Question

Formulate workplace scenario dealing with each of the following topic privacy. Recommend corrective action for each of these scenarios, so they fall in line with the current statutes and laws.

Make sure to provide a scenario for topic and provide a recommendation. The scenario and recommendation should be a minimum of 300 words in length.

Answer 1

Workplace scenario for privacy in Hotel industry-

Hotel has lots of personal data of customers or visitors. Hackers generally attack to hotel industry for gaining lots of data easily. XYZ hotel is currently changing its business structure from being offline data entry of customers to online for booking orders of customers. This is the digital age or era, for being competitive organization needs to adopt changes (being digital) in market place. So, XYZ hotel also do so to gain competitive advantage. But after 2 months of this digitalization most of the customers report that our hotel is using their personal data and giving it to employees. Customers told that if we will not take any step against it then they will file suit against the hotel. It takes time to understand the whole matter. Hotel’s computer system was hacked by the hackers because of the negligence of employee and they are using customer’s data for their personal use. This is the case of privacy of customer’s personal information. Hotel management has to take corrective actions. Management filed the complaint about the cyber security and provides required details to Cyber Security Department of Government. After this particular issue was solved then management should take care of this kind of mistakes.

Recommendations-

1. File police complaint against the hackers and in this case take corrective action against the particular employee who is also responsible for privacy issue.

2. Communicate with Cyber Security Cell of Government

3. Monitor and investigate out-of-hours activity and unauthorized access to computer systems.

4. Force frequent password changes

5. Limit login attempts by users

6. Clean and restore affected systems

7. Remove dormant accounts from the system

8. Communicate with customers that they adopted new technology and took corrective actions and give them confidence that their personal information is safe

9. Protect computer systems from hackers