Category: Cyberspace

Introduction

Cyberspace is a term that was coined many years back to refer to the various things that exist within a large communication network. The concept has evolved over the years at an alarming rate, driven by constant growth in the use of technology in almost every aspect of our daily lives. Undoubtedly, cyberspace has greatly transformed the way we live and interact with one another globally. However, as society continues to embrace the use of cyberspace, there are those who are out to benefit selfishly from new innovations. To address the challenges posed by cyberspace, it is imperative for those entrusted with the fight against negative use of cyberspace to think up solutions that will curb illegal activities.

This paper looks at facts, statistics, resources, and public opinion about cyberspace that are necessary for policy formulation. The paper also considers cyberspace related crimes and negative developments. In addition, it provides policy recommendations on the subject of cyberspace and the impact they could have on the modern criminal justice system and globalization. As explained above, negative activities associated with cyberspace include cyber terrorism, cyberbullying, and denial of service attacks.

Facts, Statistics, Resources, and Public Opinion about Cyberspace

Drawing from a study by Curtis (2014), almost every person in the world has a connection to the Web in one way or another. The various tools that are used to access the Web, including cell phones and other technological devices are getting more sophisticated and giving individuals a chance to do so much online. As a result, cybercriminals have also changed tack and are now carrying out their illegal activities through the Web. Unlike in the past, children today communicate mainly through the Internet than I person. Although kids chatting online may seem harmless to most people, facts, and statistics concerning cyberbullying are shocking. Evidently, children get harassed through the Web. With no authority to intervene, unruly kids use words that are not kind to torment others while hiding through aliases.

According to Curtis (2014), close to 7.5 million users of Facebook in the United States are less than 13 years old. It is thus obvious that most victims of cyberbullying are innocent children. As pointed out by Wolfson (2010), online bullies make use of every available opportunity to carry out their harmful activities wherever they go. Based on research findings, about 58 percent of children in the U.S. have been bullied by people who said hurting things to them more than two or three times. Considering that most children choose to be quiet about such things, it is important for parents to be extremely keen in order to protect their children. Any telltale signs must be investigated diligently. In worst-case scenarios, victims of cyberbullying have ended up committing suicide as a result of online bullying at a very tender age. Although some victims may survive to cyberbully, they become depressed and mainly live under the fear of being attacked.

Another negative activity linked to cyberspace is cyber terrorism (Weimann, 2004). To a large extent, the threat of cyber terrorism has created fear in so many people, and especially those who depend on the Web to survive. In general, cyber terrorism is dangerous for public policy as well as the security of an entire nation. Key stakeholders, including experts in matters of security and politicians, are making every effort to see to it that the public is aware of the consequences of cyber terrorism. Among other unwelcome outcomes, cyber terrorism can create an avenue for unauthorized individuals to access data or information they are not allowed to access. Access to sensitive government secrets can easily cripple operations and make a nation vulnerable to attacks by external forces.

Although there are a number of threats that can result from cyber terrorism, stakeholders are yet to determine whether it is actually a real threat considering that such attacks are not seen to be rampant (Weimann, 2004). This notwithstanding, it is necessary to prevent surprise occurrences that are capable of crippling operations, whether in government or in the private sector. If not checked, cyber terrorism is a very attractive option that can be exploited by terrorists to make life impossible for law-abiding citizens. It must thus be dealt with accordingly.

A very good example of what can result from cyber terrorism is the 9/11 terrorist attack that took place in the United States, leaving many dead and scores injured. The attack also led to a huge loss of income for the nation. It is thus important not to take anything lightly. Every possible threat must be investigated fully and, if possible, eliminated. Closely related to cyber terrorism is the denial of service attacks (Weimann, 2004). In denial of service attacks, the attackers destabilize the operations of the victims by attacking the networking and jamming it with a continuous flow of traffic that makes access to the network by other interested parties impossible. Following the 9/11 attacks, fighting terrorism is one of the priorities of the American government. Apparently, the government of the United States was compelled to spend approximately 4.5 billion dollars on infrastructure security. According to Tafoya (2011), cyber terrorism can create an opportunity for the attacker to comprise data. The use of wrong data can, in turn, have far-reaching implications that can make a difference between success and failure. Unreliable information can lead to misunderstandings, which can later destroy trust. Cyber terrorism is thus considered a part of information warfare. Despite the possible relationship that exists between cyber terrorism and information warfare, however, the two terms are quite different.

In general, different people have different opinions about cyber terrorism and other cyberspace related activities. While it is considered to be a serious threat by some people, others do not see cyber terrorism as a real threat (Weimann, 2004). Despite the fact that several activities by hackers have been reported globally, it is presumed that cyber defenses are quite robust. This notwithstanding, terrorism attacks that are linked to hacking activities are likely to become a reality. While there were only 2,134 incidences of computer hacks in 1997, the number increased to 21,756 in 2001 (Weimann, 2004). It is thus, essential to develop strategies to counter hacking-related attacks. To a large extent, the political class is concerned about the regulation of cyberspace. Generally, what politicians desire to see is a strict surveillance system as well as tough control measures and respect for people’s rights and the need for privacy. In most places around the world, state governments make every effort to come up with theories that consider issues such as access and equity. Politicians are also responsible for the enactment of laws that can help to promote the responsible use of cyberspace. The greatest concern and hence the responsibility of law enforcers is to see to it that the various laws put in place to govern cyberspace activities are followed.

