On February 29, 2008, the Rockford Family Community Resource Center of the Illinois Department of Human Services (DHS) Division of Human Capital Development (HCD) was notified by the police that in the course of an investigation, they had discovered 12 boxes of files with client records. One of the residents of the home being investigated by police was an employee of Rockford Family Community Resource Center, who against strict DHS/HCD policy and directives, had taken the files home.
HCD staff were given access to inspect the files on March 4th. It took 2 months for them to notify the state that 1450 customers’ case files were involved. The data in the case files included names, addresses, Social Security numbers and, in many cases, confidential medical information.
As of May 6, the employee had been suspended “pending judicial judgment.”
Great thanks to Adam Dodge for alerting us to this incident and providing us with the documentation. Adam also maintains ESI, an excellent resource for information on university-related data breaches.