Policies and procedures have been changed to cut the risk of personal information being compromised because of stolen or misplaced laptop computers and data storage devices, officials at three state agencies told a House committee Wednesday.
"This is a real wake-up call,” said Dennis Shockley, executive director of the Oklahoma Housing Finance Agency.
"We thought we had real good security.”
More than a million names were on a stolen state Department of Human Services laptop computer and about 225,000 names were on a stolen Housing Finance Agency laptop, both swiped in April. About 5,000 names were on a flash drive of an Oklahoma Employment Security Commission employee that was lost in March. All the information contained at least the names, Social Security numbers and birth dates of the agencies’ clients.
Shockley said his agency is looking at encryption software as well as putting the data on secure servers instead of letting employees place the information on their laptops, he said.
As a result of the lost personal information, House Speaker Chris Benge, R-Tulsa, asked Rep. John Wright, chairman of the House Administrative Rules and Agency Oversight Committee, to review state information technology policies. Wright, R-Broken Arrow, started with the agencies where the personal information was compromised.
"Three of these instances by different state agencies in a fairly short space of time does indicate the potential vulnerability in light of the number of government employees with sensitive information and should serve as a wake-up call to all of the state entities,” Wright said.