[Dataloss] GA: Security breach involves recent births - 140, 000 notified
lyger
lyger at attrition.org
Thu May 17 02:45:28 UTC 2007
And now for tonight's edition of "things that make you go 'hmm'..."
If the records didn't contain names or addresses, then how did the Georgia
Department of Human Resources match up 140,000 medical records and SSNs of
infants to their parents mailing addresses so quickly? And if it wasn't
"quickly", then how long did they know about the breach before the
notification process began?
Yes, I know... there's them new-fangled things called "computers". Am I
missing something or might there be more to this than currently reported?
On Wed, 16 May 2007, Dave wrote:
": " http://www.ajc.com/metro/content/metro/stories/2007/05/16/0517meshrecords.html
": " http://health.state.ga.us/pdfs/message-20070514.pdf
": "
": " by Gayle White
": " The Atlanta Journal-Constitution
": " Published on: 05/17/07
": "
": " State officials are warning parents of 140,000 Georgia babies that a
": " security lapse has exposed some of their personal and medical
": " information to the risk of fraud.
": "
": " The Georgia Department of Human Resources mailed letters Wednesday to
": " all parents of infants born in Georgia between April 1, 2006, and
": " March 16, 2007, saying that paper records containing their Social
": " Security numbers and information about their medical histories were
": " improperly discarded.
": "
": " The records do not contain names or addresses, said Stuart Brown,
": " director of the state's Division of Public Health. He said there is
": " no evidence that information from the records has been used
": " improperly.
": "
": " [...]
More information about the Dataloss
mailing list