|
|
2006-05-01
15:23-15:23 DAMA Wiki
2006-05-02
14:12-14:12 IDUG in Tampa: May 7-11, 2006
2006-05-05
01:37-01:37 More Than 160 Data Breaches
14:09-14:09 Data Breach Law Unlikely This Year
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Sponsored by:
Links to external sites are subject to change; DBAzine.com and BMC Software do not control or endorse the content of these external web sites, and are not responsible for their content. LEGAL STATEMENT © 2006 DBAzine.com. All Rights Reserved. |
I don't think an oath like you suggest for DBAs would be "the answer" (although it might be one component in the answer).
The trouble is that, as a DBA, I am rarely given the power to implement this sentence in the oath -- "I will enact proper procedures and security for the good of my company's customers according to my ability and my judgment and never do harm to any data entrusted to me."
Sometimes company policies are dictated to me. My only recourse is to implement them or quit.
In most cases, I am told that I'm responsible "for implementing good data protection policies." But then I am given no control over my time. So I'm held responsible but haven't been given a fair chance to do a reasonable job.
Bottom line -- as a DBA I'm rarely the decision maker. We need national laws that either mandate safe treatment of data or enforce penalties otherwise.
You say there is little choice but to implement policies you disagree with or to quit. Perhaps there ought to be more quitting. I know this is a difficult and disruptive thing to go through, but perhaps it is better to be ethically whole than financially flush?
But I do think that I agree with your "bottom line" line. DBAs are not corporate decision makers -- and we need (inter)national laws that mandate safe treatment of data with enforceable penalties to be enacted otherwise.
Replies to this comment