Government must do more to protect private data

People who are wary of identity theft and protective of their personal information will find the actions of a state worker at the Maryland Department of Human Resources unsettling. The Social Security numbers of almost 3,000 Maryland residents who filed for assistance at the DHR were posted on the Internet for several months before it was discovered ("DHR fires worker who posted Social Security numbers on the Internet," July 23).

Government agencies need to impose stricter policies and tougher regulations against employees violating the confidentiality of the people. Access to these sensitive information should be limited and monitored daily. According to the DHR Information Systems Security Handbook, sensitive information like case numbers and Social Security numbers of clients and co-workers are to be kept confidential. The handbook also states that all employees of the DHR must comply with policies and depending on the severity of the incident, "employees who violate these policies may receive loss of network connectivity, disciplinary action, up to and including immediate dismissal, and/or criminal prosecution." An example should be made out of the state worker; criminal charges should be filed, as the severity of this incident is apparent.

Even though the DHR has offered a free one-year credit monitoring to the victims, the damage to their credit might have already been done. Since Social Security numbers are not readily changeable, there are still risks of compromise after that year. DHR should consider offering free credit monitoring to victims for life as a precaution as this breach is set forth by one of its employees.

In today's tough economic times, more and more people are turning to the government for assistance. It is rather unfortunate and alarming that the very people that are supposed to help are the ones that have loopholes in their operations that might create even more problems to those seeking help.

M. Wee, Elkridge