Risks and Consequences of Non-Compliance

Risks and Consequences of Non-ComplianceOur group sport been presented with the selective in haomaation set Road collision Casualties in Camden. This information is published by the London Borough of Camden which is licensed under the Open political relation Licence. All data on road collisions argon provided by TfL (Transport for London), who present the data in three parts on an annual basis. The data set contains information on the casualties where some information has also been added from att shutdownants. The att displaceants and vehicles are recorded as separate data sets and are available on an open platform, as a result they can be joined together by the mathematical function of a reference column. If joined together the data go away show accidents where multiple casualties, att blockadeants and vehicles were present. In the reference there will be several records for the equivalent incident. It is suggested that data analysis should be undertaken which uses three year s of data in order to avoid any anomalies.The statistics in the data set displays personal injuries which prevail taken place on public roads which were reported to the police. The police note down the information using a STATS19 form and this is how the data is recorded. eon it is not possible to predict e actually potential legal issue that the application may face, both during development stage and in use, utilising the Road Collision Casualties in Camden data set, the just about common pitfalls can easily be avoided. Implementing a proactive legal compliance strategy, during the early part of the development process, will help to minimise the legal risk and strengthen the nurseion of application itself.IntroductionRisks and consequences of non-complianceFailure to design the software program in accordance with the various legislative and industry constraints, may result in a growth that will attract, in the worst case scenario, legal proceeding and/or make the product diff icult to sell. Also, it may be incompatible with other software or data formats. Research into the various standards, industry codes and relevant legal obligations will set apart the design to progress with clarity regarding these requirements.Standards, codes legislationThe particular items that are relevant to this project are as follows-The British Computer Society Code of rehearse -The Open Government Licence for Public Sector schooling Data Protection Act 1998It is considered that this Act is not applicable for the data accessed by the software, as it contains no personal information. However, it is alike(p)ly to be applicable to data macrocosm held regarding the users of the application in terms of their logging into the system and the history of their use of the data, so we beget to be in compliance with Data Protection Act 1998(DPA). Because we will be storing and handling personal information, small errors and inaccuracies can lead to unsafe data protection breaches and give rise to serious consequences. Compliance with data protection legislation is not just a matter of good practice, it is a legal requirement and, as the penalties for nonfulfillment are extremely serious, especially nowadays in an environment of increasing focus upon data protection, it goes without saying that for this application that we are creating, we need to take great care to protect personal information.The Data Protection Act 1998 is enforced by the Information Commissioners Office (ICO), which has considerable powers when it finds an shaping to be in breach of the data protection principles in the way data is handled. The Information Commissioner has historically shown he is ready and willing to take action, and in extreme circumstances, to bring criminal proceedings with respect to mishandling of personal information. The consequences and penalties which may follow breach of data protection obligations are varied, and in most cases very serious. The ICOs action c an include Monetary penalty notices (For serious breaches of the DPA the fines could reach up to 500,000).Criminal Prosecutions (Deliberately breaching the DPA can lead to possible prison sentences).Undertakings (Organisations have to induct to a particular course of action to improve their compliance and avoid further action from the ICO).Enforcement notices ( Organisations in breach of one or more of the DPA principles are required to take specific steps in order to comply with the law).Audit (The ICO has the authority to audit government departments without consent to check organisations are complying). handicap Discrimination Act 1995This would apply in terms of the presentation of the user interface with reference to, for example, warp contrast and legibility.Add compliance with the DDA to the project requirements. discerp the range of user types and identify any persons likely to fall under the DDA that would use the system. Look at the human interfaces that the system will employ and go over that all projected users can utilise the application.Demonstrate that the application has been designed to meet these needs in terms of, for example, character/font/ size/colour/contrast or in terms of any audible or spoken interfaces.Display Screen Regulations 1992The user interface should not compromise an employers might to comply with this legislation. For example, repetitive strain injuries or eye strain. There is also a Human Factors consideration here in terms of optimising user motion by maintaining concentration, thereby reducing errors. This is unlikely to have a direct impact on the designer/supplier of the software but may have a reputational impact if the product is problematic in the workplace.Intellectual propertyBefore we started our project it was essential for us as a group to have a firm grasp of intellectual property rights and how they apply to the software industry, as protecting our software application would make it easier to take legal action against anyone who steals or copies it. Computer software law is distinguished from most other intellectual creations protected by intellectual property law in that contrastive aspects of the software is eligible for protection by patent, copyright and trade secret laws. Each type of protection has advantages and disadvantages under the current laws.Historically its been quite aphonic to get software application approved for patent from UK Intellectual Property Office. This means that UK software developers have been left to rely on copyright to protect their work. This was something we had to take into consideration because copyright only offers protection against being copied. However, the Patents are an absolute right against unauthorised use of the patent holders invention, and can protect the implicit in(p)/original ideas and processes of our application. So with a patent, it does not matter whether a competitor has copied the program or developed an identical program or indeed a different program which uses the same ideas or process steps on their own, it still breaches the patent and us as patent holders can claim redress and/or an injunction to enforce their rights.In the case of our application, copyright law would protect the source and object code, as well as certain whimsical original elements of the user interface. While the patent can protect the novel ideas embodied in our application which copyright cannot. However, as I already mentioned, historically its been shown it is quite tough to get software application approved for patent and there is no guarantee that the UK Intellectual Property Office will grant a patent for our software invention. Moreover, the costs for obtaining a software patent are significantly higher, so we as a company have to exhort our options and go with the best possible.Furthermore, the terms of use for the application itself are provided by us who designed the application, but also it should be noted tha t the data being accessed by the application is also subject to conditions of use by the data owner. This data is published by the London Borough of Camden which is licensed under the Open Government Licence v3.0. These conditions should also be provided to the end user and embodied in suppliers terms of use. The Licensor grants us a worldwide, royalty-free, perpetual, non-exclusive licence to use the Information subject to the conditions likeacknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to this licenceThis means we are obligated by the Open Government Licence to provide a link for our end user or let the end user know that applications contains public sector information licensed under the Open Government Licence. This is one of the most important conditions of this licence and if our company fails to comply with them the rights granted to us under this licence, or any similar licence granted by the Licensor, will end automatically.It is also important to note that this is version 3.0 of the Open Government Licence. The Controller of this licence may change the licence itself from time to time and issue sweet versions of it. And if that happens the terms of that licence will continue to apply from the previous version (current version which is 3.0).Software licensingA software license is a document that provides legitimately required guidelines for the usage and sharing of software. A software licensing agreement will protect our copyright and IP rights by placing restrictions on the end user in relation to how the software can be used. The software licence will allow the end users to have one or more copies of our software, without violating copyrights.When we publish our end product it is critical that we licence our software very carefully to retain the IP rights and to ensure we are able to generate revenue from our work. A software licence usually comes in one of three major formsProprietary licenceFree licenceOpen software licencesubstance abuser requirements source with the user of the software and the client, for whom the work is being undertaken, will modify a full and clear understanding of their expectations to be captured in the form of a User Requirements Specification. In particular, the types of users, how the data will be accessed and used should be sought from client and fully understood. This, combined with any legislative, industry or standards requirements, will form the overall Project Requirements Specification.Specification/requirementsTaking all of the above a definitive set of Project and Technical requirements can be developed. These will enable the project to proceed from a clear and common understanding. All Stakeholders should sign the requirements and any subsequent changes should be avoided, but if necessary, undertaken in a controlled process. This is important in controlling cost, programme and avoiding differing expectations.VerificationIt is important to continually check back against the requirements as the design develops. This can be done in the form of a requirements matrix and recording evidence (links to docs/specs) that each requirement is being met.