With our free press under threat and federal funding for public media gone, your support matters more than ever. Help keep the LAist newsroom strong, become a monthly member or increase your support today.
Fired LA County employees had access to confidential medical, criminal records
L.A. County auditors found IT security insufficient in multiple county departments.
(
Wikimedia Commons
)
Listen
0:38
Fired LA County employees had access to confidential medical, criminal records
A series of audits found lapses in security practices at Los Angeles County departments left fired employees with access to confidential records, including medical and criminal files.
The audits, conducted by L.A. County's Auditor-Controller, reviewed systems security at Los Angeles County's probation and public health departments. They found both departments failed to delete employee's online credentials to confidential information systems after employees were fired.
Los Angeles Supervisor Mark Ridley-Thomas is expected to introduce a motion for Tuesday's regular meeting calling for more regular audits and remedial measures.
"The audits revealed astonishing vulnerabilities that need to be immediately addressed," Ridley-Thomas said. "This is information that needs to be protected at all times."
Sponsored message
In probation's case, the audit found 695 logins remained active for seven years - and 33 were at some point used to access probation systems, sometimes five years after the employee left. (Probation has now deleted the accounts.)
Auditors found additional issues with the number of employees able to view social security numbers for probationers.
At the Department of Public Health, 13 employee accounts were active well after termination of employment, and in one case, an old login was used to order tests and access the results for patients in the public health system - a possible violation of federal privacy laws. The department later told auditors the old login was actually used by an active employee rather than the person who had been terminated.
Auditors found 21 employees had key card access to health buildings after leaving the job.
The audits also found other problems with computer hardware. At the health department, 29 employee laptops didn't have encryption software installed.
At the probation department, employees could not immediately account for 18 of 40 items auditors randomly selected to review, including laptops and desktop computers. Six of the items were later found to have been donated, but officials still can't find the other 12.
Both probation and public health officials have taken action to address the issues outlined in the audits, according to the reports.
Sponsored message
Ridley-Thomas wants all county departments to undergo similar audits every year and department heads to report to the board every 90 days on how they're upgrading technology security.
He said the county needs across-the-board encryption and data security protocols.
"Anything less is unacceptable," he said.
At LAist, we believe in journalism without censorship and the right of a free press to speak truth to those in power. Our hard-hitting watchdog reporting on local government, climate, and the ongoing housing and homelessness crisis is trustworthy, independent and freely accessible to everyone thanks to the support of readers like you.
But the game has changed: Congress voted to eliminate funding for public media across the country. Here at LAist that means a loss of $1.7 million in our budget every year. We want to assure you that despite growing threats to free press and free speech, LAist will remain a voice you know and trust. Speaking frankly, the amount of reader support we receive will help determine how strong of a newsroom we are going forward to cover the important news in our community.
We’re asking you to stand up for independent reporting that will not be silenced. With more individuals like you supporting this public service, we can continue to provide essential coverage for Southern Californians that you can’t find anywhere else. Become a monthly member today to help sustain this mission.
Thank you for your generous support and belief in the value of independent news.
But the game has changed: Congress voted to eliminate funding for public media across the country. Here at LAist that means a loss of $1.7 million in our budget every year. We want to assure you that despite growing threats to free press and free speech, LAist will remain a voice you know and trust. Speaking frankly, the amount of reader support we receive will help determine how strong of a newsroom we are going forward to cover the important news in our community.
We’re asking you to stand up for independent reporting that will not be silenced. With more individuals like you supporting this public service, we can continue to provide essential coverage for Southern Californians that you can’t find anywhere else. Become a monthly member today to help sustain this mission.
Thank you for your generous support and belief in the value of independent news.
Senior Vice President News, Editor in Chief
