CBC News reports:
Edmonton Public School District did not follow its own policy in the loss of memory stick containing personal information of more than 7,500 employees, says the Alberta privacy commissioner.
An investigation by the Office of the Information and Privacy Commissioner found information on the USB memory stick was no protected by a password or encryption.
The data included employment applications, resumes, transcripts, completed direct deposit forms (including cheques), copies of identity verification (i.e. driver’s licenses, first page of passports, birth certificates, etc.), injury forms, payroll correspondence, pension correspondence, benefits forms and correspondence, education credentials (i.e. certificate, degree, diploma etc.), job information history, pay-benefits history, performance evaluations, police criminal records check reports, etc., the report said.
Read more on CBC.