Unit 1 LO3
Security and confidentiality in the business environment are vital issues for achieving organizational aims. In the first section, the significance of security and confidentiality in the business environment of Greggs plc is described. Besides possible consequences of failing to maintain security and confidentiality in line with the requirements of Greggs plc are explained. In the next section, a risk at Greggs plc with its source is identified, and the effect of this risk is assessed. Also minimizing the way the impact of risk likelihood is identified.
3.1: Explain why security and confidentiality are important in a business environment?
Greggs plc is the largest bakery chain in the United Kingdom. It specializes in savory products such as pasties, sausage rolls, and sandwiches, and sweet items including doughnuts and vanilla slices. It is headquartered in Newcastle upon Tyne. The strong security maintained in Greggs plc often reduces the likelihood of threats. Security in the Greggs plc is also important because it may reassure employees and make them feel safe with extra protection while entering and exiting the facility.
Importance of Security at Work
According to Greggs plc (2018), the facility’s solution for Greggs proposed a number of IP cameras, for each branch, a comprehensive recording and information portal with a full support and maintenance program based on an assessment of individual shops and wider group requirements. The Retail Loss Prevention Manager for Greggs explains: “facility was the only company to put an IP proposal together initially and they immediately saw that it was the more flexible, future-proofed system as they clearly understood their requirements and the demands of the system. Not only did it offer better picture quality and remote access, but also an improved payback through several other potential operational benefits.” ifacility’s personal approach also made an impression: “iFacility was very professional from start to finish, e.g.
they quickly reassured their IT department that the IP solution integrated seamlessly with their existing infrastructure, with straightforward installation and acceptable IT security controls (iFacility, 2018). They were also impressed by their ability to coordinate an efficient supply chain, including an experienced hardware supplier, distributor, and installation team.” The benefits of a standardized centrally controlled CCTV system were considered. The Retail Loss Prevention Manager explains: “A unified system is a key to deterring potential criminals, providing Police with valuable post-incident evidence and incentivizing good internal controls and best practice. With this in mind, they contacted a number of suppliers, asking them to put together a proposal.”
Our Recommended Resources:
Importance of Confidentiality at Work
Confidentiality is the protection of personal information. Confidentiality means keeping a client’s information between the company and the client, and not telling others including co-workers, friends, family, etc. (Condon, 2018).
Confidentiality is important for several reasons. One of the most important elements of confidentiality is that it helps to build and develop trust. It potentially allows for the free flow of information between the client and worker and acknowledges that a client’s personal life and all the issues and problems that they have to belong to them.
One of the major purposes for obtaining a client’s consent before speaking to a third party (such as another agency or a family member/career) is to protect the confidentiality and privacy of the client. Informed consent (obtaining personal information with the formal permission of the client or a person who has the legal authority to provide permission on behalf of the client) is considered essential in maintaining the privacy of the client.
It is important to keep its clients’ business as just that – their business. Greggs plc should only discuss matters relating to its clients’ business with co-workers, and then only what needs to be discussed. Discussions should take place in the workplace and not be audible to other members of staff or the general public. Greggs plc should never discuss clients’ business with family or friends (Condon, 2018).
3.2: Explain the possible consequences of failing to maintain security and confidentiality in line with requirements.
According to Vickers (2018), failure to properly secure and protect confidential business information can lead to the loss of business/clients. In the wrong hands, confidential information can be misused to commit illegal activity (e.g., fraud or discrimination), which can, in turn, result in costly lawsuits for the employer including Greggs plc.
Consequences of failing to maintain confidentiality
The consequences of breaching confidentiality in the workplace can include:
- Termination – Even if anyone has an employment contract, it is likely that a breach of confidentiality also constitutes a breach of his/her employment contract.
- In almost all circumstances, Greggs plc will be well within his legal rights to fire anyone if he/she breached the confidentiality of Greggs plc.
- Greggs plc can also sue an employee for breach of confidentiality, and if successful at trial, Greggs plc can obtain monetary damages from the employee.
- In extreme circumstances, a breach of confidentiality can result in criminal charges against the employee.
- A breach of confidentiality may constitute theft of the proprietary information or intellectual property of Greggs plc.
- From a long-term perspective, a breach of confidentiality can permanently tarnish an employee’s reputation.
Consequences of failing to maintain security
According to Vickers (2014), when a business or organization is responsible for the care and collection of citizens’ private data, security, and care must be exercised above all else. Personal information has the potential to provide critical attention to a person, but it can also ruin someone’s life, including the reputation and future successes of a company or organization. With so much personal information on the line, specific rules and regulations have been established to ensure the safe-keeping of sensitive data.
Companies that fail to comply can find themselves in financial, legal, and image ruins. Failing to comply with security compliance regulations may be the result of deliberate inattentiveness, failure to establish a cohesive security plan, or simply, human error. Whatever the reason for failing to abide by the rules, the consequences are the same; ignorance and forgetfulness do not inspire leniency.
Steps for better security
· Although they put technical and organizational security procedures in place to keep his/her information secure, customers are advised to remember that the internet is not always a secure medium. If customers are unsure about submitting any information to us, please contact us by telephone, fax, or post instead. Their contact details are set out in the “Contact Us” section of the Website.
· Greggs plc reserves the right to pass any or all of his/her personal information to the police or any other relevant body for the purposes of crime detection or prevention.
Steps for better protect confidentiality?
Develop written confidentiality policies and procedures: Every business/organization should have a written confidentiality policy (typically in its employee handbook) describing both the type of information considered confidential and the procedures employees must follow for protecting confidential information. At the very least, we recommend employers adopt the following procedures for protecting confidential information:
- Separate folders should be kept for both form I-9s and employee medical information.
- All confidential documents should be stored in locked file cabinets or rooms accessible only to those who have a business “need-to-know.”
- All electronic confidential information should be protected via firewalls, encryption, and passwords.
- Employees should clear their desks of any confidential information before going home at the end of the day.
- Employees should refrain from leaving confidential information visible on their computer monitors when they leave their work stations. All confidential information, whether contained on written documents or electronically, should be marked as “confidential.”