Disobedience to the law thus attracts a penalty. The greatest responsibility of judges is to convict those found guilty of going against the law. In doing so, the expectation is that they will remain impartial and deliver justice to all without prejudice. According to most defense attorneys, their work is mainly complicated by the fact that cyberspace users can easily carry out their activities unnoticed by anyone. Apparently, this makes it extremely difficult to access the evidence that may be used in a court of law. The fact that the Internet can be used incognito generates a very high number of cybercriminals and makes it challenging to pin down offenders. For the victims and other law-abiding citizens, the greatest desire is to see that politicians are focused on developing laws that are relevant and able to protect the interests of the affected individuals. In addition, they would like to see that law enforcers are working closely with judges to ensure fairness for all.

Policy Recommendations

As explained by Weimann (2004), the fight against cyberspace related attacks has been highly politicized, and many seek to reap economic benefits from it. One of the things that must be done to address the challenges posed by cyberspace is to create a policy that helps to establish the motive of the attackers. As cyberbullying is mostly done anonymously, policy formulators must look for strategies that will ensure that nothing is left to chance. Without a doubt, having a strict policy in place will serve to protect the interests of most innocent children who are keen to utilize Internet gainfully. According to experts in children matters, children who are involved in molesting others online display certain characteristics that must be looked out for a while seeking to help both the victims and the attackers. An effective policy for cyberbullying should include the involvement of relevant authorities and monitoring what children are doing online.

As part of the policy, there should be clear guidelines for parents regarding how best to ensure that their children are not victims of cyberbullying, not the ones attacking other children online. The criminal justice system should also have in place a strict strategy to ensure that cyberspace activities are not undertaken with the intention of hurting others. In addition, it is imperative for the policy to provide for the need to educate all the public on what must be done to deal with negative cyberspace activities such as cyberbullying. Apart from sensitizing parents, children should also be educated and equipped with skills for dealing with possible attacks.

As noted by Tafoya (2011), agencies that are responsible for law enforcement must stay informed in order to deal with the challenges of cyber terrorism. Although some researchers claim that no reliable evidence can be found to show that terrorists use cyberspace to launch attacks, others argue that there is credible information indicating that cyber terrorism is a threat that must be monitored very carefully.

By and large, the opinions of all stakeholders are valid and have a very important part to play in making sure that cyberspace is utilized in a responsible manner. As earlier explained, different people in society have different concerns they would like to see addressed. Politicians, for example, care about having laws that are pertinent to safeguarding the interests of cyberspace users. Law enforcers, on the other hand, have an important task of ensuring that laws that are related to cyberspace are obeyed. Victims and law-abiding citizens care about fairness and protection at all levels in society. The responsibility of judges, as explained, is to see to it that justice is done to every person.

The rationale for Policy Recommendations and Impact on Contemporary Criminal Justice Issues and Globalization

The underlying principle behind the above policy recommendations lies in the fact that an all-inclusive cyberspace policy will help to strengthen the use of cyberspace to benefit all people. All these opinions are critical in developing a cyberspace policy and have to be taken into account when developing the cyberspace policy. Without the support of state governments and politicians, nothing much can be achieved. Similarly, the laws enacted by politicians have to be reinforced by law enforcement agencies. For completeness purposes, victims and law-abiding citizens must be involved at every level of policy development. In the absence of such diligence, many innocent people may continue suffering.

Because of technology and cyberspace, in particular, we live in a global village. For this reason, the given policy recommendations are critical for supporting the idea of globalization. Certainly, a well-defined cyberspace policy will affect globalization positively. In addition, such a policy will also ensure that criminal justice serves the needs of all users of cyberspace.

Conclusion

Although the advent of cyberspace has simplified the people live and interact, it has also come with numerous challenges. Based on research findings, the challenges that are posed by negative activities such as cyberbullying and cyber terrorism are a reality. Consequently, the need for an effective cyberspace policy cannot be underestimated. As discussed in this paper, the development of such a policy is largely dependent on ensuring that the views of all stakeholders are taken into account. All stakeholders must be consulted, and their views respected.

References

Curtis, J. (2014). Cyberbullying Statistics: What the Facts Mean for You. Web.

Tafoya, W. L. (2011). Cyber Terror. Web.

Weimann, G. (2004). Cyber terrorism: How real is the Threat? Web.

Wolfson, E. (2010). Cyberbullying: Confronting the Modern Face of Bullying. Web.

