Florida Counties Face State Deadline on Hiding Numbers
Computerworld - Like other counties in Florida, Orange County is scrambling to comply with a state mandate that requires Social Security, bank account, and credit and debit card numbers to be removed by the start of 2007 from all online images of public records.
For Orange County, it's an enormous task that involves examining nearly 30 million page images from records dating back to 1970, said Carol Fogelsong, the county's assistant comptroller.
Instead of trying to do the work itself, Orange County last June signed a contract with Hart InterCivic Inc., an Austin-based provider of records management services for county governments.
Since then, the county has downloaded onto USB drives images of about 25 million pages from documents dated through April 30, 2005, and shipped them to Hart for inspection and redaction. Hart has inspected about 7 million pages thus far and found information that needed to be redacted on about 119,000 of them, Fogelsong said.
Pages containing redactions are loaded back onto USB drives and returned to Orange County, which then replaces the original image with the new page. Fogelsong said the original images aren't actually deleted -- they're just hidden from view.
Despite initial concerns about the technology challenges, the redaction process has been going better than expected, according to Fogelsong. She said Hart is using specialized optical character recognition (OCR) software to look for the banned numbers on both handwritten and typed pages. The pages are also being manually reviewed to ensure that nothing is missed, she added.
About 2 million pages are now being inspected per month, Fogelsong said. The process costs the county 2.35 cents per page, which would add up to a tab of $705,000 for the full allotment of 30 million pages.
Fogelsong acknowledged that even after the work is completed, some online documents will likely still display information that is supposed to be hidden. "I will not be able to stop everything," she said. "But I'm doing the best I can."
Florida's Broward County plans to do its redaction work internally using software it bought from Aptitude Solutions Inc. in Casselberry, Fla., said Sue Baldwin, director of the Broward County Records Division.
"I don't know how long the actual process will take," she said. "But we intend to comply with the statutory requirements, including [the] deadline."
According to Baldwin, there are "relatively few documents" posted on the county's Web site that include sensitive information. Nonetheless, she said, the required redaction effort is "a massive job. We can't do it overnight."
Bruce Hogman, a Broward County resident who has worked as an IT professional for the past 30 years, said the effectiveness of OCR tools in redaction efforts could be limited by the challenges involved in programming the software to recognize specific types of data in documents that use different formats and are of varying quality.
As a result, the redaction of sensitive data could take longer than expected, leaving information publicly available for the next several months, Hogman said. He also noted that because much of the information already has been viewable for quite some time, it is questionable how useful redacting the data will be.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts