The role of information systems personnel in the provision for privacy and data protection in organisations and within information systems

Abstract

This paper addresses the changing role of information systems (IS) staff in the provision for privacy and data protection (PDP) in organisations and within information systems. A literature review is reported on which identifies the contribution that IS professionals are believed to be able to make in the provision for PDP. Significant amongst these are the use of PDP design strategies and the application of privacy enhancing technologies. The findings of a survey of IS staff is then presented. The survey explored the attitudes and roles that IS staff have with regard to their involvement in the provision for PDP. It is shown that whilst IS staff are supportive of involvement in the provision for PDP they regard the role of both IS and business managers as important factor in the overall provision. Aspects of IS professional practice and IS roles are identified as offering particular opportunities for PDP leverage. However, there are many issues in the complex PDP matrix that need to be addressed before IS staff can contribute fully. These are identified and discussed. The paper concludes by acknowledging that IS staff alone cannot provide PDP within organisations; it has to be a collaborative approach within an environment that is sensitive to and supportive of PDP.