Introduction

Cyberspace is a common terminology in the computer world that is used to refer to the virtual computer world. The computer world is characterized by a lot of information floating within cyberspace or the computer system’s network. Cyberspace can be defined, in general terms, as a domain of “electronics and electromagnetic spectrum” for the storage, modification, and data exchange through systems that are linked to each other and the associated physical infrastructure. Cyberspace from this definition can exist on land, space, air, and even in the sea. It is sometimes described as a global information grid (GIG) because of the internet systems that connect the world through electronics and more especially, computers. Today, with growing literacy, more people have access to computers than ever before. This increased access has led to increased crimes over the internet.

Every society needs some regulations to control the behavior and acts of its members to be maintained within what would be described as normal. To achieve this, rules and regulations are put in place to be followed and in case one fails to do so, there is an outlined form of penalty or punishment. This controls the people and keeps them orderly by the use of a law system. The same applies to cyberspace just like in normal space to limit and avoid crimes of cyberspace and abuse of freedom.

Cyber liberalization

In cyberspace, people are generally free as compared to real-life situations. There is however a need to regulate cyberspace activities. Everybody enjoys their freedom in the computer world (cyberspace and the internet). There is no control, self-organization, or decentralization over what one on does the internet and cyberspace. There is therefore a need for user intervention as the net cannot control or care for itself. In such freedom, there is a high likelihood that people will not be responsible (Baase, 2009).

Cyberspace crimes

There is no restriction to internet usage in the world today as there is the freedom to cyberspace. However, people are bound to misuse this freedom and commit cybercrimes. Cybercrimes are activities that would cause the destruction, degradation, or disruption of an adversary or competitor’s information technology. Cyber exploitation is the act of stealing information from an adversary or from someone else in cyberspace. Other crimes in cyberspace include data breaching, destruction of infrastructure among others. Therefore, there is a need for laws to control, limit, or eliminate crime and hostilities in cyberspace. Part of the defense plan was recently developed by the Obama administration. This plan provides protection for infrastructures like financial systems, electric grids, and transport networks from people who have cyber attacking habits. In this proposal, homeland security was to work with the states in controlling cyber crimes.

Since these computer network systems are created by using other electromagnetic energy, it leaves the national security vulnerable to attack through the internet and therefore, withholding many of its systems from the internet connection (Ryan, 2003).

Cyberspace laws

Laws have been developed to regulate and constrain cyberspace activities just like these laws constrain and regulate real-life behaviors. Just the same way the globe has become a village and people can strike business deals digitally over the internet, crimes have also diversified to the same level with the growing technology. There are generally four categories of regulations in cyberspace. These are Law, Norm, Architecture, and Market. Interaction within these four regulations is what builds cyberspace to be what it is. These laws tend to treat cyberspace as if it were physical space. The laws are not internationally uniform as each country develops its own laws. Thus, there are variations in these laws, although not extreme variations.

Cyberspace laws include the main code which is that of hardware and software. The software has codified information that determines or limits how people interact through space. This code sets terms and conditions which one has to understand before entering. Before accessing the software, one is usually required to use some code in the form of a password and this to a great extent protects the software from unregistered members. In most hardware, people have used the same for privacy reasons so the content of their computer is only accessed by a certain caliber of people who qualify for the same in some way.

There are many arguments that have been put across against these laws and regulations for cyberspace. In some of these arguments, it is claimed that the government should leave the Internet community to manage itself without interference. The community has many declarations with these claims. For instance, Barlow (1996) argued, to put it in his own words, that;

Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own social contract. This governance will arise according to the conditions of our world, not yours. Our world is different…human beings possess a mind, which they are absolutely free to inhabit with no legal constraints. Human civilization is developing its own collective mind. All we want is to be free to inhabit it with no legal constraints. Since you make sure we cannot harm you, you have no ethical right to intrude on our lives. So stop intruding (Barlow, 1996, Par. 5)

. Other people in their articles argue that there should be some form of compromise between the two sides. Lawrence Lessig for example argue that, “the problem of the law is to work out how the norms of the two communities are to apply given that the subject to whom they apply maybe in both places at once” (Lessig, 2006, 190). Everyone is however bound by the internet and cyberspace governing laws of whichever state he or she travels.

Regulation in other parts of the world

Some countries may restrict the types of material availed on the internet for their citizens. The law in the United States of America does control some “internet material access”; but it does not “filter” what is available on the internet (Ryan, 2003). Using Lessig’s code, most of the Middle Easterd the Asian countries like Saudi Arabia and China use any of the code combinations to deny accessibility of some of the material on the internet by their citizens. These countries today have a high degree achievement of their aim of restricting the material accessible to their citizens. Many people have been vocal about these regulations restricting the type of material accessible to these nations but they have not had a strong argument. An example is Pavan Duggal a cyber law expert and Supreme Court advocate in India complaining against “Information Technology Act 200” he found many flaws with this Act and has raised issues concerning the amendments passed in 2008 (Ryan, 2003).

