User Account

All Pages

What is the advantage of storing the credit card number

Assignment Help Management Information Sys
Reference no: EM131816982

Security Privacy

Some organizations have legal requirements to protect the customer data they collect and store, but the laws may be more limited than you think. The Gramm-Leach-Bliley (GLB) Act, passed by Congress in 1999, protects consumer financial data stored by financial institutions, which are defined as banks, securities firms, insurance companies, and organizations that provide financial advice, prepare tax returns, and provide similar financial services.

The Privacy Act of 1974 provides protections to individuals regarding records maintained by the U.S. government, and the privacy provisions of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 gives individuals the right to access health data created by doctors and other health-care providers. HIPAA also sets rules and limits on who can read and receive your health information. The law is stronger in other countries. In Australia, for example, the Privacy Principles of the Australian Privacy Act of 1988 govern not only government and health-care data, but also records maintained by businesses with revenues in excess of AU$3 million.

To understand the importance of the limitations, consider online retailers that routinely store customer credit card data. Do Dell, Amazon.com, the airlines, and other e-commerce businesses have a legal requirement to protect their customers' credit card data? Apparently not-at least not in the United States. The activities of such organizations are not governed by the GLB, the Privacy Act of 1974, or HIPAA. Most consumers would say, however, that online retailers have an ethical requirement to protect a customer's credit card and other data, and most online retailers would agree.

Or at least the retailers would agree that they have a strong business reason to protect that data. A substantial loss of credit card data by any large online retailer would have detrimental effects on both sales and brand reputation. As discussed in Chapter 6, data aggregators like Acxiom Corporation further complicate the risk to individuals because they develop a complete profile of households and individuals.

And, as stated in Chapter 6, no federal law prohibits the U.S. government from buying information products from the data accumulators. But, let's bring the discussion closer to home. What requirements does your university have on the data it maintains about you? State law or university policy may govern those records, but no federal law does. Most universities consider it their responsibility to provide public access to graduation records. Anyone can determine when you graduated, your degree, and your major.

(Keep this service in mind when you write your resume.) Most professors endeavor to publish grades by student number and not by name, and there may be state law that requires that separation. But what about your work? What about the papers you write, the answers you give on exams? What about the emails you send to your professor? The data are not protected by federal law, and they are probably not protected by state law. If your professor chooses to cite your work in research, she will be subject to copyright law, but not privacy law.

What you write is no longer your personal data; it belongs to the academic community. You can ask your professor what she intends to do with your coursework, emails, and office conversations, but none of that data is protected by law. The bottom line: Be careful with your personal data. Large, reputable organizations are likely to endorse ethical privacy policy and to have strong and effective safeguards to effectuate that policy. But individuals and small organizations might not. If in doubt, ask

Discussion Questions

1. As stated in the case, when you order from an online retailer, the data you provide is not protected by U.S. privacy law. Does this fact cause you to reconsider setting up an account with a stored credit card number? What is the advantage of storing the credit card number? Do you think the advantage is worth the risk? Are you more willing to take the risk with some companies than with others? Why or why not?

2. Suppose you are the treasurer of a student club, and you store records of club members' payments in a database. In the past, members have disputed payment amounts; therefore, when you receive a payment, you scan an image of the check or credit card invoice and store the scanned image in a database.

One day, you are using your computer in a local wireless coffee shop and a malicious student breaks into your computer over the wireless network and steals the club database. You know nothing about this until the next day, when a club member complains that a popular student Web site has published the names, bank names, and bank account numbers for everyone who has given you a check.

What liability do you have in this matter? Could you be classified as a financial institution because you are taking students' money? If so, what liability do you have? If not, do you have any other liability? Does the coffee shop have a liability?

3. Suppose you are asked to fill out a study questionnaire that requires you to enter identifying data as well as answers to personal questions. You hesitate to provide the data, but the top part of the questionnaire states, "All responses will be strictly confidential." So, you fill out the questionnaire. Unfortunately, the person who is conducting the study visits the same wireless coffee shop that you visited (in question 2), and the same malicious student breaks in and steals the study results.

