The administration at St. John’s Hospital takes pride in its sound policies and procedures for the protection of confidential client information. In fact, it serves as a model for other institutions in the area; however, printouts discarded in the restricted-access information systems department are not shredded. On numerous occasions, personnel working late have observed the cleaning staff reading discarded printouts. What actions, if any, should these personnel take toward the actions of the cleaning staff?
•Analyze how you will respond to these situations.
Expert Answer
Solution:
There could be several steps taken by the personnel to prevent any breach in data protection policy:
- The staff working in the said restricted- access information systems department should be educated about the importance and need for client data protection policy. They should also be made well-versed of the impact and the subsequent consequences of data falling into wrong hands.
- It should be emphasized that, a minute negligence would not only prove detrimental to the organization’s reputation but also have appalling effect on the customers whose data is compromised.
- The cleaning staff should also be updated that information required by different department is different, and if they come across any information which they think should not have been left unattended, they should either keep it safe in lockers so that the right personnel could make use of it, or immediately discard them by using shredders.
- In all, irrespective of the departments, each employee of the organization should be refined and polished with the principles of data protection policy so that the overall object of the organization is accomplished without any hurdle.