Skip to main content

Getting ready to forward that spreadsheet to your personal email account? Think twice.....then think again...

An employee -- former employee -- of the South Carolina Department of Health and Human Services found out the hard way after transferring the information of more than 228,000 Medicaid beneficiaries to his personal email account.     The data included Medicare numbers (which include Social Security numbers as part of the identifier) linked to the beneficiaries names.  The Department's response?  "[T]he employee has been fired."   Not only was Christopher Lykes, Jr. fired, he has also been charged by the South Carolina Law Enforcement Division with 5 counts of criminal violation of confidentiality laws.

Compliance and privacy officers should feel free to print out the article from the Charleston Post and Courier or the Greenville News as a "teachable moment" to discourage everyone's favorite secure email workaround.

 

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.