Your name and all of your responses appear on that same student Web site. Did the person conducting the study violate a law? Does the confidentiality assurance on the form increase that person's requirement to protect your data? Does your answer change if the person conducting the study is (a) a student, (b) a professor of music, or (c) a professor of computer security?

4. In truth, only a very talented and motivated hacker could steal databases from computers using a public wireless network. Such losses, although possible, are unlikely. However, any email you send or files you download can readily be sniffed at a public wireless facility. Knowing this, describe good practice for computer use at public wireless facilities.

5. Considering your answers to the above questions, state three to five general principles to guide your actions as you disseminate and store data. They must consider the factors listed and take cost-effective actions to reduce probable losses, despite the uncertainty. The next sections discuss safeguards. We begin with technical safeguards, then data safeguards, then human safeguards, and, finally, safeguards against natural disasters.

Reference no: EM131816982

Questions Cloud

How the term of asset has been used by the media : How the term of 'asset' has been used by the media, various authorities, and public in terms of the great barrier Reef
Distribution of sample count speaking spanish : The proportion of people in the United States who speak Spanish is about 0.11. The distribution of sample count speaking Spanish in samples of size
Olympic medals won by various countries : Tell whether each of the following involves a categorical variable, a discrete quantitative variable, or a continuous quantitative variable.
Journal entries necessary to correct the general ledger : determine the journal entries necessary to correct the general ledger
What is the advantage of storing the credit card number : What liability do you have in this matter? Could you be classified as a financial institution because you are taking students' money?
How do the slaves employ the principles of the revolution : How do the slaves employ the principles of the Revolution for their own aims? Article-From Petitions of Slaves to the Massachusetts Legislature (1773 and 1777).
Number of mcdonald restaurants in various countries : Tell whether each of the following involves a categorical variable, a discrete quantitative variable, or a continuous quantitative variable.
Probability that the mean number of evenings : For each of the following situations, tell whether the two probabilities should be equal:
How does one yield contribute to marriotts objectives : What are the advantages of having one revenue management system instead of two? Consider both users and the IS department in your answer.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Find online demos of sentiment analysis software

Find at least three different movie reviews where the user also includes a score. For example customer movie reviews on Amazon and Netflix use a 5 star rating.

  Why mobile applications are growing

Discovering the diversity of mobile applications and preferred mobile operating system and economics among consumers.

  Instructions1 typhoid mary the most dangerous woman in

instructions1. typhoid mary the most dangerous woman in americatyphoid mary - low bandwidth versiontyphoid mary -

  Identify at least two e-commerce systems

Describe how XML extensions could enable e-Commerce integration among system stakeholders such as vendors, resellers, suppliers, and customers.

  Developing a secure information system

Your boss is asking each engineer from all departments to come up with the one or two sources of network threats and attacks you consider the most critical and why

  Challenge that health care organizations will face

Elaborate on the trend of interoperability of health care management information systems. Determine a significant challenge that health care organizations will face when creating an interoperable system. Justify your response

  How does this information affect your ftes

how many RN FTEs should be hired to satisfy the patient care demand in each unit?- How does this information affect your FTEs?

  Stock analysis use financial accounting information

Detailed Explanation to Accounting information systems - From the perspective of capital markets, in which ways do stock analysis use financial accounting information?

  Effects of management information systems

Write a two-page paper (minimum length) describing the following effects of management information systems on organizational functions: Executive-level decision making

  Summarize how you would troubleshoot

Suppose you receive a phone call from a client in Sales who cannot print a report on a printer in the Research and Development department. The report is from a database created on a server located at headquarters. The client tells you that other m..

  What consequences might result in designing a system

Why does it matter if an information system developer mixes up the terms data, information, and knowledge?

  Discusses the different types of app creation software

Write a brief paper that discusses the different types of app creation software. Compare information on software that needs to be purchased and those that are free.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd