The contract between Convergys and the state of Florida provided that all work was to be done in Florida, however, a subcontractor to GDX shipped some of the work to a subcontractor of its own in India. Based on the evidence today, the personnel records of employees, who worked for the state anytime between January 1, 2003 and June 30, 2004, may have been indexed overseas and therefore may be affected. Based on current evidence, the personnel records of employees who retired prior to January 1, 2003 and "benefit only users" of People First!including legislative, university and court employeesare not affected. DMS will notify employees who are potentially affected by the end of next week.If Koenigkramer said there was no data breachand nothing indicates that directly in the e-mail were dissecting herewhy bring up whos affected? Affected by what? Oh yeah, affected by offshore outsourcing. I suppose offshoring is worse than some worker leaving his laptop full of personal data in the back of an unlocked rental car. If you are a potentially affected employee and have concerns that this activity, which occurred almost two years ago, may impact you, a toll-free hotline (1-866-663-4735 press prompt 5) and an email address (PeopleFirst@dms.state.fl.us) have been set-up to answer your questions and to provide you information about the credit protection program. A call to that number yields a friendly rep that reads the letter to employees. To read more about offshoring from columnist Jeff Angus, click here. Shes stumped when asked: Is the letter informing me that my files went offshore or that my data has been compromised? Silence. "It looks like its saying it went offshore," she said. The next question: So is that inherently mean offshore is insecure? "It doesnt look like any information has been used," she said. It is common today for businesses and even government to use offshore companies to provide customer services and to process medical, credit and financial records. However, the use of offshore services in this case was inappropriate and unacceptable. Convergys has cancelled their subcontract with GDXdata, and DMS is requiring Convergys to immediately ensure all other subcontractors are pre-screened, pre-approved by DMS and are legally obligated to meet all People First! security requirements. Here comes the CYA. The Florida is taking action and has to look like it is doing something about this outrageous offshore outsourcing. In the meantime, the state reassures you that there are no data security issues thus far. Confused yet? Again, even though there is no evidence that state employee personnel information has been compromised as a result of this overseas work, please take every possible precaution to protect yourself, your family and co-workers from identity theft. It is a good idea to check your credit report regularly. You may request a free credit report once every 12 months. Visit www.annualcreditreport.com or call toll-free 1-877-322-8228. And be sure to report any suspicions of potential identify theft to the proper authorities. For information on preventing identity theft and steps to take should you become a victim, visit the Florida Identity Theft Resource Center. Safeguarding your personal information is our highest priority. State agencies and the Department of Management Services will continue to work together to ensure that all state employee personal information remains secure and protected. Boy, thats a relief. Now if they can only find a better way to communicate that priority without confusing us. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
For employees who are potentially affected, DMSin cooperation with Convergys/People First!is providing assistance including a one-year credit protection program with credit alerts and identity theft coverage.