Dynacare, city at odds over necessity of employee information on stolen flash drive

[InfoSec News <alerts () infosecnews org>]

http://www.jsonline.com/news/milwaukee/dynacare-city-at-odds-over-necessity-of-employee-information-on-stolen-flash-drive-b99147298z1-232745751.html

By Don Walker
Journal Sentinel
Nov. 20, 2013

An executive at Dynacare Laboratories said Wednesday that the only reason 
the personal information of thousands of city employees was on a flash 
drive that has since gone missing was to comply with the city's 
requirements for its wellness program.

Eric Oechsner, Dynacare's vice president, said in an interview and email 
that his company made an exception about putting personal information on a 
flash drive for two reasons. He said the city required Dynacare to be 
available for blood draws at remote locations for the convenience of city 
employees. Second, some of those locations did not have adequate cellular 
connectivity to permit remote access to personal information. As a result, 
the flash drive was used.

"The bottom line is that the data was on the flash drive to comply with 
the city's requirements for service," Oechsner said in an email.

Oechsner also provided a more detailed explanation for what happened when 
a car owned by a Dynacare employee was stolen on Oct. 22. The car 
contained a flash drive with the personal information of 9,414 city 
employees, their spouses or domestic partners.

[...]



--
Dean Bushmiller teaches a great 5-Day CISM in Albany NY Dec. 2  6.
Call 327-937-9786 for details.