10 Steps to Protecting Other People's Personal Information" as there is not any designated person in the company who can be responsible for privacy. So, this policy violates the last step stated in "10 Steps to Protecting Other People's Personal Information".
I would like to assign an individual who knows and understand organizational responsibilities under the Privacy Act. And who take responsibilities for privacy of the users who are involved in the transactions and engaged in several activities with the organization. This will result in complying the policy completely with "10 Steps to Protecting Other People's Personal Information".
In order to ensure continue success it is the need that all different departments work together and communication is to be made in order to discuss whether processes of business is fulfilling compliance requirements or not.
Encouraging people of different departments regularly, to brainstorm about hypothetical ways of compromising information.
Privacies are inexorably linked to securities. A breach is considered to be in compromise position for the company. It is important to eliminate the potential to jeopardize the protected information.
Automating internal control measures where possible is a good way to enforce consistency within them. Within elimination I will eliminate or minimise the human error and loss of documentation.
new work procedures and data collection tool for collecting personal information from clients are
Order forms let customers order specific product or service that ABC IT Company is unable to supply at the moment which will be a better way to collect information about the customer. Filling pre-order forms can be seen as the commitment by the customer that he or she will buy the product and they will often pre-pay for it.
Industry Code of Ethics
Special cards named under feedback card can be used to collect information about a customer. Asking for feedback on specific topic of the ABC IT Company and leave it open-ended to allow customers to feed their suggestions anytime as a suggestion box. And at the back there will be a form requesting for the personal information of the customer.
Personal website of the company can also be used as a medium to collect personal information of a customer. This should be safely protected from unauthorized access and updated servers should be used by the website by the programmer and it should be properly encrypted.
- Direct collection of personal information
Notice should be given at the beginning of the process on the form used to collect information, specifying the ways in which their information will be used, legal authority for the collection and an individual who will be answerable to all the questions asked about collection of the personal information. The notification was done in writing at a small box in the card itself. A verbal notification was also done by the ABC IT Company name followed up with a written notification to the person(s) concerned.
During the collection of information about an individual from other sources in the name of ABC IT Company it is necessary to obtain first written authorization from that individual but verbal confirmation was not confirmed unless finding a documented confirmation by the individual to collect his or her personal information from that other source. The source was mentioned in the documented file including the purpose and authority for the collection from that source only.
According to the section 39 (1) of the freedom of information and protection of Privacy Act we can also collect the personal information of an individual without any prior written authorization. It can be collected by organizing honour or award functions that include scholarship, prize and many more ceremonies related to the applicable situation. A proceeding before a quasi-judicial tribunal or court or any judicial. Another way is to collecting information from the places where debts are paid or fine paid or payments are made. Another method that was applicable according to these acts was that method of collection is authorized by different statues or Information and Privacy Commissioners.
The requirement for powerful code of ethics in the working environment approaches and methodology has never been more critical in the present evolving work environment. This is driven by changes to enactment, control and codes of training. For instance the current changes to modern relations enactment and the move to a national framework have brought about the rise of work environment issues. Following is the structure of the ethical work procedure for implementing one principle value.
The use of good standards, guidelines of conduct, or set of qualities with respect to legitimate lead in the work environment as people and in a gathering setting.A Code of Conduct sets principles of moral direct and Work environment conduct that must be clung to and can be added to or altered as required. It can incorporate issues, for example, individual and expert obligations and accountabilities in managing With staff, partners and clients.
Morals applies to any connection between the accompanying people Communication is key among the management, workers, and clients with the goal for regard to be stretched out to every individual inside the association, and advance connections that depend on trustworthiness and honesty.
It is expected from everybody at the institution to watch the most astounding measures of honesty and integrity, and to act with mind, constancy and reasonableness in everything they do. As the association is focused on conveying reliably elevated requirements of in the individual field, and we just work with those outsiders who grasp exclusive requirements of moral conduct that are predictable with the organizations its own.
The main objective of the procedure is to ensure that employees having any grievance that is related to their employment can have a way in which they can help to resolve grievances as fairly and as quickly possible.On the off chance that any employees have a grievance about their employability in the organization they ought to examine it and talk about it with an immediate supervisor in the hierarchy. At this stage majority of the concerns will be settled.
In the event that the employee feels that the issue has not been settled through discussions with the immediate supervisor, they should carefully record their grievance in written form to an immediate authority in the hierarchy.
If the grievance is not resolved Inside 5 working days timeframe the boss will respond to the issue, in written, for resolving the issue, asking the employees to go to a meeting where the claimed grievance can be talked about. This meeting ought to be planned to occur at the earliest opportunity and typically 5 working days’ notice of this meeting will be given to the employee and they will be informed of their entitlement or rights to be accompanied with.
Employees must find a way to attend the meeting, yet in the event that for any unexpected reason the employee cannot attend the meeting must be reworked and rearranged as soon as possible.If after this stage the issue is not made plans to the employee’s fulfilment they should set out their grounds of appeal in writing inside 3 working days of receipt of the decision letter.Inside 2 working days of accepting a decision letter, the employees ought to get a written letter inviting them to appeal meeting.
Client Information Confidentiality, Security, and Availability
The code encourages the students and the staff to avoid participating in conduct that is seen to be undermining or scaring or makes any individual dread for their own security or prosperity. Respect that NIT is a multicultural situation and wear humble clothing consistently while going to NIT. Respect the privileges of others to express perspectives and conclusions and not participate in conduct that might be sensibly thought to be indecent or hostile to others Avoid taking part in conduct that is unlawful, biased, bugging, or harassing. Provision of a composed cautioning. Requiring the understudy to resubmit the culpable work (scholarly wrongdoing) Awarding a "Not Yet Satisfactory" review for the work submitted or "Not Yet Competent" for the whole unit in which the wrongdoing happened (scholarly unfortunate behaviour).
Deferring, suspending or wiping out the understudy's enlistment. For the students it is Undertake all required arrangement for classes, for example, readings , Not take part in any learning action, for example, instructional exercises or research facility classes, while affected by liquor or different medications, Wear the suitable uniform and Personal Protective Equipment (PPE)when required. Attend all classes routinely and dependably with the exception of when anticipated by ailment or other caring or convincing conditions. On account of ailment, a restorative endorsement must be provided.
Actively take an interest in the learning procedure. Attend booked course exercises and submit evaluation assignments on time, unless unexpected or excellent conditions emerge. Comply with the best possible utilization of copyright materials. Ensure that scholarly exercises are directed securely and don't put others in danger of damage. Avoid practices which in any capacity weaken the sensible opportunity of different people to seek after their examinations, work or look into or to take an interest
ABC IT Company must abide by the Privacy Act of 1988.
As a company, ABC IT Company must ensure that the information we store is accurate and up to date. If information is found to be incorrect, we must rectify this within a reasonable period of time.
We must only store information that is relevant to our business dealings with the Client, Sub Contractor, Supplier or Employee.
We must adequately protect the privacy of our Clients, employees, Suppliers and Sub Contractors. This includes appropriate IT infrastructure, internal security measures and training for our staff.
We must disclose to any Client, sub contactor, Employee or Supplier the information that we hold about them.
ABC IT Company must make this Policy available to anyone who asks for it.
We must disclose to whom we supply information, and specify what information has been provided to third parties. This must be approved by the Client, Employee, Sub Contractor or Supplier to whom the information applies.
To export a reference to this article please select a referencing stye below:
[Accessed 07 December 2023].