Tuesday, March 17, 2009 - Almanac Vol. 55, No. 25
What's the Half-life of an SSN?
We are sometimes surprised at what's on our computer.
With the advent of data breach notification laws, when an employee computer goes missing, data privacy is the first concern. Employers want to know their risks, and common practice is to scan any available backups for confidential information. Often, news coverage of a data breach notes that the employee was unaware of sensitive records on the stolen computer.
But if we've upgraded our computer a couple of times and it's been our practice to cannibalize data from the old computer, it can be easy to forget that we’ve carried forward into the present a growing privacy risk. The same is true of our confidential personal information any time we use computers to prepare our taxes, make credit card purchases or manage our finances.
Help is available. Under Penn's Social Security Number policy, faculty and staff are remedying past practices. Through Penn's Office of Software Licensing, "Identity Finder" software is available for purchase to track down sensitive data before it becomes a problem. See www.business-services.upenn.edu/softwarelicenses.