Managing electronic data - a code of ethics
Mary O'Doherty
Published: 03 Jul 2003 14:37 BST
Teaching employees about the ethics of data management is part of the daily routine for Sandy Hofmann, chief information officer of an Atlanta IT firm. One day, Hofmann discovered that a marketing employee had just given a 700-name customer list to a vendor. Hofmann chased down the vendor to retrieve the list. Then she gave the marketing associate a basic lesson in data management ethics: don't share customer information without the customers' permission.
"It's sort of like treating your family as well as your friends," said Hofmann, who works at MAPICS, a global IT firm focusing on manufacturing. "You have to operate under the assumption that you don't know how the information should be handled unless you know how the owner feels about their information."
Hofmann is one of a growing number of CIOs who are dealing with the responsibilities that come with being the chief steward of a company's data. CIOs, who are increasingly part of the top management team, are enacting strict controls over customer and employee data. They're also educating their employees about the responsibilities of ethical data management.
Hofmann and several other CIOs helped TechRepublic compile this code of ethics for managing electronic data.
Customer data is sacrosanct
Hofmann said CIOs are responsible for more than setting the rules. They also must be vigilant about making sure employees understand the rules and their nuances. CIOs and their marketing counterparts are often at loggerheads over using customer data, Hofmann said. That's why MAPICS' customers are routinely asked whether they want their information shared with vendors. Most customers say yes, Hofmann said.
The marketing employee Hofmann had to counsel about the privacy of customer data had worked for a smaller "free-spirited" company that MAPICS had recently acquired. Hofmann said the incident was an object lesson about her duty to educate the new employees about MAPICS' customer information policies.
Protecting customer data is a hot topic at Worldspan, an online travel agency. Company officials are so intent on hammering this point home that they're creating an online privacy course for employees who will be tested, said Sue Powers, CIO and senior vice president.
Powers discussed the idea at the last meeting of Worldspan's Privacy Council, a group she helped create after Worldspan officials noticed that the United States had few laws regarding privacy compared to other countries, particularly in the European Union.
Powers said the course will be about 30 minutes long. "It will give employees situations to help them figure out when they should and shouldn't share customer data. We'll test them to see if they can demonstrate their understanding of the policy." Employees will be allowed to repeat the test until they pass it, said Powers, who is responsible for the data handling of 1,050 people.
The security of customer data is a critical issue at Worldspan because customers give the company's employees their travel plans and credit information every day. In an effort to make her responsibility clear, Powers said, she's even been dubbed the company's chief privacy officer.
Previous
Did you find this article useful?
77 out of 154 people found this useful
- Share this article:
