1. Information Systems
Unit 3

2. Information, Laws and Ethics
Demonstrate an understanding of the issues related to use of information
explain the issues related to the use of information (P3)
Assess how issues related to the use of information affect an organisation (M2)
Legal issues, Ethical issues

3. Legal Issues There are many laws that affect the use of information.
Three of these are the:
Data Protection Act 1998
Freedom of Information Act 2000
Computer Misuse Act 1990

4. Data Protection Act Data Protection Act 1998
The Data Protection Act 1998 provides a framework to ensure that personal information is handled properly.
It also gives individuals the right to know what information is held about them.

5. Data Protection Act The Act works in two ways
Anyone who processes personal information must register with the DPA registrar and comply with eight principles.
These make sure that personal information is:
fairly and lawfully processed
processed for limited purposes
adequate, relevant and not excessive
accurate and up to date
not kept for longer than is necessary
processed in line with your rights
secure
not transferred to other countries without adequate protection.

6. Data Protection Act
The Act also provides individuals with important rights.
These include the right to find out what personal information is held on computer
and
most paper records

7. Freedom of Information Act
The Freedom of Information Act 2000
access to official information
gives individuals or organisations the right to ask for information from any
public authority, including central and local government, the police, the NHS and colleges and schools.
20 days to provide the information
refuse if the information is exempt:
eg if releasing the information could interfere with national security or damage commercial interests

8. Computer Misuse Act
The Computer Misuse Act 1990 details three offences:
unauthorised access to any computer program or data
most common form of this is using someone else’s user ID and password
unauthorised access with intent to commit a serious crime
unauthorised modification of computer contents
impairing the operation of a computer, a program or the reliability of data
preventing access to any program or data
Examples of this are the introduction of a virus, modifying or destroying another user’s files or changing financial or administrative data
Some minor changes to tighten up this Act were introduced as a small part of the Police and Justice Act 2006.
This made unauthorised acts with intent to impair the operation of a computer illegal

9. Work on your Assignment
You must now start to look at the scenario provided at the start of this unit and apply it to the tasks
Work on the relevant sections for the assignment P3 & M2
Follow the assignment writing frame
Main Heading (heading size 1) - Legal, Ethical and Operational Issues [P3, M2]
Heading (heading size 2) – Legal Issues
Sub Heading (heading size 3) – Data Protection Act 1998
Sub Heading (heading size 3) – Freedom of Information Act 2000
Sub Heading (heading size 3) – Computer Misuse Act 1990

10. BREAKTIME Back at 14:45 DO NOT BE LATE

11. Ethical Issues Codes of Practice
Many organisations will have a code of practice
Clear states what uses can be made of their computing facilities
main uses of computing facilities will be to support the purpose of the organisation
code of practice often defines the extent to which private use of the computer system is permitted
Examples of items included in a code of practice are:
Use of
Use of the internet
Whistle blowing

12. Ethical Issues Codes of Practice - Use of Email
Threatening or harassment
banned
Spamming or unsolicited
Limited use for personal
sometimes allowed
However, this is dependant on the organisation and the level of security within it
All outside contact via electronic methods may not be allowed

13. Ethical Issues Codes of Practice - Use of the Internet
Inappropriate websites
Eg gambling
Banned – code of practice and filtering software
Personal use
can be allowed – code of conduct

14. Ethical Issues Codes of Practice - Use of the Internet
Inappropriate websites
Posting to websites
banned unless own organisational server where restrictions apply
Whistle blowing
Computer users who identify others misuse are protected – code of practice
IT Administrators usually first to detect misuse

15. Ethical Issues Organisational Policies
An organisation’s policies may have a significant effect on how it treats information
operates on a need-to-know basis is likely to impose policies restricting access to information
For example, it may keep its databases, files and servers in a secure central data centre
IT security and data centre staff may put in place tight controls on who can access or update this data

16. Ethical Issues Organisational Policies
A decentralised organisation with decentralised computing is also likely to restrict access to information
security restrictions could include:
Access to files, databases or
limited or no direct connectivity between the organisation’s computers
This could unintentionally prevent staff at one location accessing information held at another location, even though they may need access

17. Work on your Assignment
You must now start to look at the scenario provided at the start of this unit and apply it to the tasks
Work on the relevant sections for the assignment P3 & M2

18. Summary Today you have You have done this by
Demonstrated an understanding of the issues related to use of information
You have done this by
explaining the legal and ethical issues related to the use of information (P3)
assessing how legal and ethical issues related to the use of information affect an organisation (M2)