Abstract
Background: Personal information about individuals is stored by organisations including government agencies. The information is intended to be kept confidential and strictly used for its primary and legitimate purposes. However, that has not always been the case in many South African government agencies and departments. In recent years, personal information about individuals and groups has been illegally leaked for other motives, in which some were detrimental. Even though there exists a legislation, Protection of Personal Information (POPI) Act, which prohibits such malpractices, illegally leaked information has however, not stopped or reduced. In addition to the adoption of the POPI Act, a more stringent approach is therefore needed in order to improve sanity in the use and management of personal information. Otherwise, the detriment that such malpractices cause too many citizens can only be on the increase.Objectives: The objectives of this study were in twofold: (1) to examine and understand the activities that happen with personal information leaks, which includes why and how information is leaked; and (2) to develop a conceptual framework, which includes identification of the factors that influence information leaks and breaches in an environment.Method: Qualitative research methods were followed in achieving the objectives of the study. Within the qualitative methods, documents including existing literature were gathered. The activity theory was employed as lens to guide the analysis.Result: From the analysis, four critical factors were found to be of influence in information leaks and breaches in organisations. The factors include: (1) information and its value, (2) the roles of society and its compliance to information protection, (3) government and its laws relating to information protection and (4) the need for standardisation of information usage and management within a community. Based on the factors, a conceptual framework was developed.Conclusion: This study can be used to guide implementation of information protection acts in any environment. It empirically contributes to societal awareness on how and why personal information is leaked and breached. Also, it will benefit academic domain, particularly in the use of activity theory.
Highlights
Many organisations depend on, and regard information as an important resource in their activities (Beshears et al 2015)
We present how human actions are reproduced through activities, in a conceptual framework
From the analysis and discussion that is presented above, we found four critical factors that can be used towards development of information protection and breaches conceptual framework
Summary
Personal information about individuals is stored by organisations including government agencies. The information is intended to be kept confidential and strictly used for its primary and legitimate purposes. That has not always been the case in many South African government agencies and departments. Personal information about individuals and groups has been illegally leaked for other motives, in which some were detrimental. Even though there exists a legislation, Protection of Personal Information (POPI) Act, which prohibits such malpractices, illegally leaked information has not stopped or reduced. In addition to the adoption of the POPI Act, a more stringent approach is needed in order to improve sanity in the use and management of personal information. The detriment that such malpractices cause too many citizens can only be on the increase
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.