Question

In: Operations Management

*NOTE: I don't really know what subject this would be considered. It's from my business law...

*NOTE: I don't really know what subject this would be considered. It's from my business law class.

Outsourcing specialized operational tasks has become a common practice. When outsourcing involves the transfer of personal information, issues of security and privacy are raised. Customers may consent to the collection of personal data without realizing that their information could be shared with another company located halfway around the world and subject to different disclosure and protection rules. In recognition of international privacy concerns, the Organization for Economic Co-operation and Development (OECD) created guidelines to enhance privacy protection during trans-border data exchanges. Guideline 10 suggests that personal data should not be used or disclosed without the consent of the owner or authority of law.

Canadian outsourcing to the United States has become even more controversial since the enactment of the USA PATRIOT Act.15 This legislation allows US law-enforcement officials to obtain personal records or information from any source in the country without the data owner knowing. As a result, there have been several Canadian challenges of personal data outsourcing to the United States. In B.C.G.E.U. v. British Columbia (Minister of Health), union members argued that the Ministry of Health was violating patients’ rights to privacy under section 7 of the Charter by outsourcing physician billing data that contained personal patient information to a private U.S. company.16 The BC Supreme Court disagreed, holding that as long as the contractual arrangement authorized under the Canada Health Act ensured that a reasonable expectation of privacy was protected, the practice was acceptable. Since then BC., Nova Scotia, and Alberta passed legislation that restricts public (not private) sector trans-border outsourcing.17

The Privacy Commissioner rejected a similar complaint against the Canadian Imperial Bank of Commerce. The bank outsourced the processing of credit card transactions to an American company. The specific confidentiality and security contained in the outsourcing agreement were approved by the Office of the Superintendent of Financial Institutions, and this satisfied the Commissioner. Both decisions turned on the specific terms of the outsourcing agreement and prior regulatory approval of the terms.

When considering sending sensitive information across the border and outsourcing to American firms, businesses should:

• Undertake a security analysis of the American company prior to contracting;

• Inform the affected customer data owner;

• Include specific confidentiality, security, and reporting provisions in the outsourcing agreement;

• Seek regulatory approval of the agreement, if available; and

• Regularly audit the privacy practices of the outsourcing company.

Increased privacy concerns can be anticipated as the transnational public cloud computing industry replaces user owned software, desks, and laptops as the primary custodians of personal information. “By 2017, enterprise spending on cloud computing will amount to a projected $235.1 billion, triple the $78.2 billion spent in 2011. ….(in 2014) global business spending for infrastructure and services related to

the cloud will reach an estimated $174.2 billion, up 20 percent from the amount spent in 2013.”

Question (1): Are there certain types of information that should remain within Canadian borders? If Canadian data is at greater risk of disclosure when transferred to the United States, why not ban all public and private outsourcing to the United States? Discuss.

Question (2): How can personal information be protected when stored on a transnational cloud server?

Solutions

Expert Solution

Answer(1):
Certain types of information that should remain within Canadian borders which includes the transfer of personal information, issues of security and privacy are raised. Customers may consent to the collection of personal data without realizing that their information could be shared with another company located halfway around the world and subject to different disclosure and protection rules. In recognition of international privacy concerns, the Organization for Economic Co-operation and Development (OECD) created guidelines to enhance privacy protection during trans-border data exchanges
If Canadian data is at greater risk of disclosure when transferred to the United States, they do not ban all public and private outsourcing to the United States because, When considering sending sensitive information across the border and outsourcing to American firms, businesses should:

• Undertake a security analysis of the American company prior to contracting;

• Inform the affected customer data owner;

• Include specific confidentiality, security, and reporting provisions in the outsourcing agreement;

• Seek regulatory approval of the agreement, if available; and

• Regularly audit the privacy practices of the outsourcing company.


Answer(2):
Personal information can be protected by replacing user owned software, desks, and laptops as the primary custodians of personal information when stored on a transnational cloud server.A greater concern with cloud storage, though, relates to who consumers can hold accountable for the security of their personal information. Current laws provide guidelines for companies that maintain personal information. The laws address how personal information must be protected, used, and ultimately destroyed, as well as penalties for failure to protect that information. Those laws include provisions for ensuring any third party that company gives information to also protect it as the company would itself. But when personal information is stored in the cloud it can become virtually impossible for a consumer to know who actually compromised their personal information. In other words, everyone involved in a data breach could potentially be able to shrug their shoulders and say, “It’s not our fault.”


