Notification of Sensitive Information Compromised

This post contains affiliate links.

I was not too happy when two days ago I received letters from my Health Insurance company that a laptop was missing from the company property that contained sensitive information for my two kids, my wife and I. The company sent an official letter with an apology and informing us that the risk was low but still could exist and we were provided with 1 year free service to a credit monitoring program. This is the second time in two years that an organization has lost sensitive data and we were provided with a monitoring program access as a result of the company goof up.

When a company does have a security breach or data missing that it cannot account for, it is absolutely the right decision (and required by law depending on the type of company and data) to notify its customers immediately and it is a good step in providing free credit monitoring service as a means to be proactive. I do however think 1 year is not sufficient since the data stolen may be found and used anytime after the missing date, if you were only monitoring your credit for one year and the data was found and used three years later you wouldn’t notice unless you were doing your own credit monitoring (which I highly recommend everyone should do).

This just means I am now under multiple credit monitoring programs as I sign up to each one when issues like this occur and I like to make sure to keep on top of my credit reports.

-Justin Germino

Updated: December 10, 2009 — 1:50 pm