order paper  
more phones
Academic writing services  
Custom written essay Book report Research paper Dissertation Resume and CV Editing and proofreading  
main menu
By ordering custom paper you get
  • 24/7 Support
  • Over 100 professional US Writers
  • 300 words per page
  • Flexible discount system
  • FREE revision (within 2 days)
  • Anti-Plagiarism Software Check
we accept
sample essays
Accounting Essays
Admission Essays
Analysis Essays
Art Essays
Biography Essays
Biology Essays
Book Review Essays
Business Essays
Case Studies Essays
Cause and Effect Essays
Character Analysis Essays
Communication Essays
Communication and Media Essays
Compute Technologies Essays
Consideration Essays
Controversial Essays
Description Essays
Economics Essays
Education Essays
Evaluation Essays
Explanation Essays
History Essays
Job Essays
Law Essays
Management Essays
Medicine Essays
Music Essays
Personal Essays
Personal Experience Essays
Persuasive Essays
Persuasive Speech Essays
Philosophy Essays
Political science Essays
Politics Essays
Proposal Essays
Psychology Essays
Reflective Essays
Religion Essays
Research Essays
Response Essays
School Essays
Science Essays
Sociology Essays
Technology Essays
World Literature Essays
Customers Privacy Issues essay
← Business PlanBusiness Problem →

Customers Privacy Issues. Custom Customers Privacy Issues Essay Writing Service || Customers Privacy Issues Essay samples, help


In business transactions, information is usually exchanged among partners, customers, employees, and other stakeholders. The technological abilities of the internet facilitate a wealth of information to be gathered, disseminated, and combined, with relative simplicity. Consumers continue to be bothered about the security of personal information used by companies, in spite of government supervision. Consumer concerns bring about the need for corporations to administer information security. Businesses have a duty to guard organizational proprietary and consumer information while guaranteeing conformity with regulations and laws.  In most organizations, the Chief Information Officer undertakes the role of ensuring customers privacy. This paper will seek to analyze the active role of the CIO in implementing this function.


Generally, customers are not secure with organizations in relation to protecting their private and sensitive information. Consumers are anxious on the fact that they do not know what corporations know about them. Currently, organizations continue to distribute information about their customers, extending across numerous industries. This sharing raises the risk of legal action to an organization and reduces customer trust in areas for instance shopping on the Internet (Pacocha, 2002). The Chief Information Officer is charged with employing business systems that correspond with privacy guidelines. Chief Information Officers are most verbal about necessitating technology to assist implement privacy regulations. They are most alert to the difficulty in their computing communications and the least expected to believe that present privacy facilitating technology can work out the size of their problems (Nickel, 2008).

Ideally, the primary step in protecting anything is striving to comprehend it. This involves understanding what information is available, where it can be found, and in what form in case of aggregated data. Establishing a substantial level of protection also entails recognizing the owners and keepers of this information, probable risks and impacts and security needs (US-CERT, 2005). The CIO must first understand what entails privacy policies before communicating to consumers concerning his company's privacy policies and practices. In line with this, businesses should undertake an internal audit to establish: what data they are collecting, how that data is being utilized, with who they are sharing that information, how that information is being protected and related issues (Klosek, 2009).

Auditing is the main control that should be used by CIO's to hold persons answerable for their actions. When auditing is successfully completed, there are the two probable occurrences which will emanate: successful and failed accesses. When a subject tries to access a file or information for which they are not permitted is when a failed access arises. This information is very significant for the CIO. This is because it might provide evidence into insider misuse of access or even the existence of spiteful software trying to compromise a system. On the other hand, there are audits which signify successful access to a file or a record. These offer a record of approved access to the confined data and the necessary evidence that a person got access to the privacy information. However, the disadvantage of auditing successful access to privacy data is that it can produce a huge volume of audit information (Price, 2008). After the audit is done, the next step would be to break down the large volume of audit information can then be broken into lesser units and profiled. Profiling is the procedure of describing, sorting and bounding information which makes it easy to understand the exclusive features and protection needs of information. In this case, a smaller and more convenient set of collective data is used for profiling (US-CERT, 2005).

The chief information officer can endorse new tools on the market to protect the privacy of customer for instance the Platform for Privacy Preferences (P3P) framework. This tool is fairly new and is an initiation to increased communication between customers and web site operators. Under this framework, the customers are given a chance to communicate their view points on how they want their information handled. It follows that, when the customer approaches a web site, the web site reads and conforms by the customer predilections outlined. However, the company's web site has to be equipped to operate P3P and the customer preferences should be outlined. The objective of this approach is to give the customer the chance to select their own level of privacy (Pacocha, 2002).

Moreover, the CIO should work closely with the manager of the company to eliminate those employees who do not conform to standard rules for handling privacy information. This should be done after successful employee and subcontractor performance assessments have been carried out. The assessments should incorporate infringements of policies and processes connected with the handling of privacy information. Assessments can also be used as a means to recompense those workers who have taken extra steps, made improvements, or noted loopholes in controls that impact the protection of privacy information (Price, 2008).

After the company's policies and strategies for collecting, organizing and using customer information are well set, the CIO should convey these policies to clients and customers in a Privacy Policy. The Privacy Policy of the Company should plainly state how the business can be gotten in touch with, regarding information and the kinds of third parties that will be permitted to view such information (Klosek, 2009).

Other tools the chief information officer can use are the tools that permit expression and transition of privacy inclinations and strategies between companies. They permit swapping of information between institutions, in order that the receiving institution can more simply establish the suitable privacy strategies for information handling (Nickel. et al, 2008).

