From the Staff Committee 2017-2018

(202) 370-4645

September 8th, 2017

SN-6/17-18

Original: English

 

 

IMPROPER ACCESS TO PERSONAL INFORMATION

 

The OAS Staff Committee wishes to bring staff up to date regarding the issue of improper access to confidential and private information of OAS personnel.  The members of the Committee have met with the Inspector General, the Ombudsperson and the Chief of Staff about this particular issue and, as noted in Staff News #5, the issue was discussed in the meeting with the Secretary General on August 28.

 

The original communication sent by the Department of Human Resources (Personnel Circular No. 27/17) on June 30, 2017, indicated that the perpetrator accessed information pertaining to approximately 100 persons and that the Administration took immediate and decisive action. The members of the Committee have received confirmation that a total of 96 current staff members and consultants of the OAS General Secretariat have been notified and that, notwithstanding unexpected developments, no other letters would be sent.

 

The Committee appreciates the seriousness with which the Office of the Secretary General has addressed this issue. Nevertheless, wishes to express the following concerns, each of which is followed by a recommendation: 

 

1.       Many of those affected, still do not have an adequate explanation of the type of information that was accessed and sometimes the explanations are contradictory. It appears that in addition to the staff member, information on spouses or other family members may have been accessed. The Committee would like to suggest that depending on the type of information improperly accessed, the OAS should consider remedial action such as credit monitoring or credit protection for one year or more, as has been standard practice in other businesses or governments in which personal information has been compromised.

 

2.       The Staff Committee is particularly concerned about the perceived or real conflict of interest in the follow up to this breach and is unaware that a full investigation has taken place regarding this matter. The Committee believes that such an investigation should take place and given the amount of time that has elapsed, it might be worthwhile to consider an outside party to conduct such an investigation.

 

3.       The Committee also believes that this particular problem is emblematic of a lack of information security protocols and procedures in other parts of the OAS General Secretariat that handle confidential information, potentially even more sensitive than that which was breached.  During our meeting, the Secretary General informed the Committee that he has requested a thorough review of the procedures and would make a concerted effort to implement modern procedures and safeguards in each of these areas as soon as possible. The Staff Association would welcome a role in developing, implementing and disseminating these safeguards.

 

4.       Lastly, to address these and perhaps other concerns, the Staff Committee will convene an Informative Session to discuss these issues within the next 15 days.  The Staff Committee will also extend an invitation to the appropriate authorities so that they can respond to any further questions the staff may have regarding the improper access of confidential information.

:: Staff Association Website::