Jun 15 2006

Protecting Your Privacy…and Then Some

Category: Houston,Sci/TechTim @ 1:11 pm

I work for a hospital in the Texas Medical Center. Due to federal and state regulations, we are required to design systems to ensure medical information is protected.

At times, I feel these requirements may be counter-productive; causing users to do things like “remember my password” or to write them down on a sticky note attached to the monitor. However, when you balance the potential harm in letting that information out, I think the added security is a good thing. I also take solace in the realization that we are never going to be as bad as the Harris County Toll Road Authority (HCTRA).

Yesterday, I received an email from HCTRA alerting me to the pending arrival of new EZTags for my cars and asking me to verify my account information so they could be shipped properly. EZTags are the little transponders that we place on our windowshields so someone “upstairs” can monitor where we are driving and charge us the appropriate fees. Being the compliant individual that I am, I followed the link to the HCTRA web site.

Arriving at the site, I quickly discovered that I had no idea what username and/or password I had used when I last accessed this site. Once you get your EZTags, do you really bother to think about them again? When you change cars you should or they will send you a nice reminder letter for the small fee of $18, but that is another story. So, after a couple of failed guesses, I attempted to use the ‘forgot password’ link.

Now, keep in mind this site contains information about my EZTags (mostly information about my cars and some blinded credit card information) and not medical records. To receive my password, I had to provide:

  • My Account Number or License Plate Number
  • The number printed on my actual EZTag
  • My TX Driver’s License Number or Tax ID Number

Once I gathered all the required information, the screen prompted me with a forgot password question, ‘In what city were you born?’ After successfully answering the question, I was told my information was sent to the email on file for my account. I still had to wait for the email before I could get in.

I now have a sticky note with my HCTRA password stuck to my computer…

  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
  • TwitThis
  • E-mail this story to a friend!
  • Fark
  • LinkedIn
  • SphereIt
  • StumbleUpon
  • Technorati
  • YahooMyWeb
  • NewsVine
  • Wikio

More misunderestimation

    Leave a Reply