Worker Accused of Illegally Downloading Employee Data Shows Need for Unauthorized Browsing Policy

Due Diligence 360

Written By ESR News Blog Editor Thomas Ahearn

A Chicago Public Schools (CPS) worker was fired from her job and charged with computer tampering and four felony counts of identity theft for illegally downloading personal data of CPS employees without permission, The Chicago Tribune reports. This incident shows the need for an “Unauthorized Browsing” policy.

The Tribune reports that Kristi Sims, 28, “did work that involved conducting background checks on CPS employees and had access to personal information about tens of thousands of CPS employees, contractors, and vendors.” CPS officials believe she may have deleted portions of the files but some data was recovered.

“The stolen information may have included employees’ names, addresses, dates of birth, criminal background information, and even findings from the state Department of Children and Family Services,” The Tribune reports, adding that Social Security numbers (SSNs) were not contained in the affected files.

In June of 2018, ESR News reported that CPS had announced that all adults who regularly worked in its schools – including CPS employees, coaches, volunteers, and vendors – would undergo background checks for re-screening before school started for the 2018-2019 academic year.

In September of 2018, ESR News also reported that CPS announced the results of the background checks performed on each of its 43,332 active school-based and central office employees and the results were that 97.9 percent cleared their rescreening and returned to work on for 2018-2019 school year.

The strengthening background checks at CPS coincided with an investigation by the Tribune using police data, records, and interviews with teens that revealed “ineffective background checks exposed students to educators with criminal convictions and arrests for sex crimes against children.”

The Tribune reported that “investigators found credible evidence of misconduct” in 230 of 430 reports that school employees had sexually abused, assaulted, or harassed students. Chicago police investigated 523 reports of children being sexually assaulted or abused from 2008 to 2017, about one report a week.

The CPS case shows employers the need for an “Unauthorized Browsing” policy where employees are prohibited from searching files and databases unless they have a “bona fide business necessity” and are also instructed on both appropriate and inappropriate access to and use of consumer information.

The CPS case is not isolated. In July 2014, ESR News reported that a former Sparta Township, New Jersey Mayor was found guilty of misleading underlings to help him use a government computer to run illegal background checks on several minor league baseball players and a home health aide for his mother.

In June of 2010, ESR News also reported that a former school official in Massachusetts agreed to pay a fine for using school computers to run unauthorized background checks on celebrities, pro athletes, and politicians, again underscoring the need for employers to have an “Unauthorized Browsing” policy.

The National Association of Professional Background Screeners (NAPBS) – a non-profit trade association representing background screening firms – offers a Background Screening Agency Accreditation Program (BSAAP) for Consumer Reporting Agencies (CRAs) performing background screening in the United States.

One BSAAP clause is “Unauthorized Browsing” which requires that a “CRA must have and follow a policy that prohibits CRA workers from searching files and databases unless they have a bona fide business necessity.” CRAs must instruct workers on inappropriate access to and use of consumer information.

ESR is Accredited by NAPBS and Has Unauthorized Browsing Policy

Employment Screening Resources® (ESR) is a founding member of the National Association of Professional Background Screeners (NAPBS) and is accredited through the Background Screening Agency Accreditation Program (BSAAP). To learn more, visit www.esrcheck.com/Why-ESR/NAPBS-Accreditation/.

Information and resources at ESR can only be used for business purposes. Unauthorized browsing of any ESR system, vendor system, or consumer report is contrary to ESR’s mission and commitment to privacy and is prohibited. This policy applies to employees, contractors, and all other workers at ESR.

ESR Founder and Chief Executive Officer (CEO) Attorney Lester Rosen was the chairperson of the steering committee that founded the NAPBS, a professional trade organization for the screening industry, in 2003. He was also elected to the first board of directors and served as the co-chair in 2004.

ESR Vice President of Strategic Growth Dawn Standerwick was recognized in 2018 as the longest serving board member in NAPBS history with nine years of service, four as a Regular Director and five serving on the Executive Committee as Secretary, Treasurer, Chair Elect, Chair, and Immediate Past Chair.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2018 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.