The four main regulations as mentioned above are:

Law; many of the internet actions are required to be maintained under the law. These include both images posted on the internet and the transactions made over the internet. Areas around Fraud, child pornography and gambling are restricted. Generally, any activities that are considered illegal in physical space are equally illegal in cyberspace. These forms of crimes are subject to similar forms of legislation on both spaces. Scandals involving government operations over the cyberspace are also treated with equal magnitude as they could be treated on physical space.

The market; markets equally regulate some forms of activity over the internet. These mainly are associated with the monetary cost attached to a given activities. Real space market conditions have effect only on the commercial part of the internet transaction and limited influence over the less commercial portion. The internet offers an effective market place for the information on market related facts and further information on the commodity in the market. This may vary from one state to another and depending on one’s place of residence they apply as well as those of the other person’s place of residence if the transaction is occurring between two people from different countries. They are mainly aimed at controlling internet fraud and checking the cost of cyberspace commodities and services. This allows one to compare and contrast the available commodities allowing one to make the best choice. For those selling their commodities over the internet, it offers easy advertisement of the same.

Social norms; just like there are limitations in our social activities and interactions in the physical world, there are similar regulations in the cyberspace. Although some conducts, behaviors and activities online may not be prohibited specifically by the architecture code or the applicable legislation, these conducts and activities will be prohibited by the social norms and requirements of society (that is physical space). Depending on whichever community one decides to associate him or herself with, they are inclined to adopt a given pattern of behavior (Spinello, 2002).

Architecture; Under this regulation are the directions on how information is allowed or not allowed to flow or be transmitted over the internet and in cyberspace. Every piece of information acquired from the internet is through software which filters the information and is bound to limit what kind of information is transmitted. This software checks for certain keywords and blocks any information containing these keywords.

E-governance

This is a form of running the government business, information, transactions, services and interactions digitally with information flowing between the governments, government arms and the citizens through cyberspace.

There are several developments in e-governance and the UN has adopted this form of governance for its annual events. In its e-governance, the UN has a section where it analyzes the readiness of the various governments of the world. This is determined using two specific indicators; i) the government’s readiness to adopt e-governance and ii) the level of e-participation of the particular government. They use this survey in the annual event to asses its one hundred and ninety one member’s participation in e-governance. This survey checks such variations as telecommunication infrastructure, website assessment and endowment of human resource. These help determine the readiness index of the countries and the United Nations then determine the twenty most ready nations (Baase, 2009).

Besides normal working effectiveness of the cyberspace, security concerns are a major concern. Security issues are however high on the agenda of IT. This influences how confident people are when using your IT system. Cyber space crimes are however very high as the criminals understand that successful attacks or crimes in cyberspace are very profitable to them. They will hence keep developing new ways of bridging the security system in order to commit their crimes. This therefore requires the owners of these information technology systems to remain highly vigilant. Any time one needs to have system enhancement, they should have high security standards as one of the most basic requirements. Every IT operator therefore needs a strategy on maintaining the security of their system. It is important to have a highly secure perimeter while at same time ensure the computers of the business users are securely protected. It is important for the business users to be aware of the security status and hence observe the basic security checks in their day to day events and activities. One has to broadly think of all aspects of their infrastructure (the networks, desktops and computers accessing one’s system remotely) defended for them to have holistic security. It is not possible to eliminate the risk of security but it is possible to manage and mitigate the security bridge though. “Defense in depth” is said to be basic for a successful strategy for security and not rely on a single strategy for the whole system but different types for different parts such that if someone breaches the security system they are not able to access the whole system (Spinello, 2004).

There are shortcomings of the information technology system and the most noteworthy of all is that the Act does not make reference to protection of “intellectual property” from patents, trademarks and copyrights on the internet. It does not also cover issues of cyber squatting and name infringement. This inhibits investing in the IT infrastructure. The penalty extends to persons who are not necessarily citizens of the country. The Indian Information Technology system hinders property transactions over the internet as the government has to perform stamp duty on the commodities. This Act fails to address the international or cross border taxation yet this may lead to international contracts. It does not address issues of privacy on the internet like exclusion of solicited commercial mails also known as spam mail and unauthorized data collection over the internet. It also does not cover issues of cyber laundering of money that can easily be used by terrorists (Ryan, 2003).

