Dive Brief:
- A new report from the Government Accountability Office concludes that the number of federal government data breaches involving personally-identifiable information (such as Social Security numbers or health data) has more than doubled since 2009.
- To conduct its examination, the GAO reviewed data breaches reported to the US Computer Emergency Readiness Team by several agencies, including CMS, the Department of Veterans Affairs and the Internal Revenue Service.
- The report found that the number of data breaches grew from 10,481 in 2009 to 25,566 in 2013, and involved information such as census data, patient health information and Social Security information.
Dive Insight:
This is one of those times we should be very glad the GAO is on the case. Though undoubtedly the administrators of the various agencies are aware of the breaches and earnestly working to prevent future occurrences, having the GAO tell the world offers powerful pressure to fix things quickly. Right now, we learn that the agencies largely failed to follow standard procedures for addressing the problem, such as calculating the amount of personal data at risk for incident, recording how many individuals have been affected, recording lessons learned from their data breach and tightening up their information security systems. Leaving federal records vulnerable is unacceptable and needs to be addressed immediately.