Managing customers’ personal information is a rather tricky task, especially in the era of digital technology, when information management has become considerably less secure due to the Web-related threats (e.g., cyberattacks) (Seo, Park, Kim, & Eom, 2016). Therefore, it is imperative to draw the line between the acceptable practices in the context of the workplace environment and the instances of customers’ personal data violation. In the case in point, there have been certain violations of the principles of information management in the workplace, which means that the customer’s data may be jeopardized.
Considerations
First and most obvious, how the request regarding the customer’s personal information was made cannot be deemed as correct. Without filling out the required form, the employee was not authorized to ask for the client’s data (Lakshmi, Praveen, Venkatraman, & Manoharan, 2015). While seemingly unnecessary when the request is handled by two people on a single level, the identified step might be considered unnecessary. However, it does provide extra security that allows avoiding a range of threats that may appear in the process (Summers, 2016). Furthermore, the aspect of professional ethics in data management needs to be considered. Even without the formal part in question, conflicts can be avoided in case both participants follow the principles of Corporate Social Responsibility (CSR) and comply with essential ethical standards.
Potential Issues
As stressed above, the approach chosen by the coworkers to handle the customer-related information leaves much to be desired. Because of the lack of compliance with the existing standards for data management, particularly, the absence of the request and release forms, there might be problems with how the coworker uses the data. Seeing that the verbal transfer of information does not imply that the confidentiality clause is accepted by the receiving party, the disclosure of the customer’s data may occur (Summers, 2016). The identified scenario is likely to hurt all parties involved, including the customer, whose security will suffer, the employee that provided the information without the due precaution measures, and the staff member who disclosed the data (Tebaa, Zkik, & Hajji, 2015).
Speaking of the issues associated with the patient and their security, one must admit that the absence of a release form that the participants should have signed is not the only concern in the case in point. The significance of CSR in the target environment and the focus on the customer’s needs will also define whether the members of the organization in question will violate the client’s rights by discussing the subject matter outside of their workplace (Summers, 2016). Therefore, data management strategies must be taught to the staff along with the SR-related ideas.
Conclusion
Even though the process of information management described in the scenario is rather fast, it lacks the precaution measures that could make it safer for the patient. Because of the absence of the data release form and therefore, any restrictions regarding the information management by the parties involved, the threat of the data being left open to the third parties is very high. Consequently, the use of the release form should be considered in the instance mentioned above. Even though the process of signing the document does not guarantee complete security, it does eliminate some of the loopholes in the information transfer process, therefore, making the participants responsible for the outcome.
References
Evans, D. R., Hearn, T. M., Uhlemann, M. R., & Ivey, A. E. (2016). Essential Interviewing: A programmed approach to effective communication (9th ed.). Boston, MA: Cengage Learning.
Lakshmi, D. L., Praveen, J. S., Venkatraman, V., & Manoharan, N. (2015). A review on data security in distributed system. International Journal of Computer Engineering & Technology (IJCET), 6(10), 13-16.
Seo, Y., Park, Y. H., Kim, K. S., & Eom, J. H. (2016). Architecture of cyber intelligence system for cyber attack & defense training. Advanced Science and Technology Letters, 136(1), 157-160. Web.
Summers, N. (2016). Fundamentals of case management practice: Skills for the human services (5th ed.). Boston, MA: Cengage Learning.
Tebaa, M., Zkik, K.,& Hajji,S. E. ( 2015). Hybrid homomorphic encryption method for protecting the privacy of banking data in the cloud. International Journal of Security and Its Applications, 9(6), 61-70. Web.