Irma: A socially-conscious, ICT student who wants to put IT to use to make a positive change.
Nate: An IT student friend of Irma’s who is really good at computer programming. Nate is a self-described IT geek, and frankly believes that it is naive to think that information privacy is even possible in the digital society we live in. He wants to be an IT entrepreneur.
Dr. Innovation: Professor of an e-series course Nate took as freshman.
Irma and Nate like to hang out in the FSU Collaboratory and talk. One day, Irma arrives later than usual and out of breath. She just received notification that her health records were among those stolen from a campus mental health clinic. Irma was successfully treated at the clinic for mild depression last year. Apparently someone used a digital scanner about a month ago to copy health records for over 1,000 students who had been treated at the clinic that year. Although Irma’s records were among those that were stolen, her primary concern isn’t really about her records. After all, many college students suffer bouts of depression and go on to lead happy, productive lives, plus there is little stigma attached to depression in early adulthood. Her friends and family will understand if the information becomes public. She is concerned, however, that others may have been undergoing treatment for more serious mental health issues, and could be subjected to embarrassment and even ridicule should their records become public. This experience has opened her eyes to the importance of information privacy, and the lack of progress being made to safegard it, even in the health arena. She’s heard about HIPPA, but honestly, HIPPA doesn’t seem to have helped one bit in this case!
Irma’s friend Nate listens to her recount her news as she sits down. Personally, he believes that people who think that it is possible to go through life without having their privacy compromised are naive, but he and Irma are friends and he is sympathetic with her concern about the health records that were scanned. He also wonders if this might be the opening he’s been looking for to make a name for himself. Surely there must be better ways to safeguard health records than ineffective government policies.
Question 1: Should Nate and Irma try to work together to try to stop future information privacy breaches like this one? Given their very different positions (get-over-it/paramount importance) about information privacy and personal goals (entrepreneurial/social good) do you think they can be successful? Explain your reasoning.
Pick the option below that most closely reflects your group’s consensus. Proceed to Scenario II.
So this is our group option.
Nate and Irma decide to work together to develop a solution to this information privacy issue. They decide that the differences in their positions and goals can be put to good use in this situation.
Nate and Irma decided to work together to find a solution to this information privacy issue. They discuss a number of alternatives, including both social (grassroots action, legislation, or regulation) and technological possibilities (enhancing the existing software, developing sequential patches or fixes, or developing new preventive soft- and hardware). Irma thinks social approaches are the more likely to succeed, while Nate favors a technological approach. Dr. Innovation is there and stops by to see how Nate is doing. Nate and Irma tell him about their project and ask his advice on the direction they should take.
As a group, discuss what you think Dr. Innovation should advise them to do, using what you know about information privacy, information security, information technology, and information policy. Then, answer the following question:
Question 2: Thinking about the information privacy breach that occurred, do you think a social or a technological approach is a more appropriate direction for Nate and Irma? Explain your reasoning.
Pick the option below that most closely reflects your group’s consensus. Proceed to Scenario III.
So this is our group option:
Dr. Innovation advises that they take a technological approach and offers to help them brainstorm what sort of product might address this problem most effectively.
Prof. Innovation shows Nate and Irma some really cool new software they’ve just gotten in the Collaboratory for brainstorming, and helps them get started. Dr. Innovation mostly asks questions to get them thinking. His questions include: What would be required to ensure that a similar breach won’t occur in the future?; What is the best strategy to keep ahead of cybercrime of this type?; and How are you going to make any solution you come up with last? By the end of the session, Nate and Irma realize that they still have a lot to learn about information privacy and security, but they’re excited to move forward.
As a group, brainstorm possible technological solutions to this information privacy issue, using what you know about information privacy, information security, information technology, and information policy. You should think about how you would answer Prof. Innovation’s questions.
Question 3: Given this scenario, do you think Irma and Nate are ready to proceed, or should they do further research? Explain your reasoning.
To see what Nate will do, jump to Scenario IV: The Solution
Scenario IV: The Solution
Information privacy and information security are complicated and intertwining issues that are not easily resolved. As they continue to brainstorm and do background research, Nate and Irma realize that it was a good thing they decided to work together, because any lasting solution is most likely going to require a legal or regulatory (social) component as well software and/or hardware (technological) component. What’s more, that solution will likely involve economic as well as altruistic exchange. Nate and Irma make a great team, and they are confident they will find a solution that will make them both proud.
Question 4: Given this scenario, what are the three most important barriers or obstacles do you Nate and Irma will need to overcome as they continue to work together to ensure future students won’t face similar breaches of their information privacy?