Regulatory norms in Indian Cyberspace

India is one of the good examples of countries that have put in place related to cyberspace. Introduction of the internet to the world has made it easy for communication to be done between people over the cyberspace. This then made it necessary for the formulation of laws to govern and regulate the distribution of material and information over the internet. India’s cyber laws are in the Information technology (IT) Act 2000. The Act came to effect from May 2000. India was ranked the twelfth nation in the world that adopted cyber laws. The second chapter requires a subscriber to the cyberspace to confirm a record of electronics by him or her using his signature. Chapter three of the Act discusses the need for electronic governance where material used shall be stored in digital for future reference. Chapter four outlines a scheme to be used in regulating cyberspace by the responsible authorities. A controller would be selected to oversee and supervise the activities of the authorities of cyberspace and at the same time he or she would strategize and give direction to the activities of cyberspace. He or she would control and determine the form of interaction between the citizens and with other people outside the country. This would generally require him to develop a form of regulation to manage the internet activities of the citizens. Chapter six discusses the details of digital signatures and certification of the same. The duties of the people who subscribe to the usage of cyberspace are also outlined in this section. Chapter seven of the Act discusses the various penalties that would be awarded for various forms of crimes committed over the cyberspace or rather over the internet. It involves identifying the right officers to adjudicate over the criminals or offenders of the crimes. This officer was to be granted the power to adjudicate over the offenders by the civil court. Chapter eight of the Act talks of establishing of cyber regulations that will be followed by the people and a body to oversee that these are followed. Those people who would not adhere to the appellate would be charged accordingly. Chapter nine of the Act talks of various cyberspace offences and further outlines that the investigation of these offences would be done by police officers. The Act further talks of a constitution of a committee of advisory staff on the regulations of the cyberspace issues. This committee would advise the government on issues of cyberspace and incase there was need for any adjustments and amendments in the Act on cyberspace these committee would be consulted (Spinello, 2002).

Advantages of Cyberspace Laws

The provision of cyberspace laws has played a major role in boosting crime control in the cyberspace and protecting people from fraud and theft. This will eventually eliminate any fears when people perform business contracts or any money related deals over the internet. With firm security systems in place, people will be able to make large money transactions over the internet or within cyberspace without fears of losing their monies.

The cyberspace laws have also led to the development of a legal framework within which information can easily flow without denial and therefore has led to increased levels of people being informed worldwide. Since transaction within cyberspace and communications leave records that are electronic in nature, the Act allows the government to have records of the transactions preformed without loss of track as they are maintained in digital form and can easily be traced for future reference. This point means that for tracking reasons, emails would be addressed as formal evidence in past business transactions. With the legal infrastructure in place, many companies now have an upper hand in performing electronic commerce which will be faster to effect and consequently raise the profit margins of the company. The Act makes it possible for the government to issue notifications over the internet thus enabling electronic governance to some level. The Act would make record filing easy by allowing companies to file applications and any forms and documents with any office without necessarily being to that office.

This Act addresses important issues of cyber space security making electronic transactions easy and more reliable. There are various processes of the act of security that would need to have been followed by any person getting into an online transaction in cyberspace and once these are followed then the person is protected from any form of fraud. In case of any breaks to ones computer system, the companies are, under the Act, required to have a remedy in place to protect the system from damage or to control the damage level inflicted in the system. Besides, this one is required to have back-up data for security reasons such that in case the system is breached and one’s data interfered with, then they can easily bounce back into shape.

Conclusion

The countries all over the world have a legal framework for their ICT, IT and general cyberspace. Some of the common crimes that have come to existence with the introduction or widespread distribution of cyberspace include; those of financial fraud, Credit Card Fraud, obscene material publication like pornography, cyber stalking, and theft of software and data. Some of these crimes are quite grave. For instance, children in the world are becoming more and more exposed to the internet and this has led them to accessing obscene material such as pornography. As a consequence of this, they are exposed to early sexuality and become vulnerable to getting in to these habits even before they understand what it entails. Later on they are exposed to sexually transmitted disease including HIV and AIDS and early pregnancies. Cyberspace is, to a great extent, a high degree development in society. There is a need however to control its distribution as it comes with negative impacts that if not checked may greatly affect the society. There is a need therefore for further legislation to improve the ICT security system.

References

Baase, S. (2009). A Gift of Fire: Social, Legal and Ethical Issues for Computing and the Internet, 3rd Ed, New York: Pearson Education. Print.

Barlow, P. J., (1996). A declaration of the independence of cyberspace. Web.

Lessig, L. (2006). Code. New York: Lawrence Lessig. Print.

Ryan, D. and Shephed, R. (2003) Cases and Materials in Cyberlaw CD-ROM. (Reprint). New York: Wyndrose Technical Group. Print.

Spinello, R. A. (2002). CyberEthics: Morality and law in cyberspace. Sudbury: Jones and Bartlett Publishers, Inc. Print.

Spinello, R. A (2004). Readings in CyberEthics. Sudbury: Jones and Bartlett Publishers, Inc. Print.

Overview of the healthcare and security systems

Information security as well as well as privacy in the health sector is an issue whose prominence has been swelling day by day. Healthcare sectors have been called to adopt information technology systems to aid in speeding activities and securing records. Efforts to adopt information technology in healthcare have been practiced for a long time. Several developments point to the need for better security systems in healthcare.

These developments include the use of patient records that are digitalized, the consolidation of healthcare providers and the rise in healthcare regulation. Also, there has been an increasing need for the exchange of healthcare information between healthcare providers, patients and healthcare institutions. All these developments are strongly bonded on security thus making security a paramount issue in healthcare (Symantec, 2009).

