The names and Social Security numbers of all 64,467 state employees were contained on a computer back-up device that was stolen on Sunday, according to a release issued Friday from Governor Ted Strickland's office.Identity theft is a serious crime and taking risks like this is not acceptable. Gov. Strickland has acted swiftly to address the problem. But shouldn't Hugh Quill, the head of the Department of Administration Services, have reviewed these procedures when he came on board?
...
The theft of the device happened when a state intern's car was broken into. Electronic data management standards at the intern's work site call for one set of backup data to be stored off-site and the intern had been inappropriately designated to store the data at his home.
The governor has ordered the cessation of this data management practice, a review of the events that led to the data being compromised and will take appropriate disciplinary action when the facts are known, according to the release.
The governor has directed by executive order that state information technology managers immediately review, and if necessary change, the procedures for handling back up information to ensure that information is secure at all times.
Fortunately, it appears that this data is not easily retrieved from whatever storage media was used. This could still turn out to be a total disaster for state employees...
HT: BizzyBlog via email
