An Audible Data Privacy Breach
RI labor dept. warns of possible privacy breach.
I think about data encryption, physical access controls to servers and such on a regular basis. But there are all kinds of formats via which data gets stored or communicated. The Rhode Island Department of Labor recently had a data breach involving their call center. Customers were able to hear conversations on other calls. The department estimates fewer than 700 people were affected.
- Paper forms in which data is originally collected. Think membership forms, applications, feedback and suggestion forms. I remember seeing a binder full of membership forms being used to prop open a door on the sidewalk in front of a store. When I pointed out to the manager that this was a problem, he shrugged and said it wasn’t a problem because all the data had already been keyed in and therefore no longer had any value to them except when the systems were down.
- Video and photographs. The advent of video analytics and photo analysis means that we are collecting, storing, and putting at risk more data than ever before. I remember seeing a retailer’s security video tapes sitting all lined up on a counter at the back of a store. The only thing that made this somewhat safe is that most likely the security system was probably so poor it would be impossible to determine who was on those videos. But now video analytics allow retailers to determine when you visit their store, who you shop with and what products interest you.
- Conversations. Yes, all those "may be recorded for quality purposes" call center calls are most likely chock full of your personal information. I worry how well those data sets are being protected, too.
I believe our role as data professionals should go beyond protecting the data held in a traditional database. Because I’m not sure anyone else is even considering that data. And I’d bet the bad guys are betting that no data professional is involved in protecting it.
Love your data. Love your customers’ data, too.
3 Comments
Leave a comment
Subscribe via E-mail
Recent Comments
- Karen Lopez on Strutting: We all Know When You are Doing It. So Stop.
- Joey D'Antoni on Strutting: We all Know When You are Doing It. So Stop.
- Karen Lopez on Strutting: We all Know When You are Doing It. So Stop.
- Thomas LaRock on Strutting: We all Know When You are Doing It. So Stop.
- Karen Lopez on Strutting: We all Know When You are Doing It. So Stop.
Recent Posts
Downloads
- EDW 2013 Karen Lopez Get Blogging
- Karen Lopez presentation DAMA PS 2012
- Data Modeling Contentious Issues - DAMA Nebraska
- Karen Lopez - 10 Physical Blunders - DAMA
- Career Success In Data Profession - DAMA
- The Straw Poll
- You've Just Inherited a Data Model CheckList
- KarenLopez - 5 Physical Blunders - 24HOP-2011
- Handouts for OEMUG / CA Global Modeling User Group Why Be Normal Webcast
- Handouts Database Design Contentious Issues - New York 2010
- Handouts Database Design Contentious Issues - DC 2010
Archive
- May 2013 (4)
- April 2013 (5)
- March 2013 (4)
- February 2013 (7)
- January 2013 (12)
- December 2012 (2)
- November 2012 (3)
- October 2012 (3)
- September 2012 (13)
- August 2012 (5)
- July 2012 (17)
- June 2012 (2)
- May 2012 (4)
- April 2012 (4)
- March 2012 (8)
- February 2012 (11)
- January 2012 (3)
- December 2011 (10)
- November 2011 (8)
- October 2011 (5)
- September 2011 (3)
- August 2011 (9)
- July 2011 (5)
- June 2011 (5)
- May 2011 (5)
- April 2011 (9)
- March 2011 (4)
- February 2011 (9)
- January 2011 (8)
- December 2010 (15)
- November 2010 (27)
- September 2010 (2)
- August 2010 (1)
- July 2010 (4)
I’m certain the number of data breaches aren’t really increasing, just the reporting of them. Kinda like shark attacks.
I think they need wider reporting. It’s time that customers understand just how poorly their data is being cared for.
[...] was reposted from Clean Up BlogThisSecurity feed and make it a snipit http://blog.infoadvisors.com/index.php/2013/01/02/an-audible-data-privacy-breach/ written by Karen Lopez. They get all the credit for this, not [...]