Employee Data More Vulnerable Than Constituent Data

A new survey by PricewaterhouseCoopers (PwC) says governments should be aware that personal information about employees is more than twice as likely to be compromised in government security breaches than constituent data.

In an article on the Government Technology website, Hilton Collins says the survey found that 42 percent of the public-sector respondents reported that employee data was more likely to be impacted by security breaches than constituent data. Only 19 percent reported otherwise.

“My sense is that businesses, first and foremost, place priority on protecting their business information, which is the lifeblood of their organization,” Jack Johnson, a partner in the Washington federal practice at PwC, told Collins. “It’s not because they don't place a level of importance on employee data, but I think their priority is focused on their business information.”

Other findings include:

• 65 percent reported that their organizations didn’t have accurate inventories of where personal data was collected, transmitted and stored;
• 76 percent reported that they didn't keep an inventory of third parties who handle constituent data when data sharing occurred, and 47 percent had established security baselines for external parties when handling such data;
• 70 percent believed their users complied with privacy and information security policies, but 50 percent didn't audit or monitor the compliance, and 46 percent required employees to complete training on privacy practices.

To read the full article, click here: http://www.govtech.com/gt/560506?topic=117671