Butkovitz Finds Highly Confidential Records at Risk

Audit Date: October 9, 2013
Controller: Alan Butkovitz

Executive Summary

For Immediate Release:
October 9, 2013

Contact: Harvey Rice

Butkovitz Finds Highly Confidential Records at Risk
City Controller reviews Department of Human Services’
family & child tracking software

Department of Human Services Family & Child Tracking Systems

PHILADELPHIA – City Controller Alan Butkovitz today released a review of the Department of Human Services’ (DHS) Family and Child Tracking Systems that uncovered a lack of security over confidential records, which allowed for consultants and former employees to gain unauthorized access.

The DHS’ tracking software contains information on troubled children and youth that is prepared by social workers, health care professionals and the courts. The list of users that had access to the system included employees separated from the city, one employee separated as far back as 1997.

“Unauthorized access increases the risk that confidential data could be compromised and abused,” said Butkovitz.

In addition, DHS management did not perform security background checks for employees of its software contractors who were involved in the development, operation and maintenance of the tracking system. These contractors had the ability to add, delete and modify confidential data.

“Providing contractors with open access to highly confidential records on children and their families may result in misuse by irresponsible individuals,” said Butkovitz.

According to Butkovitz, “Background investigations should be addressed as part of the contracting process and should be completed by DHS prior to the start of the work to ensure that only appropriate people have access.

Other findings included the following:
• DHS had not appointed a security officer and did not have a security policy, which allowed for systematic threats for unauthorized software modifications to occur and the risk of lost or compromised data.
• Management had not developed a comprehensive contingency plan for restoring critical applications and data, which runs the risk of losing critical data for at risk children.
• Computer equipment assigned to DHS staff lacked the necessary capacity to store efficient data entry and retrieval.
• Maintenance contracts were not adequately monitored, which resulted in equipment not being serviced due to an expired maintenance agreement.