You are on page 1of 8

Running head: CASE STUDY ANALYSIS 1

Case Study Analysis

Stacy Moore

Purdue Global University

IT590: Legal and Ethical Issues in IT

April 23, 2019


CASE STUDY ANALYSIS 2

Table of Contents
Stakeholders ................................................................................................................................................. 3
Risks, Issues, Problems, & Consequences ..................................................................................................... 3
Benefits ......................................................................................................................................................... 4
Responsibilities ............................................................................................................................................. 5
Stakeholder’s Rights...................................................................................................................................... 5
Impact ............................................................................................................ Error! Bookmark not defined.
ACM/IEEE Codes ........................................................................................................................................... 6
Options .......................................................................................................................................................... 6
Suggestion ...................................................................................................... Error! Bookmark not defined.
References .................................................................................................................................................... 8
CASE STUDY ANALYSIS 3

Case Study Analysis

Stakeholders

The organization’s stakeholders are considered to be the life blood of the company. A

stakeholder could consist of anyone who deems interested in the business, especially if they are

financially invested. These stakeholders may have an important role to play whenever deciding

upon a major decision for the company, or they may not have enough sway to make a difference.

Whichever the case may be, anytime something fails or bad happens within a company, the

stakeholders are one of the first contacts to know. Considering, stakeholders can be affected by

the results, costs, loss, or simply lack of involvement. The stakeholders involved in this case

study consist of the employees who accessed the records using the loophole, those employees

who their personnel records were exposed, human resource department, and the technology

department.(Issues, n.d.)

Risks, Issues, Problems, & Consequences

Many risks are involved whenever managing and maintaining an information technology

department. Risks are especially imminent, whenever the Human Resources system is housed

onsite. Considering, whenever the system and its security is held onsite, that leaves the

Information Technology department responsible for the entire system. Another consideration as

discussed by Foxall, “Another risk beyond simple data loss or theft is the fact that once

information is mislaid, you may be subject to legal action from the employee whose data it

was.”(Foxall, 2018). Sadly, an Information Technology department is not always able to

maintain and support such a system.


CASE STUDY ANALYSIS 4

Firstly, a deeper look into the difference between the definitions of an issue and a

problem, as they both seem similar but can be very different as well. An issue is described as an

important subject or problem that is up for debate. Whereas, a problem is defined as an

unwelcomed matter that must be dealt with. Issues and problems can be catastrophic for

stakeholders, those of which who are affected by the problems and related to the Information

Technology department. For instance, an issue is one employee’s ability to access another’s

personnel record through a loophole. Whereas a problem would be if more than one employee is

able to access another employee’s personnel record through a loophole.

Consequences on the other hand are the results of an action such as the discussed risks,

issues, or problems. What consequences are expected from the problems that arose discussed

above? Few of the expected consequences that are possible consists of identity theft, employee

outrage, and termination of employment. Furthermore, these consequences depend upon a few

actions of the individuals involved. Considering, if the employees who illegally access their

fellow employees’ personnel records through the loophole stole the data, it would be considered

identity theft. These employees could see that others salary is more than their own, which would

cause them to become outraged, and request a pay raise. Once these employees have been found

and it is reported to the human resource department and/ or upper management, termination or

possibly only disciplinary actions, would be imminent.

Benefits

Therefore, many benefits can be found whenever there is an involvement with the

Information Technology department as mentioned before. Some of these benefits include the

knowledge of experienced technicians who has worked with similar issues. Specifically, the

most beneficial consideration regarding this case study analysis is the increased security of the
CASE STUDY ANALYSIS 5

Human Resource system. An increase in the security of the Human Resource system would be

beneficial to everyone within the company, not only the stakeholders or immediately involved

employees. The loophole will be resolved, and no other employee will be able to access another

employee’s personnel record. Therefore, the benefits to resolve this matter promptly, far

outweighs the disadvantages of not resolving it.

Responsibilities

The responsibilities of decision makers involved could be quite daunting. Considering,

the acknowledgement of the loophole and the resolution delay would be quite a predicament.

More so, knowingly upholding the truth to everyone involved is wrong. Therefore, a responsible

person should ensure the proper people are aware of the situation. A project plan should be

considered to resolve the problem once the appropriate parties are available. As Lewis states in

the Chronicle, “Building a business in which all stakeholders benefit from your actions or the

actions of the business entity is even more difficult.”(Lewis, n.d.). Depending on the situation of

the current time sensitive project that the Information Technology manager is working on, will

determine if upper management needs to become involved.

Stakeholder’s Rights

Each of the mentioned stakeholders above, have their corresponding rights to abide by.

Thus, they are able to obtain, perform, and enact upon confirmation of certain aspects of said

project. Common rights available for stakeholders consist of providing prompt and accurate

information in regards to the company, including but not limited to the financial position. Given

prompt disclosures per the requirements of the company and any relevant laws. As well as,

encouraging effective participation at all employee meetings and provided rights and laws.
CASE STUDY ANALYSIS 6

Providing any appropriate means for the stakeholders to report any specific matters where they

feel their rights were violated by the organization and take the necessary actions as required.

ACM/IEEE Codes

The ethical codes are provided by these two main associations for the technology

industry, Institute of Electrical and Electronics Engineers (IEEE) and Association for Computing

Machinery (ACM). Each of which have their own corresponding set of similar ethical codes.

Although, some may be similar to one another, but they are not all alike. Thus, each

organization has a few ethical codes that would apply to this case study analysis. As the

Association for Computing Machinery states within their ethical code:

The Code as a whole is concerned with how fundamental ethical principles apply to a

computing professional's conduct. The Code is not an algorithm for solving ethical

problems; rather it serves as a basis for ethical decision-making.(F. W. T., 2011)

According to the Institute of Electrical and Electronics Engineers and Association for

Computing Machinery code of ethics, the second, seventh, ninth, and tenth, ethical codes apply

to the discussed case study. The ethical codes are as follows, the second being avoiding real or

even perceived conflicts of interest. The seventh code of acknowledging and correcting errors.

Ninth avoiding malicious action towards others, their reputation, property or their employment.

Lastly, the tenth code which is to supporting fellow co-workers in following the ethical codes.

Options & Suggestion

Many options are deemed worthy of consideration upon investigation and should be

thought about diligently. Stakeholders are responsible for determining the best options available

as it is their right to do so. The first option would be to handle the situation discreetly with the

utmost care. As such, contacting each person affected individually to determine the best course
CASE STUDY ANALYSIS 7

of action in their opinion and if they would like to press charges. Depending upon the number of

employees involved and the charges pressed will determine the next course of action. Whereas,

the second option would be to simply cover up any trace of the loophole and tell no one of the

exposed data. Analysis contemplation determines the best course of action between the two

given options would be the first option. The ethically correct option to fix the loophole, follow

up with the employee’s “stakeholders” affected, and take the necessary corrective actions.
CASE STUDY ANALYSIS 8

References

F. W. T. (2011). Code of Ethics. JAMA: The Journal of the American Medical Association,

XX(21), 590. https://doi.org/10.1001/jama.1893.02420480016008

Foxall, D. (2018). Five basic HR data security threats in 2018. Retrieved April 23, 2019, from

https://www.hrmsworld.com/hr-data-security-threats.html

Issues, E. (n.d.). Unit 6 Assignment : Evaluating Ethics, 411–412.

Lewis, J. (n.d.). How Are Employees Affected as Stakeholders? | Chron.com. Retrieved April 23,

2019, from https://smallbusiness.chron.com/employees-affected-stakeholders-38732.html