carchibald
asked on
SS#'s and all other personal info available for all to see. Seeking legal advice on what a business legalities are.
I'm seeking any information or information on where I need to look to get my answers regarding the legality of a company who has all of their employees personal info including SS#'s available to any employee of the company that has an email account. I am concerned about this issue and the fact that anyone from the head boss to some janitoriol staff have the capabililty of accessing this information. (approximately 900 people have the capablity of accessing this information) I am fighting a political battle here as far reveiling the lack of knowledge of the IT person in charge of this server. I have addressed the issue. The one responsible for this system does not know how to use security in a Windows 2000 server environment and has all users set to full control of the entire file system. I have addressed this issue for approx. the past 6 years to no success. When I questioned who would be responsible if identity theft occured they point the fingers to me but it has been made clear that I am not the one responsible for this particular system. I'm in a rather small town and no one here local would know the legalities regarding this situaion. Any help or advice on how to address this issue or direction to lookin would be greatly appreciated.
Thanks in advance,
Fall Guy
Thanks in advance,
Fall Guy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"a lawyer that is versed in data protection liability issues is not found easily"
Perhaps, but they're the only ones who can give you an answer worth getting.
You describe a company with 900+ people - a corp that size ought to have a corporate counsel. Have they not been engaged on this issue?
Perhaps, but they're the only ones who can give you an answer worth getting.
You describe a company with 900+ people - a corp that size ought to have a corporate counsel. Have they not been engaged on this issue?
hello.
I agree with PsiCop. Also check with Social Security Services they will definetly have an answer for you.
I agree with PsiCop. Also check with Social Security Services they will definetly have an answer for you.
"check with Social Security Services they will definetly have an answer for you"
Actually, they won't. Because there is no single answer. Also, most people you can reach at the SSA are not lawyers.
Actually, they won't. Because there is no single answer. Also, most people you can reach at the SSA are not lawyers.
They could point you in the right direction instead of you pulling the info out of the "yellow pages"
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
well if he is that big of an idiot delete some random data including the SS#s, just play stupid.
gesh, i thought it was rediculous that management wanted all of our users to never change their passwords....i couldnt imagine if my users had full rights to all data.
I can tell you....I wouldn't be working there (purging my data before leaving ofcourse)
gesh, i thought it was rediculous that management wanted all of our users to never change their passwords....i couldnt imagine if my users had full rights to all data.
I can tell you....I wouldn't be working there (purging my data before leaving ofcourse)
ASKER
Welcome to the world of educuation and politics!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
North Carolina has also recently passed a law restricting use of SSNs. But we don't even know if the Asker is located in the USA.
ASKER
Located in TEXAS
http://law.onecle.com/texas/business/35.58.html
Maybe try emailing one of the folks on that site to see if they have any insight to the situation?
It's a bit of a grey area... it's mostly (all over) about disclosure of SSN's, and your question seems to teeter on possible disclosure...
-rich
Maybe try emailing one of the folks on that site to see if they have any insight to the situation?
It's a bit of a grey area... it's mostly (all over) about disclosure of SSN's, and your question seems to teeter on possible disclosure...
-rich
It might also be worth making contact with the labor commissioner's office ... for referral to agencies or entities that might assist you with other workplace concerns.
http://www.twc.state.tx.us/svcs/commrs/laborcommr.html
http://www.twc.state.tx.us/svcs/commrs/laborcommr.html
Maybe you could check with the CFO of the company or the payroll person for direction.
ASKER
Finding a lawyer that is versed in data protection liability issues is not found easily.