It is impossible to overemphasize the need for impeccable handling of private information by those in responsible positions.
Security breaches that expose private information increase the risk of identity theft. And the financial and emotional burdens of dealing with identity theft can be highly distressing.
Yet there’s been another security breach in Virginia.
The Virginia Department of Human Resource Management announced that personal information on 13,000 state employees was mistakenly released. The information included Social Security numbers.
The good news is that the information went only to 11 people, and those 11 were state human resource and payroll workers — people who hopefully have enough sense and training to prevent the security breach from spreading and to resist the temptation to exploit the information.
The information was revealed by a subcontractor for Anthem insurance. Anthem and subcontractor Conexis are offering free access to credit monitoring and identity theft services
Similarly, earlier this summer Social Security numbers were printed on address labels, for anyone to see, of Aetna health insurance brochures sent to nearly 19,000 University of Virginia students. That mistake was made by a subcontractor for Aetna, where information was supposed to be double-checked to avoid such exposure. But the first error occurred when UVa sent the personal information to Aetna, as a result of a failure to update a computer program.
Both these incidents show just how critical it is for personal information to be managed sensitively at every step of the way.
And they also show that the more people who are authorized to handle the information, the more opportunities there are for error and exposure.
Personal information ought not be so lightly moved from place to place, recipient to recipient, increasing the likelihood of a security breach with every transfer. Instead, personal information should be tightly controlled, limited in scope and treated with the highest degree of vigilance.