Company Evaluation of Ethical and Legal Obligations

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

315

Subject

Law

Date

Jan 9, 2024

Type

docx

Pages

7

Uploaded by BarristerThunder11980

Report
Company Evaluation of Ethical and Legal Obligations Evaluation Performed by Alana Aldridge for Clare Applewood Introduction This evaluation is being performed due to the concerns of the company's owner, Clare Applewood, to understand if this company has an ethical and/or legal obligation to report a customer data breach to the customers and recommend a course of action. Definitions Ethics : the study and practice of decisions about what is good or right. Business ethics : the application of ethics to the special problems and opportunities experienced by businesspeople. Social responsibility of a business : the expectations the community imposes on firms doing business within its borders. (*) This means that this is a link to an electronic PDF that can be found online.
Ethics and the law Meeting legal requirements is the minimum standard for a business to be considered ethical. Ethics helps to guide the law, while business ethics helps guide decisions within firms. Law and business ethics are interactive systems – informing and assessing each other. Social responsibility can be thought of as a business's obligation to society. In contrast, business ethics is considered a conscience that focuses on what benefits the business. Analysis The circumstances that have transpired and caused the need for an evaluation of ethical and legal obligations are that there was a database breach of Mountain Top View’s customer information database. The data in question is the information of customers who purchased products online during Q1. This information included the customers’ names, addresses, and phone numbers. This data breach was revealed by the company’s Information Technology Lead, Steve. Once the hack was discovered, Steve promptly corrected the faulty code that brought the hack about and was confident that the information was secure. Steve did not report this data breach to anyone else in the company. The data breach was disclosed by Steve in the company breakroom and was overheard by the Business Operations Overseer, Carlos Rodriguez. Carlos then inquired why Steve did not report the data breach to anyone within the company. Steve responded by explaining how he quickly fixed the code and did not believe the information accessed was very important. (*) This means that this is a link to an electronic PDF that can be found online.
Ethical and Legal Issues There are several ethical and legal issues involved in this situation. Some of the problems involved are: There is legislation requiring notification of security breaches involving personal information in all states, Puerto Rico, and the Virgin Islands. It is illegal not to notify customers of a breach of information. There could be a loss of trust between the employer and the employee. There could be a loss of trust between the customer and the business. False advertising due to their claim. “We are committed to keeping customer information secure and protected.” There could be a social responsibility to provide extra information security services to those affected by the data breach. Affected Parties 1. The customer: The customer is the most critical stakeholder because their information was the data the hacker collected. 2. Clare Applewood: The company's owner is the next most crucial stakeholder involved because they are ultimately held responsible for the incident and any damage that occurs due to the data breach. 3. Steve: This employee was not trained sufficiently in what procedures to follow if there is a data breach. This employee can also be held responsible for any damage that occurred because of his negligence in not reporting the incident due to his lack of concern for customers’ rights. (*) This means that this is a link to an electronic PDF that can be found online.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Recommendation This recommendation considers the guide from the Federal Trade Commission, or FTC, on responding to a data breach. First, law enforcement should be notified of this data breach to ensure the company complies with all state and federal laws and regulations. Then, a team of experts should be brought in to examine the company’s data storage and coding to ensure there will not be another data breach. While the one employee did do their own investigations into the breach, there should be a second opinion from a senior analyst. There should also be a meeting with legal counsel. This legal counsel will be beneficial for all the stakeholders involved. An interview between the employee who discovered the breach and the employer facilitated by a Human Resources representative should be conducted. From this, a comprehensive plan should be created and sent out to all employees to provide instructions if a situation like this should arise again. Once the company and the employees have been given clear instructions, all affected customers should be notified of the data breach. The company should provide resources and monitoring services to those affected by the breach. If any customers could not be informed through normal channels, public attention should be brought to the incident to allow all customers to receive support from the company. There will be a link to where to find state and federal laws on reporting a data breach in the references section. (*) This means that this is a link to an electronic PDF that can be found online.
Explanation of Recommendation This recommendation has been thoroughly and carefully constructed to advise this company legally and ethically on proceeding after a data breach. “ The Economist , in a report sponsored by Cisco, HP, Qualcomm, and SAS ( http://graphics.eiu.com/upload/Corporate_Citizens.pdf )*, presented a clear case that most of the over 500 top American business executives who were interviewed for the report believe that being a good corporate citizen is consistent with the profit motive. The report listed four factors that executives believe are essential for profits and corporate citizenship to function as partners: leadership at all levels, employee engagement, rigorous measurement of achievements, and public-private partnerships.” (Kubasek, 2022) This quote shows that informing different entities according to laws and in a socially responsible way can benefit a company, its consumers, and other stakeholders. So, as a business, it is beneficial to follow a recommendation such as this or one closely related to this for the best results after a data breach. (*) This means that this is a link to an electronic PDF that can be found online.
Conclusion There have been many advances in technology that have affected the business world of today. Many of these advances have been incredibly beneficial to businesses and the economy. These many technological advancements for businesses also have legal and ethical implications. Some legal ones include data and privacy protections, intellectual property rights, and cyber security laws. If a business does not abide by the laws and regulations that pertain to these different issues, they could be forced to pay hefty fines or even serve jail time. Some of the ethical implications include handling and collecting data, using AI and system automation that can affect many individuals' employment, and giving equal access to anyone regardless of their social status. In conclusion to the analysis and recommendation of this situation, numerous benefits and issues can arise from using technology and should be addressed responsibly. References FTC (n.d.). Data Breach Response: A Guide for Business. Federal Trade Commission. https://www.ftc.gov/business-guidance/resources/data-breach-response-guide-business Kubasek, N., Browne, M. N., Dhooge, L. J., Herron, D. J., & Barkacs, L. L. (2023). Dynamic Business Law (5th ed., pp. 16-39). McGraw Hill LLC. https://prod.reader- ui.prod.mheducation.com/epub/sn_8133c/data-uuid-f0b97567b80045488515db800b422eee (*) This means that this is a link to an electronic PDF that can be found online.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
NCSL (2022, January 17). Security Breach Notification Laws. National Conference of State Legislatures. https://www.ncsl.org/technology-and-communication/security-breach-notification- laws (*) This means that this is a link to an electronic PDF that can be found online.

Related Documents

Case Summary 7.5_ Pepsi-Cola Co. v. Steak ‘N Shake, Inc.,.docx
TLAW603 Mid Sem Exam Answer Sheet T22023.docx
D167F2AD-2874-4FA8-A36B-B4545B8B3C72.jpeg
F7333325-1990-4BE8-96F3-4D5082C4EC37.jpeg
DQ-6_Wk-11 11.3.23 .docx
AJ-161_Discussion Post #8 Wk-14.docx
10.docx
Chapter 2Review Quiz.docx
Merchant Memo Rule Question (1).docx
7-3 Article Analysis Downsizing.docx
afternoon midtermA.doc
For this discussion.docx