Tuesday, May 23, 2006

NOT GOOD AT ALL -- "As many as 26.5 million veterans were placed at risk of identity theft after an intruder stole an electronic data file this month containing their names, birth dates and Social Security numbers from the home of a Department of Veterans Affairs employee, Secretary Jim Nicholson said yesterday."

And the editorial:
It's not as though identity theft is a new worry. Last year companies such as Time Warner Inc. and Citigroup Inc. were in the news for losing computer tapes with sensitive personal information. The Bush administration has created something called the President's Identity Theft Task Force. Virtually every discussion of this subject makes a basic point: Although some data theft is inevitable in a digital society, institutions that collect people's names, birthdays and Social Security numbers must at least try to avoid losing them. Don't ship unencrypted computer tapes by UPS and then say you're sorry if the parcel goes astray. Don't let employees take sensitive files home, where they may be lost or stolen.


Mark my words, maybe not in the context of this specific case, but if this sort of stuff continues organizations maintaining personal information will be liable for damages resulting from the loss of that data. That's in addition to any criminal liability the individual "thief" might have.