remove SSN as a stock patron ident type
Bug #1566016 reported by
Galen Charlton
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Evergreen |
Fix Released
|
Medium
|
Unassigned | ||
2.10 |
Fix Released
|
Undecided
|
Unassigned | ||
2.9 |
Fix Released
|
Medium
|
Unassigned |
Bug Description
It is not recommended that U.S. libraries collect and store Social Security numbers (SSNs), as an attacker who successfully compromises a library's patron database that contains SSNs would have access to enough data to perform identity theft. Consequently, the seed data should be updated to remove the SSN as a stock patron ident type.
Evergreen master
Changed in evergreen: | |
milestone: | 2.10.2 → 2.10.3 |
Changed in evergreen: | |
milestone: | 2.10.3 → 2.10.4 |
Changed in evergreen: | |
milestone: | 2.10.4 → 2.10.5 |
Changed in evergreen: | |
assignee: | nobody → Terran McCanna (tmccanna) |
tags: | added: signedoff |
Changed in evergreen: | |
milestone: | 2.next → 2.11-alpha |
Changed in evergreen: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
At this point in time, it is arguably a bug (or at least a misfeature) that Evergreen tacitly supports storing patron SSNs, so I've set the bug targets accordingly.