The MNsure employee who erroneously attached a spread sheet with 1,587 insurance agents’ names and Social Security numbers to an e-mail to one insurance agent is no longer working for MNsure. The Associated Press’s coverage adds that the employee violated internal policy by storing unencrypted personal information about Minnesota insurance agents on a computer desktop. The agency…
Category: Government Sector
Audit of State University of New York at Albany reveals to-be-surplussed devices certified as “clean” still contained PII
I periodically post audits from the NYS Comptroller Thomas DiNapoli’s office pertaining to data protection. A recently released audit of SUNY-Albany reminds us that we need to continue to be concerned about inadequately wiped devices or drives that are to be surplussed. The audit period covered January – May 2012, and during that time, SUNY-Albany…
PA: Investigation launched into missing N. Franklin records
Scott Beveridge reports: North Franklin Township police are investigating the disappearance of records from the township building, some of them dating back to 2008. Township supervising Chairman Alex Migyanko said it appears the records, including planning commission and personnel files, appear to have been stolen earlier this year. Read more on the Observer-Reporter.
NHC Oak Ridge discloses breach involving unencrypted backup tape
The following email was published by The Oak Ridger after it was sent to them by NHC Oak Ridge administration: Officials at NHC Oak Ridge, 300 Laboratory Road, have reported a possible breach of patient information due to a missing backup tape that wasn’t encrypted. The information on this tape included patient names, Social Security numbers, birth…
UK: Former Bognor police officer fined for breaching Data Protection Act
The Bognor Regis Observer reports a former police office officer assigned to the Bognor Regis Police Station has been convicted of illegally accessing Sussex Police computers to get information on acquaintances. Thomas Grant pleaded guilty to breaching the Data Protection Act and was fined £800.
NZ hat trick: EQC reports its third breach this year
Rebecca Quilliam reports: The Earthquake Commission has admitted to another breach of privacy after information on up to 260 claimants was sent to the wrong customers. Its chief executive Ian Simpson has launched an inquiry into how the information ended up on a letter that was sent to some clients. One side of the letter…