|
There's a tendency in today's technology-driven
business world to think information technology specialists
can solve most of a company's operational problems. Information
technology professionals are expected to do it all: choose,
implement and support efficient and effective technology —
keep it and its data secure from internal and external threats.
Well, they can't unless they have the whole-hearted commitment
from the organization and, specifically, direction from the
management team.
In writing recently about the health care industry and the
pressures imposed by government regulation, I put privacy
and data security at the top of the list. But health care
professionals aren't the only ones for whom this issue is
critical. It's an emerging concern for every business and
industry.
The question is how do companies go about collecting and
using data in a responsible way?
Information is power, and companies collect a tremendous
amount of information about their customers and their employees.
Powerful computers and data collection software enable companies
to amass, store and sort all types of personal information
— likes and dislikes, buying patterns and other facts
about the people they serve and the people they work with.
In a competitive environment, having this kind of personal
information is often essential.
So how can they do it without violating privacy and security?
That strategic question must be answered by the executive
team, not just the information technology staff.
There are two areas for business professionals to consider
regarding information management. The most important is the
strategic position the executive team takes toward data collection,
access and privacy.
...most important is
the strategic position the executive team takes toward
data collection, access, and privacy.
|
|
The second area of consideration are the information technology
safeguards that must be implemented to support the strategic
direction. Simply keeping hackers out isn't enough. Business
managers at all levels must understand the purpose, process
and ethics of data collection and dissemination. How much
is too much before customers and employees feel violated and
distrustful? Clearly, in giving clear direction to their information
technology staff, business managers must understand the use
and abuse of information and how it applies to employees and
customers.
There is no doubt that the combination of powerful database
software, warp speed computers and the Internet ease the way
for collecting, storing and instantaneously accessing a massive
amount of personally identifiable information. For example,
human resource software allows companies to track employee
skills, traits, progress and readiness to move up in the organization.
The challenge for today's responsible business leader is how
to protect the privacy of the individual. The same goes for
responding to market pressures in terms of customizing products
and services.
|
Most polls indicate consumers and
employees are concerned about their privacy.
|
|
|
Most polls, however, indicate that consumers and employees
are concerned about privacy. As a result, every business manager
should understand what information is collected, the methods
used to collect it, and how he uses and protects it.
In forging policies on data privacy, you should:
- Obtain consent to collect data.
- Identify how it will be accessed and used.
- Limit its use, disclosure and retention.
- Maintain an openness to the company's process and its
position on privacy and security.
- Safeguard data.
- Consider dispute resolution, i.e., how to research and
resolve complaints.
While the matter of data privacy is technology-oriented,
information technology professionals can't do it all. The
technology team can get you the data, massage it, store and
protect it, but it's up to management to control it.
Carol Conway is the owner of CRS Technology. She may be contacted
at carol@crsonline.net.
< Back to Small Business
Technology Articles
|
