I am one who is continually harping on security and protection of all assets in an organization. I turned the table on myself the other day and started thinking about the mis-use and abuse of personal information by organizations. If we look at Morgan Stanley, why on earth was an essentially a junior level financial advisor given access to all client data? What were they thinking? Big mistake. What about from the marketing perspective? As a member of that profession, marketing loves to gather as much data as possible about clients to increase sales. In fact, our job depends on it. Just a fact of life maybe.
But what about other uses, or mis-uses of privacy data? Regardless of industry, including government, who does have access to my personal information? More people than I would think and more information than I would expect. Not all internal breaches are caused by nefarious purposes but the information is available for the taking.
I suppose it can be attributed to the ethics of the organization, how they protect data, and the importance they place on protecting privacy data. I’ve had my personal information compromised three times now. In the last incident, which was HIPAA data, it was entirely up to me to protect my identity. That included notifying all credit agencies, putting credit holds on all accounts, and purchasing credit monitoring software. To say the least it’s rather irksome. Given that most organizations don’t even report a breach until they absolutely must, we, the people carry the burden of someone else’s mistake. And then we have to figure out how to get our identity back.
I wonder how bad will this get? Since most employers are now doing comprehensive background checks, you do have some recourse. You can request your own Lexis/Nexis Accurint Person Report, which is free. At least you can see what your potential employer may see.