Another “small” privacy breach with big impact. In this case, the big impact was an overhaul of the state’s system. From their press release:
New York State Inspector General Catherine Leahy Scott yesterday released a report of an investigation that found the State Department of Health’s (“DOH”) complex and antiquated storage of vital records led to the inadvertent 2012 release of a birth mother’s confidential identity to an adoptee. The investigative findings also led to a complete overhaul and modernization of the State’s maintenance of millions of birth, death, marriage and divorce records, as well as new policies to ensure quality control prior to the release of any of those records.
Inspector General Leahy Scott’s investigation found human error led the DOH’s Bureau of Vital Records to release a partially redacted Transcript of Birth to an adoptee in 2012 in which the adoptee’s biological mother was identified, despite the record being specifically flagged with restrictions to its dissemination. The investigation found the DOH’s vital records filing system was antiquated and susceptible not only to human error but also to the inadvertent loss or destruction of records.
As a result of the inadvertent disclosure, DOH instituted new policies requiring triplicate quality control checks prior to releasing any records. It also commenced a modernization of its record keeping by digitizing paper and card files held by the Bureau of Vital Records, many of which were originals without any duplicates.
“The wrongful yet inadvertent release of confidential information in this case exposed systemic shortcomings with the State’s filing and maintenance of vital records,” said Inspector General Leahy Scott. “Ultimately, my investigation led to important reforms modernizing all policies and systems used for storage and the appropriate dissemination of these critically important records.”
The DOH Bureau of Vital Records maintains a repository of over 30 million vital records, including birth, death, marriage and dissolution certificates, as well as adoption records. Most of the records are contained on film, microfiche, and scanned digital files. However, approximately 2,420,000 are paper certificates. The Bureau of Vital Records annually processes approximately 400,000 new vital records supplied by local registrars and clerks; over 200,000 requests for copies and/or confirmations of vital records; 34,000 applications for certificate corrections and amendments; and 20,000 requests for genealogical information. The Bureau of Vital Records processes approximately 500 records requests each day.
The Inspector General’s investigation further revealed that in order to fulfill record requests, the vital records staff sometimes had to resort to searching through myriad databases/indices to match a request to a record, and some searches could only be completed by certain seasoned staff members who were familiar with the filing systems. At least one of the indices, a card catalog spanning approximately one hundred filing cabinet drawers, was the only record of amendments with no duplicate copy in existence.
In response to the Inspector General’s investigation, DOH has entered into a contract and commenced a modernization program to include the scanning and indexing of the paper records within its repository, including but not limited to approximately 2,420,000 paper records on file, as well as its card catalog index of amendments to records. The digitizing of those records is expected to be complete by September 2016.
A copy of the report may be viewed by clicking HERE.
SOURCE: New York State Inspector General