Firstly, let me make it clear I am not a lawyer - IANAL. So naturally I was left stressed and scratching my head at a recent and very difficult situation.
A client of mine was having a shake up at the top end of the company. I don't know why and I didn't ask. The boss was on leave, directed in some way by the Board of Directors and I was being given conflicted requirements - one boss saying "Don't do anything - stuff is happening in the background" while the boss appointed by the Board was asking me to do various things to essentially keep the business running.
The way I've dealt with it, and I think it's probably the way to remember for the future is to request, in writing and signed by a large number of the Board members a document to give you permission to do as requested by the Board appointed Boss. I asked for the Board chairman, two other board members and the CEO or Boss to sign the document - thus ensuring a majority of high level stakeholders were involved in this process.
The key thing about this to remember is that my organisation was working with their organisation not individuals working with other individuals. As much as I might have a relationship with a member of that organisation, the important thing is that it's a relationship between two businesses. The Board is the controlling entity of that other business and the document you get from them means that if they aren't behaving there is a limitation to liability for me - I have been directed in a manner that I can reasonably indicate was from a legitimate controlling entity.
At the highest level too, the business's data all belongs to that business - not to the people working there. This can be tricky of course if there is some intellectual property involved but that's what the courts are for. At any rate, in this particular instance, once I had that paper shield (as it were) I went ahead and performed the tasks as requested. If I'm ever challenged on that, I can simply say - here is the document signed and presented to me by the Board of Directors. There isn't a higher power in the organisation so as far as I'm concerned as an IT Professional then I have to do as they ask, or we lose a client. I think as long as what I'm asked to do isn't in contravention of any ethical or moral strictures then this can work well.
I hope you, gentle reader, don't get caught in the middle like this. It's very uncomfortable and must be handled with some care. Good luck and have a good lawyer - like I do (thanks AP!)
Subscribe to:
Post Comments (Atom)
Adventures with Immich
With the implementation of my Proxmox server it's now time to play with some new applications - and we'll start with Immich, a repla...
-
With the implementation of my Proxmox server it's now time to play with some new applications - and we'll start with Immich, a repla...
-
One of my clients, a non-profit, has a lot of files on it's clients. They need a way to digitally store these files, securely and with a...
-
This is an update of an older post, as the utilities change, so has this concept of a cheap network spike - I use it to troubleshoot network...
No comments:
Post a Comment