Unauthorised disclosure of organisational information through social media : a policy perspective

The unauthorised disclosure of organisational information through social media has become an issue. This has resulted in the need for organisations to re-evaluate ways of minimising the risks of information loss and disclosure via social media. The implementation of social media use policies can inform employees’ social media behaviours and ultimately lead to the creation of an organisational culture of awareness. Although organisations may have a social media policy in place, the issue of unauthorised disclosure of organisational information has not been given due attention. Hence, a pilot study of content analysis was conducted to explore how organisations address the issues relating to the unauthorised disclosure of organisational information via their social media channels. The findings of this pilot study revealed some emergent themes that are important for addressing the issue of information disclosure by comparing five different sectors. These emergent themes could guide researchers and practitioners in understanding and informing the organisational use of social media technologies.

Legal Issues Relating to the Notification of Australian Data Breaches

Advances in information and communications technologies during the last two decades have allowed organisations to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other international jurisdictions. Following the Australian Law Reform Commission’s review of privacy, data breach notification will soon be addressed in Australia. This article provides a review of US and Australian legal initiatives regarding the notification of data breaches. The authors highlight areas of concern based on the extant US literature that require specific consideration in Australia regarding the development of an Australian legal framework for the notification of data breaches.

The mandatory notification of data breaches : issues arising for Australian and EU legal developments

Public and private sector organisations are now able to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other jurisdictions. This article reviews US, Australian and EU legal developments regarding the mandatory notification of data breaches. The authors highlight areas of concern based on the extant US experience that require further consideration in Australia and in the EU.

An architecture for enhanced assurance in e-health systems

Notwithstanding the obvious potential advantages of information and communications technology (ICT) in the enhanced provision of healthcare services, there are some concerns associated with integration of and access to electronic health records. A security violation in health records, such as an unauthorised disclosure or unauthorised alteration of an individual's health information, can significantly undermine both healthcare providers' and consumers' confidence and trust in e-health systems. A crisis in confidence in any national level e-health system could seriously degrade the realisation of the system's potential benefits. In response to the privacy and security requirements for the protection of health information, this research project investigated national and international e-health development activities to identify the necessary requirements for the creation of a trusted health information system architecture consistent with legislative and regulatory requirements and relevant health informatics standards. The research examined the appropriateness and sustainability of the current approaches for the protection of health information. It then proposed an architecture to facilitate the viable and sustainable enforcement of privacy and security in health information systems under the project title "Open and Trusted Health Information Systems (OTHIS)". OTHIS addresses necessary security controls to protect sensitive health information when such data is at rest, during processing and in transit with three separate and achievable security function-based concepts and modules: a) Health Informatics Application Security (HIAS); b) Health Informatics Access Control (HIAC); and c) Health Informatics Network Security (HINS). The outcome of this research is a roadmap for a viable and sustainable architecture for providing robust protection and security of health information including elucidations of three achievable security control subsystem requirements within the proposed architecture. The successful completion of two proof-of-concept prototypes demonstrated the comprehensibility, feasibility and practicality of the HIAC and HIAS models for the development and assessment of trusted health systems. Meanwhile, the OTHIS architecture has provided guidance for technical and security design appropriate to the development and implementation of trusted health information systems whilst simultaneously offering guidance for ongoing research projects. The socio-economic implications of this research can be summarised in the fact that this research embraces the need for low cost security strategies against economic realities by using open-source technologies for overall test implementation. This allows the proposed architecture to be publicly accessible, providing a platform for interoperability to meet real-world application security demands. On the whole, the OTHIS architecture sets a high level of security standard for the establishment and maintenance of both current and future health information systems. This thereby increases healthcare providers‘ and consumers‘ trust in the adoption of electronic health records to realise the associated benefits.