Related Solutions

Note: Not sure what subject this should be under. It's from a business law class. The...
Note: Not sure what subject this should be under. It's from a business law class. The Happy Times Bar and Restaurant was located on a busy downtown street. The front part of the premises consisted of the bar and a few small tables where patrons were served drinks. The rear part of the building housed the restaurant, and a patron who wished to obtain a meal at the restaurant was required to pass through the bar room to reach the...
please I don't really know how to start answering this question I really need to understand...
please I don't really know how to start answering this question I really need to understand it please show the work with a clear handwriting A collision in one dimension A mass m1 = 2 kg moving at v1i = 3 ms−1 collides with another mass m2 = 4 kg moving at v2i = −2 ms−1. After the collision the mass m1 moves at v1f = −3.66 ms−1. (a) Calculate the final velocity of the mass m2. (b) After the...
HI, I hope you are doing well. I really don't understand this question and don't know...
HI, I hope you are doing well. I really don't understand this question and don't know how to solve it at all because I am completely new to this c++ programming. can you please explain each line of code with long and clear comments? please think of me as someone who doesn't know to code at all. and I want this code to be written in c++ thank you very much and I will make sure to leave thumbs up....
please make sure it's in your own words, NOT copied from Google, my professor would know...
please make sure it's in your own words, NOT copied from Google, my professor would know and it MUST be typesetting 6) List 2 types of utility software and what each one does. 7) Explain what is malicious software and what it does 8) Explain what is antivirus software and what it does 9) Thoroughly explain the unique functions and usage of the following operating systems: (20 points) Do not copy & paste. Explain in your own words. a. Windows...
Please make sure it's in your own words NOT copied from Google, my professor would know....
Please make sure it's in your own words NOT copied from Google, my professor would know. and it MUST be typewriting. 1) Explain system software and what it does. 2) List 2 types of system software and what each one does. 3) Explain application software and what it does. 4) List 2 types of application software and what each one does. 5) Explain utility software and what it does.
I would really appreciate if you answers descriptively. I want to solutions and formulas. I don't...
I would really appreciate if you answers descriptively. I want to solutions and formulas. I don't want to any excell solutions. Thank you! Question 3. In a project, an initial investment of $8,300 equipment is expected to generate net cash inflow of $3,400, $4,000, $5,800 and $2,050 at the end of first, second, third and fourth year respectively. At the end of the fourth year, equipment would be sold for $900. Calculate the net present value of the investment if...
This is from College communication subject Note: My answer should not matched with someone's answer. What...
This is from College communication subject Note: My answer should not matched with someone's answer. What is your dream career? Essay about your dream career. Essay requires 5 paragraphs of 3-5 sentences each: -Introduction of your topic and listing 3 main points -Body 1 with the main point and example -Body 2 with the main point and example -Body 3 with the main point and example -Conclusion summarizing your introduction
Hallstead Jewelers What have we done? Daddy would know what to do, but I don't. I...
Hallstead Jewelers What have we done? Daddy would know what to do, but I don't. I really thought growing this business would be an easy thing for us, but now I am not so sure. All of the work that we did in 2005 was supposed to set us up for new success, profits, and a bright future. But now, we are showing losses on both the historical investment and on our modernization and expansion. Gretchen Reeves was talking in...
PHP Language I have XAMPP and I don't know how to display my PHP code. For...
PHP Language I have XAMPP and I don't know how to display my PHP code. For instance, when I create a basic HTML webpage I just open the code into a web browser and it shows me a basic web page. When I try to show a PHP calculation it doesn't show. What are the steps in displaying my PHP doc?
Module: Business Law I would like to know the Media Report Analysis with  Hundreds fined for not...
Module: Business Law I would like to know the Media Report Analysis with  Hundreds fined for not clearing firebreaks article of The West Australian Tue Feb 13 2018. Question: Identify the areas of law that are relevant to the chosen media report, and explain how they are relevant to the matters outlined in the report. Tip: Use Property law, contract law, corporation law, criminal law, consumer law, administrative law or tort law At least 4 of these laws can be identified...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT