Sensitive personal information on 2.9 million Georgia residents is at risk after a company lost a CD that contained the details.
It is at least the third such blunder in less than a week and raises serious doubts about the measures private companies and public officials take to safeguard individuals from identity theft.
The CD lost by Affiliated Computer Systems (ACS), which was hired to handle the information, contained full names, addresses, birth dates, social security numbers and member identification for recipients of Medicaid and other medical programs, according to an advisory (PDF) from the Georgia Department of Community Health (DCH). The department said it has called on ACS to notify all those affected and assist them in monitoring their credit reports.
But the DCH's assurances amount to little more than chasing the stallion after it's bolted the barn. And it begs the question why it hadn't taken steps to ensure the information was encrypted in the first place.
The same goes for administrators at the Chicago Public Schools (CPS), which didn't take similar common-sense precautions with a laptop containing the names and social security numbers of 40,000 teachers. (The notebook was swiped from the CPS's headquarters on Friday.) Or for that matter, why officials at the University of California, San Francisco, didn't do more to protect 46,000 people whose personal information may may have been stolen last week.
Those concerned about the DCH goof can ask questions by calling +1-866-213-3969. ®