SLO County again sends errant email

September 16, 2015
Lee Collins

Lee Collins

Less than two months after San Luis Obispo County officials seemingly fixed the problem, another county email errantly went out to a group of subscribers who monitor developments and organize cleanups at local beaches.

In July, a county social services worker forwarded an email to a county list called Beach Monitoring. The email contained an Arroyo Grande woman’s medical records, as well as her birth date, address and social security number.

Kevin Rice, a local activist who subscribes to the Beach Monitoring list, said multiple county departments had regularly inadvertently sent confidential information in emails to everyone on the Beach Monitoring list. After Rice raised the issue with the local media, Social Services Director Lee Collins threatened Rice with prosecution for disclosing private information and forwarded the case to the district attorney’s office.

Collins also sent an email to the Beach Monitoring list stating the problem of mistakenly forwarding emails had been investigated and resolved.

But last week, a county health administrative assistant included the Beach Monitoring list in an email sent to a state Department of Health Care Services employee. The email did not contain confidential information.

When asked why the county was continuing to mistakenly send emails to the Beach Monitoring list, Collins said he is not the director of the county health department and does not speak on their behalf.

County Health Agency Director Jeff Hamm responded to a CalCoastNews email inquiry by saying the health department thought the problem was resolved, but it turned out not to be the case. County health has since been working with the IT department to solve the problem, Hamm wrote.

“We believe we have now made changes to ensure that the list will only come into play as it was designed to be used,” Hamm said. “Following your inquiry this morning, our IT folks are checking to determine that the fix has in fact been put in place, as I expect it has.”

Hamm said the Beach Monitoring list was designed to be used only by a small number of environmental health division employees. But, all 23 county departments use the same network email system, Hamm wrote.


Loading...
35 Comments
Inline Feedbacks
View all comments

I have heard Lee Collins speak several times to small groups and he gives the impression of a genial bumbler. Apparently the impression reflects reality.


So….genial bumbler or ruthless thug? He’s been everything here. lol


He could be both…genial bumbler until he gets caught and then ruthless thug when he has to coverup his blunders.


One could be a stink-stirrer looking for any potential problem to exploit, or one could be a good citizen and try to work to fix problems.


This one has buttered his bread, and now has to lie in it.


just be a good citizen – go along with what we tell you. we never deceive or lie or cheat or steal or mislead.


says any government employee.


Yes, don’t look at or question us Kings, just pay us homage and be obedient and give lots of taxes and we will take care of you. It is all for your own good.


I dare you to spit in the face of the next ‘government employee’ you encounter. They’re probably in a union, too …so that’s kind of a bonus for you.


Who cares that it will most likely be a cop ?


QUOTING Slowerfaster: “This one has buttered his bread, and now has to lie in it.”


—————————–


Would he is toast?


Ooops… “Would he be toast?”


that darn drop down auto fill address feature…..


how do you train someone who doesnt give a shite to care – “just pay me my salary, I showed up today, what else do you want”? says most government workers.


Sounds like those in charge need to do their job (deal with I.T.) and if not then they need to be replaced.


BackSeat_Driver…once a SS# is out there, no diclaimer on the bottom of an email can retract it.


So true, Temp. Backseat_driver said, “This is a common problem in all email systems and occurs in both the private sector and in government. The most common reason is human error which is impossible to correct 100%.” Agreed. That is why it is essential for public agencies and their employees to take special precautions to guard personal data. In this case, it appears they failed to do so.


What was described as “Social Services bashing” is simply the reporting of, and commenting on, yet another incident in which personal data was not properly secured and protected. Then, when the mistake was discovered, instead of accepting responsibility for the mistake, the Social Services Director decided to shoot the messenger.


The energy spent trying to shift attention and blame to the person who reported the problem would be far better spent figuring out better ways to protect sensitive data. I worked for many years in computer security, and find it hard to believe that it is impossible for the County to find a way to prevent incidents like the ones reported by CCN.


Pretty sure that the article says it wasn’t Social Services that caused “yet another incident” here. It was the Health Agency. I don’t know why so much of this article and the photograph is focused on Social Services, except for the fact that Collins jumped on Kevin Rice the first time for sending sensitive information to the media. And that does sound like an impetuous, dumb thing to have done.


I get it. Your precious government negligently sends personal info to the world for the Nth time (after kindly being notified about it time after time) and it’s untoward and imperious to bring it to the public’s attention.


…impetuous…


Hate to rain on all of your Social Services bashing but as IT Admin who has runs enterprise level exchange and active directory, This is a common problem in all email systems and occurs in both the private sector and in government. The most common reason is human error which is impossible to correct 100%.

