First, Do No Harm: Ethics, and Elevating IT Leadership to a Profession

July 9, 2023

“I’ve looked at life from both sides now. From up and down and still somehow…”

When you’re an IT leader, you need to remember the words of Hippocrates.

No, not those words.

In addition to the famous Oath taken by doctors, he also came up with the shorter and catchier “First, Do No Harm.” The Hippocratic Oath and its offshoots seek to embed ethics and service to humanity into medicine. But I’ll get to that a bit later.

IT leaders, particularly interim leaders, need to Do No Harm as they learn what they are caretakers of. They hear (hopefully) from upper management, and (in my case anyway) I wander the halls with coffee cup in hand striking up conversations with people. I learn the organizational culture, and I learn what people have experienced and want from their IT, customer service, etc.

In my 6 months here at the new gig, I’ve learned that between my predecessor and me was a 3-month inter-regnum period, helmed by a consultant.

From talking with IT staff and leadership, I thought I had a pretty good idea of everything that had been done in the past. I learned about deficiencies in staff training in the years before, and I can deal with that. I learned — slowly — what previous network architects had done, when and why. From talking with colleagues in the Tulsa CIO Forum and various experienced professionals, I know what vision I need to promote to get us ready for our new campus. In the first few weeks I tried to detail every contract and monetary outlay that was still in force, as well as which contracts had been summarily canceled. Last month I built an IT budget for the new fiscal year, and I thought I had a good read on our financial run rate.

I was wrong.

In working with our CFO, I learn that both of us were unaware that our cloud backup contract had been expanded and extended in October 2022 to 2024. Not too terribly bad, except that over the life of the contract that adds almost $24,000 in costs. When we finally located the contract Friday evening, we were both gobsmacked. The IT staff knew about these expanded services but not that they were an additional cost item. A nice bit of additional backup protection to be sure, but to find our costs for this service were 1/3rd higher than we thought made it quite a depressing day.

I was mad. Unfortunately, both the vendor and my family got to see the smoke coming out of my ears.

But it’s not their fault.

In my experience as interim and the New Guy repeatedly, I always try to “First, Do No Harm.” I don’t seek to commit the organization to long-term contracts unless the C-suite is fully aware, and I have buy-in from leadership. In this case, one of the Cs actually signed it, but didn’t realize this was something that might not be in the continuing interest of the organization. That’s a decision to be made by the long-term leader, not a consultant.

Unlike previous folks, I’m a direct report to the CEO so I have a different mandate and visibility to the organization. It’s a larger responsibility, and one I take seriously.

Which brings me to IT professionalism and Ethics. As the reach of technology goes farther and farther into our lives, public and private, I feel IT is overdue for an ethical code of conduct.

Working for a nonprofit medical institution and an HMO earlier, I’ve long been aware of the history of Doctors swearing to a set of ethical statements developed for the benefit of the patient, practicing their profession with conscience and dignity.

Certified Public Accountants are similarly required to follow a rigorous Code of Professional Conduct which requires that they act with integrity, objectivity, due care, competence, fully disclose any conflicts of interest, ensure client confidentiality, disclose to the client any commission or referral fees, and serve the public interest when providing financial services.

There’s even work afoot to develop an AI Practitioner’s Oath, recognizing the power and responsibility that its creators wield over our future.

As CEOs realize the enormous responsibility held by their CIO, it’s time we address this as we rise to the C-Suite and the 30,000-foot view of both the organization and external threats.

Working for nonprofits and higher education, I’ve always sought to carry myself professionally and morally, beyond any risk of reproach. Even when I was a consultant, I refrained from any vendor relationships that would offer me commissions. No free vendor lunches, either. My team could go in the name of education, but they weren’t the final decision maker.

I’ve sought to instill these values in my teams, and especially so to the ones who’ve sought leadership roles.

So here’s my stab…

The IT Leader’s Oath

Upon having completed sufficient and demonstratable technical training, be it self-taught or formal, I make this covenant to join the fraternity of IT Leaders.

I will respect the hard-won technological and leadership skills of those IT professionals in whose steps I walk and will gladly share such knowledge as is mine with those who follow.

I will practice my profession with conscience and dignity, constantly seeking to perfect my technical knowledge as well as my leadership skills, realizing that the field of study is in constant rebirth, and that I have a role in the continued development of IT as a profession.

I must always be mindful that my greatest challenge will be communication. Seeking to more fully understand my colleagues and their needs, as well as be understood, is an endless lifelong study, and critically important to one’s success.

I will not be ashamed or refrain from saying “I don’t know,” and I will not fail to call in other colleagues when the skills of another are needed to aid in a solution.

I will remember that there is art to this profession as well as science, and that warmth, sympathy and understanding carry great weight in working with my colleagues.

The technological health of my charges, be they person or company, will be my first consideration. I will seek always to protect the information of the organization, and prevent security issues whenever possible, for prevention is preferable to cure.

I will not accept any commissions or financial remuneration from vendors, as this might affect my view of their service or product. If it should happen, I will disclose it to my leadership team and recuse myself from the decision.

I realize that on this day, I become an IT Leader — held in high regard by those who have not completed this study and need my skills to do their work, and thus provide for their families. I shall forever hold their secrets as my secrets. I will strive to be a person of good will, high moral character, and impeccable conduct. I shall endeavor to love my fellow man as much as I have learned to love the art of seeking elegant technical solutions.

If you’d like to take your own try at writing one, here is a page where I found a bunch of source docs.

Going back to the original issue, when I told a colleague about all this he said…

“You know, if I were a suspicious person, the cancellation of the $20,000 online backup software contract coincided pretty close with this online backup service add-on. What if <unnamed consultant> got a commission or kickback?”

Certainly possible. But we’ll never know.

I would love to hear opinions from my fellow IT leaders in the comment section below.

One comment on “First, Do No Harm: Ethics, and Elevating IT Leadership to a Profession

Undisclosed says:

I think that kickbacks of any kind for non-profit or public/private entities and their employees are unethical. Even as a cashier or salesperson unless deemed acceptable by the employer should be rejected. Shame, shame, shame on the people who think otherwise and profit by this. Might as well be dirty money.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back To Top