Wednesday, July 05, 2006

Safeguarding HR information: take a look at some new ideas for preserving your employees' confidential data

It's an impressive list: Time Warner, Eastman Kodak, Motorola, MCI. All industry leaders with significant resources and large numbers of employees. And this past year, all of them had to tell current or former employees that their sensitive personal information had been compromised.

Some had computers stolen while others lost backup tapes, but the result was the same: Workers were potentially exposed to identity theft.

It's a danger that is not limited to this short list of top employers. There have been numerous high-profile cases where hundreds of thousands of employee, consumer and student records were lost by, or stolen from, various financial institutions, data brokers and universities.

In fact, through September there were more than 100 personal information breaches of employee, consumer or student data affecting more than 56 million people, according to a list updated regularly by the Identity Theft Resource Center (ITRC) in San Diego.

One of the largest breaches occurred at Time Warner, which announced this spring that tapes containing personal information on about 600,000 current and former U.S.-based employees had been lost by Iron Mountain Inc., a Boston-based records management and storage firm. The U.S. Secret Service is investigating.

"In the wake of the incidents of the past year involving a number of companies, we've made a decision to begin encrypting all of our backup tapes," says Time Warner spokeswoman Kathy McKiernan. Time Warner also has "changed certain procedures in terms of Iron Mountain's handling of our data," McKiernan added, but she would not discuss details of those changes, citing security concerns.

At Kodak, MCI, Motorola and other businesses, laptops containing sensitive information were stolen--the same type of problem that accounted for one-quarter of the employee record breaches that occurred this year, says Donald Harris, president of HR Privacy Solutions Ltd., a consulting firm in New York.

Such security breaches can come at a high price. In the Internet Age, one computer that is not properly protected or one hard drive that is not adequately erased can provide thieves with access to thousands of employee records--which they can use to apply for credit cards, spend money that isn't their own and wreak havoc on the lives of people whose only crime was trusting their employer.


# posted by Medical Information : 3:16 AM
Comments: Post a Comment

Subscribe to Post Comments [Atom]





<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]