$55 Million Dollar Data Breach at Choicepoint Essay

1059 Words May 30th, 2015 5 Pages
$55 Million Dollar Data Breach at ChoicePoint

Abstract
Personal data breaches have become epidemic in the U.S. where innocent citizens sensitive information is being left unprotected and subsequently disseminated between hackers. ChoicePoint is an organization that is a premier data broker and credentialing service in the industry. The company was guilty of failing to fulfil their own policy of thoroughly evaluating prospective customer organizations which resulted in a major breach. The source of this failure will be evaluated as well as possible solutions. The punishment and repercussions will be evaluated for appropriateness and the reactions of the organization will be scrutinized for potential effectiveness.

The root
…show more content…
Additionally the organization did not simply correct the one area or source of the problem they addressed all recognized weaknesses in personal data security (Culnan, & Williams, 2009). The multifaceted corrective action by ChoicePoint attacked the problem from all angles effectively seeking to transform the current security practices from weak to strong. To begin they hired an outside consulting firm Ernst & Young to assist with the redesign process. They subsequently created two key data security oversight positions; the positions were a chief credentialing officer and a compliance and privacy officer (CCPO) all of whom report to the Board of Directors. The business even formed a new consumer advocacy office supporting their new focus on protecting the individuals whose information they distribute. Further establishing a change in focus ChoicePoint willingly avoided any high-risk lines of business, scrutinized customer types, and the varieties of products that would be sold in the future. As advised unnecessary sensitive data was eliminated from storage. Audits of daily customer encounters as well as third party audits were implemented. Another impressive decision was to ensure the CEO was informed of any and all incidents detected (Culnan, & Williams, 2009). The changes implemented by ChoicePoint are clearly a drastic improvement and will be effective at deterring and

Related Documents