On this blog and in the real world, we often tackle problems that (can) lead to malfunctioning software and products. However there is a category of problems that rears its head ever more frequently and, unfortunately, most business fail to address it in a meaningful way until it’s too late: Information Security.
Last week, it was noted that a glitch resulted in oft-troubled bank Wells Fargo mailing –physically mailing – account information to customers that belonged to other members. This information included account numbers, balances, transactions and contact information.
While Wells Fargo naturally says that the risk of identity theft is “very low,” they also have admitted that they do not know the extent of the problem and branch managers have been left to their own devices in how to deal with customers.
For its part, the bank plans to offer customers one free year of identity theft protection, and is encouraging customers to use online banking, which it deems “safer.” While that may be an implicit acknowledgement of a problem, it’s difficult to see how it would reassure affected customers.
Were the Wells Fargo problems not enough of a scare; right on its heels comes word of two additional information security issues.
This week, it was revealed that private information belonging to 5,000 college students was made accessible on a student loan website. Deemed the result of a “computer glitch,” users who logged-in to the site were able to view information, including social security numbers, of other student borrowers.
While the response was notable (the website was shut down and users were immediately notified), it highlights the government’s challenge in handling information relating to an already-cumbersome process of managing and disbursing government-backed loans for millions of U.S. college students.
Another glitch that has come to light this week involves G.E., and its electronic health records (EHR) systems. It was reported that glitches in its report writing systems have caused problems for health providers seeking incentive payments for using the EHR system. It is currently unknown how many providers experienced the issues; not surprising given the complexity of interactions between physicians, health care providers, state governments and the federal government in the U.S. health system.
Until the problem is fixed, customers are being told to “run the reports again.” And while the problem almost certainly will be corrected, the fact that it exists to begin with, and the response of “try it again,” won’t do much to convince any naysayers of the benefits of EHR programs.