See the full article in DataBreaches.net: Texas Error Exposed over 13 Million Voters’ SSNs
This story shows it’s easy to disclose the social security numbers of 13 million people at once. The data came from Texas’ voter registration data base, which was attached to a court report, BUT security breaches of the personal health information of millions of patients is also very common (see recent Utah and BCBS of TN breaches). Today’s electronic systems enable many new ways to breach data security and expose personal information.
The story below is about a government employee who attached over 13 million SSNs to a report and sent it to a 3rd party without anyone else reviewing his/her actions before the data was disclosed. Where should the bar be set for disclosing personally identifiable information in any report? At 1 million records? At 100 million records?
Most of the US health care system lacks effective protocols and procedures to protect data security and to prevent inappropriate data release and data breaches. Health data privacy and security require comprehensive and meaningful protections. We have a long way to go. Vastly expanding health IT systems before these problems are solved is a prescription for more data