Information systems are seen as the available and efficient options of improving the quality of services and security of information transfer and exchange in the healthcare sector. Many countries, including the United States, have created strategies to adopt automated systems in healthcare. Therefore, a lot of research has been done about how best information systems can be incorporated to improve information exchange and security (Appari & Johnson, 2010).

The requirements of HIPAA for network security to maintain confidentiality of patient records

Patient information is extremely valuable in healthcare. This information has become increasingly vital not only to the doctors but also to other healthcare givers providers like health insurance firms. The confidentiality of this information in the US was boosted through the formulation of a law in 1996.

This piece of legislation is referred to as the Health Insurance Portability and Accountability Act. This piece of legislation was formulated by the federal government hence it is applicable in all states. It regulates the security as well as privacy of health information. The key areas emphasized in this legislation are the maintenance of confidentiality, the protection of patient information and the respect of the rights to privacy of the patients (Keir & Keir, 2008).

HIPAA contains regulations on communication mediums to be used in medical institutions. These rules require staffs in the healthcare institutions to know privacy and security rules of the electronic media tools used. Under this piece of legislation, the securing of office computers must be a priority in healthcare institutions. Appropriate information technology safeguards must be acquired by the institutions.

They include virus protections, firewalls and antispyware which help in locking out cyber hackers. They also prevent virus attack on the downloaded information and even people with ill motives who may want to intercept in the exchange of information. The presence of the secured network systems provides the medical staffs with the green light of using their emails for sending and receiving of patient information (Keir & Keir, 2008).

The other regulation measurers in HIPAA are that emails must contain email notices. Email notices must be embedded on patient information. These caution users about sending messages to unintended people. It also helps senders in identifying messages that are sent to un-intended recipients. Other security measures include the encryption of the emails containing the information of patients. Subject lines in the emails have to be generic and not specific. Patient information is not to be included in the subject line of the emails (Keir & Keir, 2008).

HIPAA also contains auditing requirements for healthcare institutions. Healthcare organizations must enhance their capacity to control the people who access patient records. The code of control of access to patient records is contained in the American Academy of Family Physicians.

A system network is used in discharging this function. Such a system must have the ability to assign usernames and passwords that are unique and in accordance to the people who are allowed to access the accounts. The users are saved according to the access levels. Different user levels are assigned to different users. The security level limits the access of a person to a person. The legislation allows health organizations to develop their own system networks according to the way their activities are structured (Lindh, 2010).

Technical Risk Assessment of the healthcare security networks

Risks are inherent in security network systems. Therefore, risk management systems have to be put in place in order to help reduce the risks that can be posed in the implementation of security systems. The following risk reduction steps can be followed to ensure effective implementation of security systems (NEMA/COCIR/JIRA Security and Privacy Committee, 2007).

• The first step entails the listing of all the assets to be used in establishing health security systems. Each of the items in the security system has to define in terms of its uses.
• The second step entails the collections of the entire security-related requirement for the assets to be used in setting us the security system for the company. Most of the assets have various security specifications which must be availed for the proper working of the security system.
• The third step involves the identifying and elaborating on the threats and applying these threats to the system to determine the vulnerabilities of the system. Threat paths are easily identified.
• The probable risks are then scored.
• Mitigations measurers are then proposed for the inherent vulnerabilities in the healthcare security system.

Lastly, the residual risks are summarized and the details of coming up with details of coming up the

Compliance with state laws concerning privacy of patient records

The protection of health information is guarded by the federal government through the federal law. The federal government through the federal law defines how the information on patients should be protected by the actors in the healthcare sector. The federal law is affected or enforced in different states.

The states are the enforcers of the laws that are set by the federal government. The states set their own standards as well as sub-legislations to help them in enforcing the laws that are set by the federal government. The state laws may differ from the federal laws. However, the state laws are proactive.

When state privacy legislations promise to be more protective of patient information, then they are preferred over the state laws. Healthcare networks in such cases are implemented basing on the most proactive legislation. States pose detailed and private patient records which are the reason as to why they are better placed in enforcing the healthcare security network (NEMA/COCIR/JIRA Security and Privacy Committee, 2007).

Compliance with Meaningful Use requirements for managing IT security

For healthcare security systems have to be efficient and meaningful to the healthcare institutions, they must be implemented systematically. They must be coherent with information technology standards as per the standardizations of the International Standards Organization. Standardization of the systems is a crucial issue which will help in bringing about well-coordinated use of healthcare IT security networks.

The first consideration is the identification of IT security system which meets the industry standards. All the organizations in the healthcare sector must then be notified of It standards of the IT systems which will be required. The organizations must also be made to understand the regulations and how they can keep to the required stands.

This will help these organizations to equip themselves with the standard or right healthcare Information Technology tools to be used in implementing healthcare networks. The healthcare sector must also find proficient IT dealers to help them in the management of the Healthcare information security systems (NEMA/COCIR/JIRA Security and Privacy Committee, 2007).

