77°Clear

“D.C. is not doing everything it can to protect the personally identifiable information, leaving the sensitive personal information of millions of people vulnerable to security breaches”

by Prince Of Petworth January 6, 2017 at 12:55 pm 2 Comments

vulnerable
Photo by PoPville flickr user Miki J.

From the Office of the District of Columbia Auditor:

“The primary finding of the report is that D.C. is not doing everything it can to protect the personally identifiable information (PII)—Social Security Numbers, date and place of birth, mother’s maiden name—that it collects and stores, leaving the sensitive personal information of millions of people vulnerable to security breaches.

The report’s findings point to wide variations in how District agencies:

• De-identify records so that enough PII is removed and individuals cannot be identified.

• Determine risks and effects of collecting, maintaining, and disseminating PII to mitigate potential privacy risks.

• Develop and conduct security training consistently across all agencies.

• Encrypt databases and digital storage devices containing PII to add additional layers of protection.”

“The D.C. Government Must Improve Policies and Practices for the Protection of Personally Identifiable Information” (PDF)

  • can_i_park_here

    Good finding this out in an internal audit instead of an incident (assuming it has not happened already). And really hope they get busy and fix it asap.

    But I really think China has my junk anyway…so…yeah.

  • Lex

    Same with the medical dispensaries that ask for your SSN and other PII – they’re not even on a secure https site. I told them and they looked at me crazy, saying even if I filled out the paperwork, one of them would just enter my info on the website.

×

Subscribe to our mailing list