resource center
  See your link here
|
Computerworld - Red-faced officials at the California Public Employees' Retirement System (CalPERS) are sending out letters of apology to about 445,000 state retirees after inadvertently printing their Social Security numbers on brochures announcing an upcoming election at the state pension fund.
The error happened last week and has already prompted several changes at CalPERS to reduce the chances of something similar happening again, said spokeswoman Pat Macht.
According to Macht, the privacy breach happened after an employee inadvertently sent a disk containing Social Security numbers to the printer responsible for printing the brochures. The disk was only supposed to contain the names and addresses of the individuals getting the brochures.
Although the printer had an alert system for detecting and preventing the inadvertent publication of Social Security numbers, Macht said, many of the numbers that wound up being printed on the address panels of the brochures began with a series of zeros. That may have confused the system into thinking the figures were member numbers or some other sort of identifier, she said. In some cases, full Social Security numbers were printed on the brochures; in others, only partial numbers were printed.
Following the breach, pension fund officials sent out letters to those affected, apologizing for the error and vowing to implement measures to prevent a similar mix-up in future. "We've taken a number of steps to make sure the same thing doesn't happen again," Macht said. Those steps include a new mandatory information security training program and a process that requires at least three officials -- including the security officer and application owner -- to sign off on all releases of personal information.
"We are also doing a review of how we collect our data and how we store it and how we use it," Macht said. The review includes looking at how to create a unique identifier for individuals that would eliminate the need for using Social Security numbers, she said.
Macht noted that this incident "we think certainly underscores the need to have bullet-proof processes" for protecting personal data.
Share our Strength
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Top 10 Things to Know about Data Protection
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Ponemon Study: The Business Risk of a Lost Laptop
Download Now
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Airport Insecurity: The Case of Lost Laptops
Download Now
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
