This course examines corporate social responsibility in the information age. Today’s managers are responsible not only for the completeness and usefulness of corporate databases but also for securing the personally identifiable information that is stored in their systems and used for decision-making. Companies are responsible to their customers, employees, business partners and governments for ensuring the effective collection, storage, distribution and destruction of this information as well as for its accuracy and appropriate use. Laws such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the U.S, Sarbanes-Oxley Act (SOX) guide corporate actions but managers still must decide how to implement these statutes. This course covers technical issues (e.g., data security controls), behavioural factors e.g., employee and customer actions that expose stakeholders to data losses), legal requirements (such as PIPEDA and SOX) and managerial responsibilities. Cases and guest speakers are utilized to illustrate and underscore the importance of the issues studied.

Prerequisite - COMM 190 or the permission of the instructor