According to Price (2008), privacy information might sometime be conveyed deliberately or unintentionally into information repositories which are not allowed for its storage. In regard to this, the CIO should set up possible strategies and processes to perceive unsuitable flows of privacy data. Moreover, tools which can assess write actions which may have privacy information ought to be executed. For instance, dirty word explores of email contents might be used to ascertain privacy information unsuitably conveyed through email. Likewise, intermittent assessment of files on shared drives ought to be investigated. This can be done by the scripting of operating system controls for example grep on UNIX and Search on Windows to search for keywords in shared files.

It's a significant practice for the CIO to execute a web checking program that automatically operates privacy scans to make certain that the site hasn't been interfered with and that privacy strategies remain integral (Klosek, 2009). The CIO can also implement firewall method as a privacy protection technology. This technique controls which types of ports can be used to access files or records on servers having privacy information. Likewise, protocol forms which can be used to access the information should be limited. (Price, 2008).

 Another tool that the CIO can use for information protection is the encryption tool for data storage, in conjunction with basic encryption key management. This encryption operates well when the program is a dependent tool, and makes use of Trusted Computing Platform components. Email filters for outgoing email ought to be applied for preventing privacy-responsive information outgoing from the company. There should also be Scanning techniques that permit the uncovering of privacy-responsive information on systems or PCs.  This will help a company to establish whether privacy- sensitive data is being there against the policy, and permit the taking of the suitable action. (Nickel. et al, 2008). Moreover, cryptographic protocols for example safe socket layer or web protocol security should be used to guard user access to privacy data over the system from interception. Privacy data stored in files ought to be encrypted in order to protect the data in the occasion that the media having the data becomes lost. The cryptographic keys should be well managed against loss or publicity which might permit a stranger the capability to decrypt the protected data (Price, 2008).

Another core function of the CIO is to analyze and scrutinize the insiders who occasionally access privacy information. They should be obliged to admit the legality of their access to such information. For example, insiders must be required to give reasons for accessing a certain record which may be outside the extent of their work. A dropdown box on an electronic form which permits the worker to select the basis for the access can be used to institute this. This additional step offers a restriction and a form of auditing for an insider who may be browsing out of interest (Price, 2008).

A corporation's culture must be sensitive and stick to its privacy policy. Organization's workers should be taught about privacy and its effects in an attempt to create this sensitivity. This education can be offered via electronic or paper methods by the CIO, but should be focused and reliable to ascertain all workers are compliant with a corporation's privacy policy. Similar to Information Security awareness program, good privacy policy for an organization should be efficiently communicated to its workers. As earlier mentioned, this awareness reaches an organization's clients too, frequently through the delivery of the privacy plan (Pacocha, 2002).

Another core function of the CIO is to get prior permission from his clients about possible private data transfers that could be subpoenaed by the authority. Similarly this will include other kinds of transfers, incorporating transfers to service providers and business partners (Klosek, 2009). Nickel. et al (2008) adds that in numerous rules, every citizen ought to be offered the chance to access and revise or amend their stored private information. It can be challenging when customers' information is extended across many data stores, databases and spreadsheets.

The Chief Information officer should also enforce strong verification systems such as smartcard or tokens which offer an additional layer of protection for persons accessing privacy information. This control should be applied in conjunction with access to privacy information as well as using it for system logon. This can also stop direct access to privacy information by malevolent substance executing mistakenly in the context of the user (Price, 2008).

 Generally, Organizational leaders are liable for giving efficient oversight of information privacy and security, including ascertaining effective implementation of the developed protection policies and accountability of the same. Management accountability and responsibility for cumulative data security are evident to all stakeholders. However, the chief information officer is the main actor in ensuring leadership and accountability actions on protection of the privacy of the customers (US-CERT, 2005).


The privacy of customers should be an integral concern of any business or company spearheaded by the chief information officer. The CIO should take all the initiatives to ensure that the private information of the customers is protected. Failure to do this, the customers will feel exposed and hence will loose hope with the company or business. The CIO should cooperate with other departments of the company to realize this long term goal. He should be interested to both internal and external management of the privacy policy of the company.

Customers Privacy Issues. Custom Customers Privacy Issues Essay Writing Service || Customers Privacy Issues Essay samples, help

Order Now
Order nowhesitating

Related essays

  1. Business Problem
  2. Business Memorandum
  3. Business Plan
  4. Starbucks

order now

Order now
why choose us
96% of satisfied returning customers
24/7 customer support
A wide range of services
Up-to-date sources
100% privacy guaranteed
MA/PhD writers
Custom written papers only
Free plagiarism report
Free revision (within 2 days)
Free extras by your request
Direct communication with a writer
Are your writers qualified for the custom writing?
How quick can my order be accomplished?
Is it legal to buy custom essays, term papers or book reports from your company?
Are essays offered by your company truly custom-written?
Is it safe to buy from SupremeEssays.com?
How secure is the payment system of your company?
Can I submit custom essays or term papers done by your company as my own?
How can I contact your company if I've got problems with my ordered paper?

Finally, I've found the real custom writing service . My grades are saying "Thank you, it's been a pleasure to work with you."

Jamal, South Africa

I can't believe you finished my essay under such a short deadline! You saved me from a disaster once again. You guys deliver exactly what you promise. I'll be back. That's for sure!

William H , Kansas, US

contact us
Toll free for US & Canada only. International callers are charged for outgoing calls.

Our phone numbers:
Toll free 1(877)801-5587
Call now 1(702)418-3797
SupremeEssays.com provides custom term paper writing/rewriting services inclusive of research material for assistance purposes only. The term papers should be used with proper reference and are not meant to replace actual assignments.

Get 15% off your first custom essay order

Order now

from $12.99/PAGE