Policy and procedures required to manage ongoing security principals and provided security guidance to staff

As mentioned earlier, there is a strong need to have the staffs in the healthcare sector informed of the policies that govern the use of healthcare security networks. This is because most of the staffs in this sector are not experts in information technology. Therefore, they must be guided on how to attain the best results out of the use of healthcare security networks (Cooper, 2007).

Therefore, three main key issues are addressed as it concerns to the adherence of the healthcare security principals by the healthcare staffs. The first thing that is addressed is the training of the staffs on the importance and the use of the security tools. The training on how to share patient information on a security networks then follows.

The staffs are made to understand all the regulations on information sharing and exchange including the risks that might be posed and remedies to these risks. The HIPAA clearly stipulates the guidelines on effective use of healthcare security networks (Cooper, 2007).

References

Appari, A & Johnson, M. E. (2010) “Information security and privacy in healthcare: current state of research”. International Journal of Internet and Enterprise Management, 6(4):pp. 279-314.

Cooper, T. (2007). Managing Information Privacy & Security in Healthcare Privacy and Security Principles. Web.

Keir, L., & Keir, L. (2008). Medical assisting: Administrative and clinical competencies. Clifton Park, NY: Thomson Delmar Learning.

Lindh, W. Q. (2010). Delmar’s comprehensive medical assisting: Administrative and clinical competencies. Clifton Park, NY: Delmar Cengage Learning.

NEMA/COCIR/JIRA Security and Privacy Committee. (2007). Information Security Risk Management for Healthcare Systems. Web.

Symantec. (2009). Security and Privacy for Healthcare Providers. White Paper: Best Practices Series for Healthcare. Web.

HP is a multinational corporation that operates in the computer industry providing different goods and services to the global market. While the compute deals in the manufacture of hardware goods such as computers, it also deals in the software part that involves networking. Under this networking sector that was established in 1985, the firm has been involved in a series of innovation. The firm aims at providing the best innovations that can solve key issues affecting the changing business industry across the globe. In order to attain this, the firm has undertaken measures to incorporate environmental sustainability measures. This paper discusses the effectiveness of HP’s computer networking from a strategic point of view to the structural point of view.

Effectiveness of HP’s Computer Networking Business: Strategic Management

According to HP Networking (13), HP is one of the dominant firms in the networking sector because it has capitalized on a networking innovation to create a competitive edge over its competitors. The firm has been able to achieve excellence in networking because it focuses on innovation as the most important strategy. Due to innovation, HP has been able to develop best networking solutions such as the E-series that are manufactured under the ASIC power series. The other is the ProCurve manager that is user friendly and manageable by all users. Strategically, HP uses the game theory to analyze the reaction of its competitors regarding the manufacture of a new networking product. Under this strategy, the firm capitalizes on the first mover advantage to be the first to develop efficient networking solutions and sell in the market.

In addition to these strategies, HP utilizes other strategic management techniques such as the Lean manufacturing strategies (Lean six sigma) and the marketing strategies. While lean six sigma ensures quality in the manufacturing process, marketing strategies ensure that the market is aware of the firm’s networking products. It has marketed its products online together with allowing online purchases and deliveries.

Effectiveness of HP’s Computer Networking Business: Structural Management

The effectiveness of HP networking business could also be analyzed using the firm’s structure. HP is characterized by a mechanistic organizational structure that has its management centralized in one location. The mechanistic structure is necessary for HP given its large size. With such a structure, the firm is highly specialized with the networking and other section being allowed to manage internal affairs. There is a clear chain of command that is characterized with a narrow span of control. The centralization of the organization’s management is significant because it increases standardization of manufacturing tasks, and establishment of a good working culture.

To the good organizational structure, there is speedier decision making process in the firm with the employees such as the sales representative on the ground having a clear chain of command on who to report to regarding the sale of the products or in cases of inquiries and issues. The organizational structure can be attributed to the good performance of the networking section of HP since enhances completion of various activities, setting of goals and ensuring efficiency in the innovation process. As noted by Chama (9), high efficiency and effectiveness go hand in hand and they ensure attainment of set objectives.

Thriving of ProCurve under PSG

The ProCurve networking recently expanded its regional cover to include regions such as Europe, Middle East and Africa with the product offering the ability to meet many specific needs of customer. The ProCurve network and securities channel is designed by the firm to benefit HP, its partners and consumers. The program is expanding and it is vital that it separates form the initial TSG. The autonomy of the networking will come with its management and sales representatives together with experts that develop the system. This will reduce the bureaucracy undertaken to reach the right person and relay information on consumer needs and issues. In addition, autonomy of ProCurve will help the networking section to specialize and therefore increase its efficiency and effectiveness, which is closely related to increased revenue. Given that the level of competition in the industry is high, autonomy of ProCurve will create a competitive edge for the firm. On the contrary, the independence of ProCurve will mean that the section will no longer receive much support form TSG as it has been before, but will have to ensure that it is profitable to sustain itself.

