By Lori Fullbright, The News On 6
TULSA, OK -- Documents containing names, social security numbers and salaries from employees of dozens of companies, including some in Tulsa, were left sitting on a curb in an Edmond, Oklahoma neighborhood.
That was more than two years ago.
A husband and wife saw the storage containers on the curb and decided to pick them up. When they discovered the boxes were full of confidential information, they weren't sure what to do, so they put the documents in secured storage.
They recently re-discovered them and called News On 6 parent company, Griffin Communications, when they noticed some of our employees were in the file.
The couple did not want to appear on camera.
They are forms people filled out to choose an insurance plan, that contain salaries, social security numbers, birth dates, dependents; private information that could be used by criminals.
The couple that found them was at a loss as to what to do.
Woman: "We were emptying them and came across these folders that made us frankly, kinda mad because people's lives are in here." "I have Dean Blevins, a lot of your staff members,social security numbers, dependents, all their information, when they get paid, all that is in here."
Because Griffin Communications is in the files, all employees received an email from our Human Resources department, letting us know our information could have potentially been compromised.
The documents are from 2003 and 2004 and don't seem to contain medical information.
Employees from The Tulsa Fairgrounds were also in the files, which didn't make CEO Mark Andrus very happy.
"There's a reason it's called confidential information and one of the definitions of that, if you go down the list is, do not leave in a file cabinet on a curb," Andrus said.
Griffin Communications gave the files back to American Fidelity who plans to notify all the companies affected.
American Fidelity sent Griffin Communications a statement that said:
We have a responsibility to safeguard our customers' information. Though it appears these documents have been safely secured since they were obtained a few years ago, they should have never left our possession. There is no evidence at this time that the information has been misused, and we believe the likelihood of misuse is low. We have requested the contact information of the person who had possession of this information for the last few years to support our investigation. The source has refused to be identified. We have an obligation to our customers to thoroughly review this matter, including asking the proper authorities for assistance if necessary. Additionally, we are constantly evaluating ways to strengthen and enhance our information security procedures. We are in the process of notifying those customers involved. We regret this happened and apologize. Trust is at the heart of what we do for our customers, and we will do what is right.
Griffin Communications discovered there is no state law that says how medical records must be stored or destroyed, but there are penalties for handling them with negligence.