Tagged with identity theft , SSNs
Tuesday, March 17, 2009 - Almanac Vol. 55, No. 25What's the Half-life of an SSN?
We are sometimes surprised at what's on our computer.
With the advent of data breach notification laws, when an employee computer goes missing, data privacy is the first concern. Employers want to know their risks, and common practice is to scan any available backups for confidential information. Often, news coverage of a data breach notes that the employee was unaware of sensitive records on the stolen computer.
In the days before identity theft mushroomed, it wasn’t uncommon to find social security numbers on performance appraisals, CVs, job applications, transcript requests, expense reports, and grant proposals. Since then, privacy policy and general awareness have increased to the point that most people would likely question sending SSNs in e-mail or including them on electronic forms.
But if we've upgraded our computer a couple of times and it's been our practice to cannibalize data from the old computer, it can be easy to forget that we’ve carried forward into the present a growing privacy risk. The same is true of our confidential personal information any time we use computers to prepare our taxes, make credit card purchases or manage our finances.
Help is available. Under Penn's Social Security Number policy, faculty and staff are remedying past practices. Through Penn's Office of Software Licensing, "Identity Finder" software is available for purchase to track down sensitive data before it becomes a problem. See www.business-services.upenn.edu/softwarelicenses.
| 
New! You can now receive new One-Step-Ahead Security and Privacy Tips automatically!
