Social security numbers belonging to as many as 5000 Wisconsin taxpayers were exposed because of a bad letter template used with a misaligned letter folding machine during a state tax form mailing. The letter format placed the social security number too close to the address field, causing it to be exposed outside the envelope.
The situation was reported by the Green Bay Press Gazette, which said this was the fourth time in 14 months that mailing-related problems have resulted in social security numbers being exposed. Comments from officials suggest the roots of this problem lie far deeper than the mailing room alone:
“I don’t know that firing one person or other is going to solve the problem,” [Democratic state Rep. Marlin] Schneider said. “It requires a systemic change.”
Gov. Jim Doyle, a Democrat, issued a statement saying the latest mistake was unacceptable and promised to work with lawmakers and others to ensure that Social Security numbers and other private information is protected.
Ordinarily, one might think a misaligned letter folding machine has little connection with IT. However, the string of similar problems in Wisconsin, along with Representative Schneider's comment, suggests otherwise. Clearly, the Wisconsin government culture does not take privacy lapses seriously enough. This acceptance of data leakage appears to extend from the IT department to the mail room and up into the ranks of management, which is where responsibility ultimately lies.
This is hardly the first time Wisconsin has been in the news because of poor practices leading to IT-related failures (see here, here, and here). Apparently, the Wisconsin Task Force on State Information Technology failures has not met since since last August. Perhaps it's time for that group to get cracking.