Also if Kevin Rice took the time to read the whole email it contained language basically stating if you received this email in error please delete, instead he chose to publish to the media, which is actually a crime. But who cares about the details when you have a bone to pick


Quit butting in with your “logic” and “reason”. Hey, do you have my stethoscope?


Yeah! After all, it says, “please delete this even if it’s the tenth time we’ve incompetently sent you inside information after you’ve notified us the last nine times.” A little “logic” and “reason”, please!


Yes, logic and reason. You may prefer tar and feathers, but believe me when I says it is much more difficult taking that stuff off than putting it on.


Logic and reason.


The IT department may simply have to require that emails with more than 5 recipients be forwarded to the supervisor to make sure the recipient list is accurate before sending it out to cyberspace.


The “culprit” in the incident was an Administrative assistant. She/he has a boss. Disable mass email function for management only. Big clicks for those making big bucks.


Logic and reason. If I had the SLO Symphony back up kazoo band, I would make this a hit for the Calcoastnews soundtrack!


What good is a disclaimer when your private information has been served up on a platter?


He could have done the right thing and contacted the sender to notify them of their error but what fun would that be.


Ahem. Read the first article again. I’ve notified the various senders numerous times over the past few years. Doing so never got any interest in corrective action. “Errors” become negligence upon repetition.


Wow, do you completely miss the entire purpose of these reported errors! Not sure if you still run or “has runs” IT in the past, but I question your proficiency. I’ve been in technology for over 30 years and I would be a complete and utter moron if I depended on a signature / clause at the end of an e-mail.


Any IT manager or “admin” worth ½ a shit would know: the damage was done. The sig is for lawyers to feel better about it.


The likely problem is that someone set up an e-mail list and cannot figure out who on there is the beach cleanup list. Pretty sad when one thinks that someone’s personal and medical information is being sent to a distribution list. So glad that they are taking great pains to protect personal, deeply confidential information.


Say… what would happen to a private sector company if this happened… repeatedly?


Bone to pick, indeed.


Love your I.T. argument. NOT! Yes I.T. may have done but who hires? If you sub-contract it out who hires/contracts? What is it about ACCEPTING personnel RESPONSIBILITY!? If I were to hire a employee and they keep making a mistake, we discuss and if it continues I fire. If I were to contract out same and if it continues TERMINATE!! It’s pretty simple. If problem, THEY NOT I.T. should have fixed through personnel issues. Pretty simple.


It is not a problem in my email system, and if it was people would be replaced!


how dumb are you? i dont trust my it guy as far as i can throw him.


Your argue is ridiculous. Does in error occur in private business, of course. If this occurred in private business and was not immediately resolved, someone would not be showing up for work the next week. Never, would this type of error occur, notification immediately received to the proper department (especially with sensitive, classified, personnel information) and this not corrected. How many people on this site have received MULTI incorrectly addressed emails from the same company, organization. Obviously, my bet is you work for County IT and are part of this problem. Don’t worry, though, your job is secure, you are a government worker!


They should have taken the time to run a test after the last incident to verify the problem had been resolved. Inexcusable, sloppy work.

Wonder if the responsible party will be written up, or get a raise?


Why worry about running a test, it’s not as if anyone would ever get fired for not doing their job or screwing something up.


So it appears there is a noticeable difference between Jeff Hamm, who acknowledges the error, whether it be human or technical, and corrective steps to be taken, whereas Lee Collins chooses to threaten and puff up and attempt to intimidate people into submission.


Social Services must be a nice place to work.


Very good statement JB, the Department who is suppose to assist, protect and provide people in this County in need of help gets the beligerant old man puffing his stuff. This man should be ashame of himself and take a little correction therapy in public speaking and problem solving in a more professional manner. I have heard for years about his mean spirited demeanor if you don’t agree or cross his pass. Sure seems like there is a lot of that in SLO at both the County and City level. Must be that water their drinking and want to sell!


Not the only county department who has a problem, County Counsel, Mental Health and Jim Erb’s office who is suppose to be the “Guardian” of our money.


I have seen several emails and listened to numerous phone conversations left on voice mails that are nothing short of how the county has defrauded the people. The county departm

ent of both social services , mental health and the deceit in county counsel’s office.


“Trust us, we are from the Government and we are here to help”, Yikes


So said Ronald the Reagan. Then, in ultimate irony, he ran for and became president.


Americans are stupid, but to Republicans, it’s a badge of honor.