1. In general, what skills and abilities do employees need for making ethical decisions about privacy? What else to they need besides skills and abilities?
2. Suppose you became responsible for providing training in privacy at Claremont Savings Bank. Describe the training methods you think would be most effective, and explain why you chose those methods.
3. Suppose you work in a company's human resource department, and a rumor has reached you that one of the employees during her lunch hour sent out an e-mail to a few friends, describing an embarrassing but not illegal situation she had been in over the weekend. Someone from the company's IT department came to you with the news. What should be your response to this situation? Where in the company are ethical (or legal) issues that should be addressed? How will you address them?

Many employees deal with information that requires a respect for someone's privacy. Examples include employees who process data related to patients' or employees' health, clients' financial matters, and corporate secrets, such as a new product under development.
Employees also need to identify appropriate boundaries with one another: for instance, when, if ever, is it OK for one employee to read another's e-mail messages without permission? The answers to such questions must meet ethical (and sometimes legal) requirements. For example, some companies have fired employees for sending e-mail that is "inappropriate" but haven't clarified for their employees how to measure appropriateness-or even that the company monitors e-mail.
To help employees identify situations requiring protection of others' privacy and to teach them how to handle those situations appropriately, some companies provide training in privacy matters. For instance, hospitals may train employees to notice, report, and prevent situations where carelessness with computers or paper makes it possible that the privacy of patients' data was compromised. Employees responsible for a company's information system need policies and guidance for identifying and communicating the boundaries between employees' privacy rights and the organization's right to know what its employees' are doing and communicating.