Inside TDV - The Data Vault Blog
Lost Files Case Proves Yet Again Security Can be Tricky
Two workers at the National Personnel Records Center in St. Louis have admitted dumping, destroying or misfiling at least 1,800 government files, according to a story by The St. Louis Post-Dispatch.
The story notes that the workers were being paid for speed in processing documents pulled from 100 million federal employee records. Those that were destroyed or misfiled include 241 documents found in 2012, discarded in woods near the center, off Interstate 270 in the Spanish Lake area. Three hundred names and Social Security numbers were visible on them.
One of the ex-employees, Lonnie Halkmon, 28, was sentenced in January to two years of probation and ordered to perform 40 hours of community service. The other, Stanley Engram, 21, was given an identical sentence on Feb. 7. Each pleaded guilty of destruction of government records.
It seems paying people based on how quickly they can process files is only asking for these kinds of problems. It boggles the mind, actually. Speed of completion in almost any venture should be balanced by quality. In a situation in which a million files that include people’s private information, speed should be a secondary consideration.
U.S. Attorney Richard Callahan said last month that an audit determined only one veteran was known to be affected, and the document in question was re-created, The Dispatch reporrted. Many veterans whose files were affected are deceased, and those records were individual documents, not entire personnel files.
Callahan confirmed that employees involved in the process were compensated by the number of records they filed. He did not comment to The Disatch on whether that ought to be changed or better supervised, “But I’m confident that the records center … has addressed it.”
They fired and prosecuted those two employees, so that specific incident has been addressed. But the National Personnel Records Center really needs to look at its policies going forward, and maybe consider a better solution to its records storage. How much of that information could be scanned and digitized? How much of it needs to be quickly available, especially in the case of those records related to deceased veterans?
Archive what isn’t necessary, store it securely and then leave it alone unless absolutely necessary. Consider better quality control in regards to policies. Oh, and perhaps do better background checks.