Unit 1 LO3
3.1: Explain why security and confidentiality are important in a business environment?
Every workplace must ensure and enforce the security and confidentiality of its information assets among its employees, clients, and other business partnerships. These assets may refer to information processed in the back office: business process outsourcing, recruitment, compensation, employee management, and other processes, or information delivered in the front office: client transactions, partnership deals, and contact information (Security atters, 2016). The reality is, the global marketplace is a highly competitive plane where knowledge is the key to industry wins and losses. Information is power, and harnessing that power in the 21st century is security and confidentiality (Security matters, 2016).
Customer data are held in the computer system (s) between the boots store (s) involved in customer care and any paperwork relevant to the provision of pharmacy services to customers. Customer data are also managed by the system and support networks in your care-related boots – for example, if customers provide boots.com or Boots customer care information. Customer data can be backed up or stored in professionally managed, professionally managed, secure data storage facilities in the UK, which are monitored for 24 hours, 365 days a year. The security arrangements are consistent with NHS requirements for customer data protection (Boots, 2018).
Security plays a significant role in different ways. It improves efficiencies in the use of human and financial resources to achieve program objectives and improve projections of human and financial resources for disease programs and specific projects. It improves opportunities to inform providers and customers and employees about standards of care and needs for additional care and enhances the quality of surveillance data across programs. This improves documentation and reporting of co-morbidities, leading to better customer and employee management and partner services Better understanding of customers’ and employees’ health status to ensure comprehensive care and avoid redundant services and missed opportunities for prevention. It also helps in the identification of specific populations that need outreach with consistent messages and targeted testing and service provision
Confidentiality is also important. To avoid fraud and identity theft, the HR department stores and protects employee information. This covers employees’ social security numbers, personal contact information (home address, phone numbers, and email address), family/background information, etc. Not all information kept confidential is for the sake of preventing something illegal from happening. Sometimes, information is kept confidential in the workplace, like management information, to prevent detriment to the morale of employees. Disclosing issues of terminations, disciplinary actions, and employee misconduct are counterproductive and can be dealt with by the employee/s involved and HR. While there is sensitive information, such as financial data, business plans, customer and supplier lists, and other records on the processes and manufacturing methods and processes, that are kept from the public eye, especially from competitors.
Our Recommended Resources:
Business information, or “trade secrets”, is protected through confidentiality agreements because if these secrets are leaked, you are losing your competitive edge. With data theft on the rise, ensure that there are appropriate access, usage, and information-distribution policies set in place and enforced in the workplace. Be aware of the most common causes of data theft and breach: weak security controls, hacking, loss or theft of devices, and OS vulnerabilities. Increase the level of awareness in the workplace of the effects and threats to information security.
3.2: Explain the Possible consequences of failing to maintain security and confidentiality in line with requirements.
When an organization fails to protect information on its employees, management, and business, a varied number of unfavorable consequences can occur (Security matters, 2016). Denial of service attacks come in different forms and may target anything from a specific business website to entire hosting services. In essence, denials of service attacks aim to overload the ability of a server or multiple servers to process traffic, making it impossible for customers to access the business website. The attacks can cost businesses in a number of ways. The business suffers the direct financial loss of customers not able to make purchases. Such actions also undermine customers’ trust in business, as the inability to access the business website suggests a lack of professionalism (Dontigney, 2018).
Failure to protect our clients’ confidential information and privacy could harm our reputation, cause us to lose customers, reduce our profitability and subject us to fines, litigation, and penalties, and the costs of compliance with privacy and security laws could adversely affect our business (Dontigney, 2018). Unfortunately, data breaches often stem from internal fraud, which means the business should employ strict limits on the number of people with user access to databases, as well as physical security measures to limit access to the machines holding the information. Failure to provide adequate security to private data can open up a business to civil litigation and governmental fines.
Boost’s information technology systems are vulnerable to threats from computer viruses, natural disasters, unauthorized access, cyber-attack, and other similar disruptions. Although it has network security measures in place, experienced computer programmers and hackers may be able to penetrate our network and misappropriate or compromise confidential information, create system disruptions or cause shutdowns. As an insurer, it receives and is required to protect confidential information from customers, vendors, and other third parties that may include personal health or financial information (Assurant, 2018).
If any disruption or security breach results in a loss or damage to our data, or inappropriate disclosure of its confidential information or that of others, it could damage our reputation, affect its relationships with customers and clients, lead to claims against the Company, result in regulatory action and harm our business. In addition, it may be required to incur significant costs to mitigate the damage caused by any security breach or to protect against future damage. If Boots fail to comply with state and federal privacy and security laws and regulations, or contractual provisions, requiring us to protect confidential information and provide notice to individuals whose information is improperly disclosed, it could experience adverse consequences, including loss of customers and related revenue, regulatory problems (including fines and penalties), harm to our reputation and civil litigation, which could adversely affect our business and results of operations.