2008 Woodie Awards
SSN safe and sound despite Yale scare
Derek Hawkins
Issue date: 9/13/07 Section: News
- Page 1 of 2 next >
In light of a recent identity theft scare at Yale University - in which thieves stole two university computers that contained the Social Security numbers of more than 10,000 current and former students, faculty and staff members- Northeastern officials said private information is well guarded.
Since February, Information Services officials at Northeastern have introduced two major initiatives to limit and protect the use of Social Security numbers at the university.
Such measures, they said, will greatly reduce the risk of exposing Social Security numbers and personal records of Northeastern students and employees.
In the first initiative, the NUID Project, Information Services officials replaced Social Security numbers with randomly-generated, nine-digit numbers to be used as student identifications.
Until then, Social Security numbers had been the university's primary means of student identification and had appeared on class rosters and other unprotected documents.
The change affected about 200 university systems and more than 1 million records, said Information Services Director Bob Weir, who led the project.
"We take information technology security incredibly seriously," Weir said. "We have not had any significant security breach in the last 10 years. [But] you never say never. It's a topic that's always evolving and always challenging."
To complement the NUID Project, Northeastern adopted the Social Security Number Collection, Handling and Use Policy. Enacted June 1, the policy limits university's use of Social Security numbers to "purposes required or permitted by law or regulation, and in matters of inquiry conducted by authorized university officials."
Glenn Hill, director of Information Security and Identity Services, drafted the policy, which he said set new standards for handling sensitive information.
"The only place we store Social Security numbers now is where it's required or university policy - which tends to mirror regulation - like payroll or financial aid records," he said. "If somebody is asking you for an SSN now you should be surprised."
Since February, Information Services officials at Northeastern have introduced two major initiatives to limit and protect the use of Social Security numbers at the university.
Such measures, they said, will greatly reduce the risk of exposing Social Security numbers and personal records of Northeastern students and employees.
In the first initiative, the NUID Project, Information Services officials replaced Social Security numbers with randomly-generated, nine-digit numbers to be used as student identifications.
Until then, Social Security numbers had been the university's primary means of student identification and had appeared on class rosters and other unprotected documents.
The change affected about 200 university systems and more than 1 million records, said Information Services Director Bob Weir, who led the project.
"We take information technology security incredibly seriously," Weir said. "We have not had any significant security breach in the last 10 years. [But] you never say never. It's a topic that's always evolving and always challenging."
To complement the NUID Project, Northeastern adopted the Social Security Number Collection, Handling and Use Policy. Enacted June 1, the policy limits university's use of Social Security numbers to "purposes required or permitted by law or regulation, and in matters of inquiry conducted by authorized university officials."
Glenn Hill, director of Information Security and Identity Services, drafted the policy, which he said set new standards for handling sensitive information.
"The only place we store Social Security numbers now is where it's required or university policy - which tends to mirror regulation - like payroll or financial aid records," he said. "If somebody is asking you for an SSN now you should be surprised."
Be the first to comment on this story