Dave Wells provides a very good discussion of the importance of making ethical decisions regarding information. Wells suggests that information managers need to consider the following matters:
Informed Consent: Should individuals be provided with full disclosure about the data that is collected about them? Should collection and use of individuals’ data be subject to their agreement?
Anonymity: Should all personally identifying information be eliminated from the data? Should data be collected only in the form of aggregates such that individuals can’t be identified?
Confidentiality: Should sources and providers of data be protected from disclosure?
Security: To what degree must data be protected from intrusion, corruption, and unauthorized access?
Privacy: To what degree should individuals have the right to determine which data about them can be shared with third parties?
Accuracy: What level of exactness and correctness is required of the data?
Ownership: Is personal data about individuals an asset that belongs to the business or privately owned information for which the business has stewardship responsibilities?
Honesty: To what degree should the business be forthright and visible about data collection, protection, and usage practices?
Responsibility: Who is accountable and at what level for use and misuse of data?
Transparency: On a continuum with polar extremes of “totally open” and “stealth data collection,” what is the right level of transparency?
Wells provides a useful matrix to demonstrate the need for ethics in information governance: