FOR IMMEDIATE RELEASE: April 29, 2015
CONTACT: Douglas Jones, City Auditor, (816) 513-3300
City Auditor’s Office makes recommendations to protect personally identifiable information
Today, the City Auditor’s Office released an audit on how the City protects the personally identifiable information it collects and maintains. Personally identifiable information is any information that can be used to identify or be linked to an individual, such as names, social security numbers, date and place of birth, etc. Loss, misuse, or unauthorized disclosure of personally identifiable information could cause harm to individuals and to the City.
The audit concluded that the City is not following recommended practices related to personally identifiable information. The City has not identified and does not have citywide policies and procedures for protecting the personally identifiable information it collects. The City’s training efforts and safeguards for protecting personally identifiable information are fragmented. In addition, the City does not have an incident response plan to handle breaches involving personally identifiable information.
The audit includes recommendations to improve the City’s protection of personally identifiable information through identifying what information the City collects, training staff on how to protect it, and applying safeguards. Management agreed with the recommendations.
To view the report, go to /cityauditor.
Media inquiries should be directed to City Auditor, Doug Jones, by email at firstname.lastname@example.org or by phone at 816-513-3303.