Inspector General Finds Privacy Breaches In State Child Abuse Register
ALBANY, NY (12/29/2008)(readMedia)-- New York State Inspector General Joseph Fisch uncovered serious deficiencies at the Statewide Central Register of Child Abuse and Maltreatment (Register) and is recommending legislative and departmental changes to improve confidentiality. The Register is overseen by the New York State Office of Children and Family Services (OCFS).
In a 33-page report issued today, Inspector General Fisch revealed several findings related to a breach of the Register's confidentiality. Also known as the "Hotline," the Register receives calls reporting alleged child abuse. Such reports are confidential under state law.
The Inspector General's investigation revolves around a Suffolk County father whose underage daughter was wrongly listed on the Register as allegedly involved in child abuse. When the father attempted to clear his daughter's name, he encountered bureaucratic hurdles and unexplained delays. The father's name was withheld from the Inspector General's report to protect his confidentiality.
The Inspector General found that the father likely violated state law by improperly obtaining a confidential list of Hotline callers directly from Verizon by claiming to be a state employee. He then threatened to release the confidential records and demanded cash payment in exchange for the return of the records from OCFS and the Governor's Office, possibly violating additional state laws against coercion or larceny.
The Inspector General also found:
- Inadequate security for Hotline telephone records.
- Improper retention of "expunged" records in 67 cases, which OCFS deleted after receiving the Inspector General's preliminary findings.
- A security breach by an OCFS employee who informed the father over the phone that she recalled the complaint against him was "partially anonymous" and gave him a possible first name of the caller.
The Inspector General recommended:
- That OCFS take action to ensure all its employees understand and follow the confidentiality rules of the SCR.
- That OCFS work to develop stronger protections with its telephone vendor.
- That administrative and legislative action be taken to strengthen the security of Hotline telephone records.
-30-