Recommended Strategies

Centralization and manufacturing of products from a single location is not cost effective for HP. The firm needs to minimize costs through outsourcing and off-shoring of its vital services to various countries that can offer services cheaply. U.S. is capital intensive while other countries such as India and China are labor intensive. Outsourcing will reduce labor costs while enabling the firm to continue with its innovativeness in networking. The internet has revolutionized business and there are many system users online. HP should capitalize on electronic marketing of its networking products and allow consumers to purchase online. In cases where the products can be installed online, the firm should minimize its costs by doing it online. The firm could apply selective pricing where prices for the firm’s products are higher in some regions but lower in others, as long as the firm meets its minimum manufacturing costs.

Works Cited

Chama, Kaunda. “Catering for a R24bn Market.” Business and Technology Insight for Solution Providers. 2009. Web.

HP Networking. “Energy Efficient Networking.” 2013. Web.

It is important to note that the Cambridge Analytica (CA) scandal was among the most prominent cases of abuse of data collecting and analyzing power social media companies can have. If Facebook users choose to share information about themselves on the social media platform, it means that they are giving up the right to privacy. The main reason is that privacy in cyberspace is not explicitly protected by the Fourth Amendment of the U.S. Constitution (Loftsgordon, 2021). There is an essential term called ‘the reasonable expectation of privacy.’ It states: “a person’s reasonable expectation of privacy means that someone who unreasonably and seriously compromises another’s interest in keeping her affairs from being known can be held liable for that exposure or intrusion” (Find Law, 2017, para. 1). Whenever a user shares his or her personal information on Facebook by agreeing to terms of use, such an individual can no longer have a reasonable expectation of privacy or making the latter satisfactory is excessively high. In other words, it will require a major scandal similar to CA in order for the data-sharing process to exceed the reasonable expectations of privacy.

Under the current legislative system, preserving the right to privacy while sharing personal information on social media publicly is challenging. The act of sharing renders the reasonable expectation of privacy practically unenforceable unless something takes place at the scale of CA. However, the existing state of affairs does not mean that no changes should be made. Facebook users should have a say in which companies have access to their information. The core justification is that humanity progressed massively from the old legislative frameworks, and social media became a core aspect of most people’s lives. Facebook should be able to collect data and use it for commercial purposes, but it should adhere to the principle that each user’s data is solely owned by the respective person or entity (Tovino, 2020). New reforms and legislation elements need to be introduced to ensure that all users’ right to privacy is protected through ownership of their data. This would imply that Facebook would have to disclose and notify its users about the companies which are buying the data.

CA scandal not only revealed CA’s violations of privacy but additionally Mark Zuckerberg’s incompetence at handling user data protection and security. I would have handled it by immediately admitting the failure to ensure that user data was being used appropriately. I would condemn CA’s use of data for political purposes, and I would face any legal fines and committee verdicts. However, I would promise that such a mistake would not happen in the future by offering a new business model restructuring around the user data ownership concept. It would mean that all user data belong to each individual user, and every person will be informed about where their data is being shared, sold, or utilized for commercial purposes. A group of businesses would be certified to use user data, and their names would be publicly available to all users since transparency is vital for ethical business conduct (Ghillyer, 2021). In addition, there would be businesses that would not have such certification but still would want to use the data. In the latter case, each user would be informed about the possibility of agreeing to provide their data.

I do not think the imposition of fines will force Facebook to modify its operations because the fines are not high enough to justify losing the profitability of the existing business model. Facebook is highly profitable in its current state, and any fine will be simply recorded as operational losses. Thus, it is critical to enforce business models and structural changes accompanied by legislation protecting user data privacy. The arguments in favor of Facebook being regulated by the Federal Trade Commission (FTC) involve high fines, consumer deception, and misrepresentation of security (Fair, 2019). In other words, the FTC’s core advantage is that it can impose massive several billion dollar fines. It additionally can protect Facebook users as consumers, who must not be misled, deceived, or presented with false information.

Earning back the trust of Facebook will require systematic changes in the business model and restructuring of the organization. For example, Facebook should become a subscription-based platform, which means it will no longer be a ‘free’ service but more similar to Netflix. However, it will most likely not work as Facebook shareholders and users would want since it will not be profitable enough due to the loss of the user base. Therefore, Facebook should disclose all the major companies buying and using the platform’s data with all the important details. Transparency would be the right step in the direction toward a better brand and company image instead of rebranding or renaming the same company. One of the most critical aspects of data use is revealing the intentions or purposes of user data utilization. All companies using Facebook’s data should make it clear how they use it to avoid any scandals, such as CA.

References

Fair, L. (2019). FTC’s $5 billion Facebook settlement: Record-breaking and history-making. Web.

Find Law. (2017). What is the “reasonable expectation of privacy”?Web.

Ghillyer, A. (2021). Business ethics now (6th ed.). New York, NY: McGraw-Hill.

Loftsgordon, A. (2021). Social media and your privacy rights. Web.

Tovino, S. A. (2020). Going rogue: Mobile research applications and the right to privacy. Web.