According to the IS Principle 33 Donor Privacy, our organization has a responsibility to protect and respect our donors’ privacy including names and contact information. In addition, according to the IS Principle 5 Document And Data Retention And Destruction, we have to protect and preserve our important data, documents and business records. And also, according to the IS Principle 6 Protection of Assets, our organization’s board should ensure safety of assets, including property, documents and data, financial and human resources.
In this situation, we think the “Duty” framework is the most important in this situation. As the employees, we must report this issue to our director and board members immediately. This issue would made our charter school lose a lot of donors’ private information and many secret files would be stolen by the hacker. In the aspect of “Virtue” framework, we can not hide this truth and we should report this issue to the board members and our donors honestly, so they have enough time to think about how to deal with it. In addition, in the aspect of “Consequentialist” framework, as the employees of charter school, we have responsibility to solve this system issue thoroughly, and we are responsible for it.