2022-09-25 at 3:19 pm
#38348
![User Avatar](https://mu-informatics.org/wp-content/uploads/learn-press-profile/289/e269278725436615ebcd19e6921fb40e.jpeg)
Participant
I agree that the very mistaken point in this case is caused by human error. Nevertheless, SSN numbers should not be stored in plain sight by any means because it can directly identify a specific person. It should be de-anonymised/psudonymised or encrypt it before storing in the database that has a potential access by a developer or clients. In that case, even a database is compromised, the data itself is encrypted.