I agree that the very mistaken point in this case is caused by human error. Nevertheless, SSN numbers should not be stored in plain sight by any means because it can directly identify a specific person. It should be de-anonymised/psudonymised or encrypt it before storing in the database that has a potential access by a developer or clients. In that case, even a database is compromised, the data itself is encrypted.
Reply To: Kansiri_Third-Party Mailing Error Exposes 37K SSNs
Home › Forums › TMHG523 Principles and Foundations of Public Health Informatics › Week 2 : Health Information Privacy & Security › Week 2 Assignment : Peer review Case Study › Kansiri_Third-Party Mailing Error Exposes 37K SSNs › Reply To: Kansiri_Third-Party Mailing Error Exposes 37K SSNs