Police Misconduct as a Breach of Public trust: the Offence of Misconduct in Public Office

Until relatively recently, the common law offence of misconduct in public office has been regarded as anachronistic. The offence was perceived to have been supplanted by specific statutory offences that could more appropriately deal with criminal conduct by public officials. However, there has been a revival of the offence with successful prosecutions occurring in Australia, England and Hong Kong. Many of these contemporary cases have involved police officers. Examination of these cases reveals that the circumstances in which misconduct in public office has been identified have been diverse, including the unauthorised disclosure of confidential information, the use of false search warrants and the sexual exploitation of vulnerable persons. In many instances, police officers were charged with other criminal offences in addition to charges relating to misconduct in public office. The matters prosecuted as misconduct in public office typically involved matters that were serious and/or could not be adequately prosecuted as other criminal offences or as breaches of police regulations governing conduct. Consequently, despite the proliferation of statutory criminal offences in the 20th century it appears that there continues to be a place for the offence of misconduct in public office. It criminalises misconduct by police officers that may not be adequately dealt with by other offences and recognises the public trust dimension of wrongdoing by these officials. However, a continuing and fundamental challenge is to determine the appropriate definition and scope of the offence.

Security and privacy of users' personal Information on smartphones

 This research investigated the proliferation of malicious applications on smartphones and a framework that can efficiently detect and classify such applications based on behavioural patterns was proposed. Additionally the causes and impact of unauthorised disclosure of personal information by clean applications were examined and countermeasures to protect smartphone users’ privacy were proposed.

Negotiating selves: exploring cultures of disclosure

If identity is a construct—and, more critically, a construct defined and developed through relationships with others in public and private spheres—then an understanding of the processes, mechanisms and platforms by which individuals disclose information about themselves is crucial in understanding the way identity, community and culture function, and the way individuals can intervene in the functioning of culture.

The effect of national governance codes on firm disclosure practices : evidence from analyst earnings forecasts

This study examines whether voluntary national governance codes have a significant effect on company disclosure practices. Two direct effects of the codes are expected: 1) an overall improvement in company disclosure practices, which is greater when the codes have a greater emphasis on disclosure; and 2) a leveling out of disclosure practices across companies (i.e., larger improvements in companies that were previously poorer disclosers) due to the codes new comply-or-explain requirements. The codes are also expected to have an indirect effect on disclosure practices through their effect on company governance practices. The results show that the introduction of the codes in eight East Asian countries has been associated with lower analyst forecast error and a leveling out of disclosure practices across companies. The codes are also found to have an indirect effect on company disclosure practices through their effect on board independence. This study shows that a regulatory approach to improving disclosure practices is not always necessary. Voluntary national governance codes are found to have both a significant direct effect and a significant indirect effect on company disclosure practices. In addition, the results indicate that analysts in Asia do react to changes in disclosure practices, so there is an incentive for small companies and family-owned companies to further improve their disclosure practices.

Disclosing disclosure : new challenges for financial communicators

Stockmarket regulators in Australia, Canada and the United States have all issued recent challenges to listed companies on their disclosure practices, questioning in many cases what has been long standing practice. Financial public relations counsellors are constantly called up to advise on the communication consequences of difference disclosure strategies. This paper will explore the challenges, faced by a group of financial communicators within seven Australia listed companies, in setting and enacting disclosure polices for the organisations. It will identify hey issues involved in communicating within a regulated environment, as well as address the implications of new technology for future practice.

Disclosure in insurance law : contemporary and historical economic considerations

This article examines the importance of accurate classification and identification of risk with particular reference to the problem of adverse selection. It is argued that, historically, this concern was the paramount consideration influencing standard form contract formation and disclosure laws. The scope of its relevance today however is less apparent in that contemporary insurance contracting is conducted in a vastly different environment from that which prevailed at the time Lloyd's was better known as a coffee house. Accordingly, the second part of this article looks at the contemporary framework of information disclosure and those dynamics within it designed to elicit information weighing on risk forecasting : specifically, (a) direct inquiry and testing requirements; (b) signaling - or incentive based structuring of insurance contractual and (c) bargaining in the shadow of the utmost good faith doctrine. Finally, certain conclusions arising out of contemporary and historical economic considerations underpinning disclosure in insurance law are outlined.

