Eye See U, Inc., headquartered in Orange County, California, is one of the
largest medical billing companies in the United States. As a part of its business, the Company prepares invoices and receives payments on behalf of private and governmental entities, both state and federal. To fulfill its mission, the company stores a substantial amount of consumer data, including social security numbers, dates of birth, medical histories, and credit card information. In a routine audit, the company discovered that an unauthorized party had accessed the Company's database.
Upon discovering the unauthorized access, the Company immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against any further attacks. Not wanting to be the target of adverse publicity or to chance the possible loss of lucrative contracts, the Company did not disclose to anyone, it's clients or consumers, the news of the security breach. Identify and discuss the ethical issues you see in this scenario. How do you think the company should resolve the ethical issues? Do you believe the company had an ethical duty to disclose the breach, and if so to whom? Are there any ethical theories that support your response?