When a Business Doesn’t Protect Your Information

Say someone searched your name online. What do you think they’d find? What if some clicking brought them to things like your medical history, notes from psychiatric sessions or kids’ medical exams, or your Social Security and driver’s license number?

If you don’t like the sound of that, you might be interested to know that the FTC has announced a settlement with GMR Transcription Services, a company that promised “Security Measures to Protect Your Confidentiality,” for failing to protect personal information.

GMR is a digital audio transcription service that allows customers — including health care providers — to upload audio files and get them transcribed. The business runs almost entirely online with a typist downloading a file, typing up a transcript, then uploading the transcript for the customer to pick up or get in an email. According to the FTC, the service GMR used for medical files — Fedtrans — stored and sent files in clear, readable text, and allowed files to be accessed online without any authentication. What’s more, the FTC says, GMR didn’t make typists take basic steps like installing anti-virus software or requiring Fedtrans to use tools like encryption to protect the files. 

Going forward GMR has agreed to put a comprehensive information security program in place.

Blog Topics: 
Privacy & Identity

Comments

ty

I tried to use your registry a year ago. It was a BIG JOKE. All the numbers I put in kept coming through, the same numbers. You never answered me. You can use your registry for toilet paper for all the good it did.

What Penalties does GMR have to pay? Promises are rather empty!

We need protection from the "hackers" and "identity theft". We need some type of security when we fill out applications or apply for car loans and credit cards from any major store cards. Our personal information is too open for the others to see. It seems we must go back to cash and money orders. The information is so open until anyone can view our personal information. There should be some type of law to protect our personal information. The banks, stores, online bill paying, & other purchasing agent need to protect us as consumers at all cost. I am not satisfied or safe when I used my debit card or credit card. I am going back to cash spending. We are afraid of the price we have to pay for being "Hacked" & "Identity Theft". We do need help in protecting our personal information. I totally agree with being protected.

This is very scary stuff...that a company can be so careless, cavalier, and out to lunch, in failing to safeguard valued customer information. It is scary how easily irresponsible treatment of personal data can open the door to misery, countless individual personal losses (of money, reputation, and security), due simply to poor oversight or someone who ought to be watching for thieves - instead of taking a vigilant stance - are more comfortable with a blasé approach. God save us from small-mindedness!

thank you

what can be done when 2 banks gives out your banking records with a copy of your statements with out a court order

I just had an insurance company (Met Life, if they can publicize my SSN, I can publicize who has been cavalier with my SSN)who provided a method for me to contact them by email, (just like this website), but when the e-mail came through it had my social security number in the reference line! There is no security on the e-mail, lots of ways that e-mail could cause my SSN to be sold. What can be done to stop this practice? I find a lot of insurance companies ID the policy holder and the agent (I'm a licensed agent) by using social security numbers of both the policy holder and the agent. I received a fax report one time with my SSN entered no less than 15 times. Can anything be done to stop Insurance companies from being so careless? Thanks

We had a government agency (child protection services) give our information (ssn, address, phone, DL#) to the crackhead parents of the baby in our care! NO ONE seems to care who has our information and we don't know where to turn for protection! Crazy, lackadaisical behavior without a care or concern...

Leave a Comment

Comment Policy

Read Our Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.