Disclosure under the prescribed insurance contracts regime : Section 35 of the Insurance Contracts Act 1984 and consumer protection revisited

Section 35 of the Insurance Contracts Act 1984 requires insurers offering insurance policies in six prescribed areas "to clearly inform" prospective insureds of any departure their policies may constitute from the standard covers established by the Act and its accompanying Regulations. This prescribed insurance contracts regime was designed to remedy comprehension problems generated by the length and complexity of insurance documents and to alleviate misunderstanding over the terms and conditions of individual policies. This article examines the rationale underpinning s 35 and the prescribed insurance contracts regime and looks at the operation of the legislation with particular reference to home contents insurance in Australia. It is argued that the means whereby disclosure of derogation from standard cover may be effected largely negates the thrust of the prescribed insurance contract reform. Recommendations to address these operational deficiencies are made.

The insured's non-disclosure in the formation of insurance contracts : a comparative perspective

The requirements that an insured disclose all facts material to a transaction as well as not misrepresent material facts in the formation of an insurance contract are universal requirements of insurance law. The nature and extent of these obligations varies from one jurisdiction to the next. Disclosure in the insurance context is distinct from the general approach in commercial contracts, and in others between persons dealing at arm's length. It is the purpose of this article therefore to examine, on a comparative basis, the approaches adopted in the Anglo-Commonwealth context of England, Australia New Zealand and Singapore to the resolution of disclose issues in the formation of insurance contracts. Particular attention is focused on the Insurance Contracts Act 1984 (Australia) as this statue effects the most significant overhaul of the common law and the National Consumer Council in the United Kingdom has advocated that similar reforms be adopted.

Disclosure and concealment in consumer insurance contracts

This book provides an in-depth examination of the theoretical,legal, social and economic foundations to disclosure and concealment of information in relation to the formation of consumer insurance contracts. A comparative treatment of this issue is undertaken with particular attention given to the judicial and legislative approaches adopted in the United Kingdom, the United States of America, Australia and New Zealand.

Role of corporate governance in mitigating the selective disclosure of executive stock option information

We examine the nature and extent of statutory executive stock option (ESO) disclosures by Australian listed companies over the 2001 to 2004 period, and the influence of corporate governance mechanisms on these disclosures. Our results show a progressive increase in overall compliance from 2001 to 2004. However, despite the improved compliance, the results reveal managements’ continued reluctance to disclose more sensitive ESO information. Factors associated with good internal governance, including board independence, audit committee independence and effectiveness, and compensation committee independence and effectiveness are found to contribute to improved compliance. Similarly, certain external governance factors are associated with improved disclosure, including external auditor quality, shareholder activism (as proxied by companies identified as poor performers by the Australian Shareholders’ Association), and regulatory intervention.

Behavioural biases and information disclosure laws relating to residential property sales : narrowing the gap between existing laws and calls for future reforms

Market failures involving the sale of complex merchandise, such as residential property, financial products and credit, have principally been attributed to information asymmetries. Existing legislative and regulatory responses were developed having regard to consumer protection policies based on traditional economic theories that focus on the notion of the ‘rational consumer’. Governmental responses therefore seek to impose disclosure obligations on sellers of complex goods or products to ensure that consumers have sufficient information upon which to make a decision. Emergent research, based on behavioural economics, challenges traditional ideas and instead focuses on the actual behaviour of consumers. This approach suggests that consumers as a whole do not necessarily benefit from mandatory disclosure because some, if not most, consumers do not pay attention to the disclosed information before they make a decision to purchase. The need for consumer policies to take consumer characteristics and behaviour into account is being increasingly recognised by governments, and most recently in the policy framework suggested by the Australian Productivity Commission