DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

NYS: Inadvertent release to adoptee of birth mother’s identity leads to reforms

Posted on June 22, 2016 by Dissent

Another “small” privacy breach with big impact. In this case, the big impact was an overhaul of the state’s system. From their press release:

New York State Inspector General Catherine Leahy Scott yesterday released a report of an investigation that found the State Department of Health’s (“DOH”) complex and antiquated storage of vital records led to the inadvertent 2012 release of a birth mother’s confidential identity to an adoptee. The investigative findings also led to a complete overhaul and modernization of the State’s maintenance of millions of birth, death, marriage and divorce records, as well as new policies to ensure quality control prior to the release of any of those records.

Inspector General Leahy Scott’s investigation found human error led the DOH’s Bureau of Vital Records to release a partially redacted Transcript of Birth to an adoptee in 2012 in which the adoptee’s biological mother was identified, despite the record being specifically flagged with restrictions to its dissemination. The investigation found the DOH’s vital records filing system was antiquated and susceptible not only to human error but also to the inadvertent loss or destruction of records.

As a result of the inadvertent disclosure, DOH instituted new policies requiring triplicate quality control checks prior to releasing any records. It also commenced a modernization of its record keeping by digitizing paper and card files held by the Bureau of Vital Records, many of which were originals without any duplicates.

“The wrongful yet inadvertent release of confidential information in this case exposed systemic shortcomings with the State’s filing and maintenance of vital records,” said Inspector General Leahy Scott. “Ultimately, my investigation led to important reforms modernizing all policies and systems used for storage and the appropriate dissemination of these critically important records.”

The DOH Bureau of Vital Records maintains a repository of over 30 million vital records, including birth, death, marriage and dissolution certificates, as well as adoption records. Most of the records are contained on film, microfiche, and scanned digital files. However, approximately 2,420,000 are paper certificates. The Bureau of Vital Records annually processes approximately 400,000 new vital records supplied by local registrars and clerks; over 200,000 requests for copies and/or confirmations of vital records; 34,000 applications for certificate corrections and amendments; and 20,000 requests for genealogical information. The Bureau of Vital Records processes approximately 500 records requests each day.

The Inspector General’s investigation further revealed that in order to fulfill record requests, the vital records staff sometimes had to resort to searching through myriad databases/indices to match a request to a record, and some searches could only be completed by certain seasoned staff members who were familiar with the filing systems. At least one of the indices, a card catalog spanning approximately one hundred filing cabinet drawers, was the only record of amendments with no duplicate copy in existence.

In response to the Inspector General’s investigation, DOH has entered into a contract and commenced a modernization program to include the scanning and indexing of the paper records within its repository, including but not limited to approximately 2,420,000 paper records on file, as well as its card catalog index of amendments to records. The digitizing of those records is expected to be complete by September 2016.

A copy of the report may be viewed by clicking HERE.

SOURCE: New York State Inspector General

Category: ExposureGovernment SectorU.S.

Post navigation

← Information on 154 million voters exposed in the cloud – again. (Updated)
Texas Health & Human Services Commission notifies 600 after contractor can’t locate 600 records →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.