In June 2006, the U.S. government got a wake-up call: A Department of Veterans Affairs laptop containing personal information on about 26 million current and former military members and their spouses was lost. Not only did the government have a potential breach of privacy to deal with, but it also faced media scrutiny and public criticism. How much damage could result to individuals and to the federal government if personally identifiable information (PII) got into the wrong hands? In this case, fortunately, the data was recovered without compromise. But that’s the exception rather than the rule. In many cases, the consequences of this kind of privacy breach are severe—to the individual and to the organization maintaining the data.
As the gatekeeper to the biggest storehouse of personal information identifying American citizens, what role should the government play in maintaining and protecting that data? The answer: a monumental role, to say the least. That role doesn’t come without challenges, of course. In this white paper, we examine some of the challenges federal agencies face in creating a “culture of protection,” discuss the roadblocks that may get in the way and offer new thinking to managing privacy issues.