Today Senator Michelle Benson (R-Ham Lake) called on the Department of Human Services (DHS) to get their house in order after a third data breach was reported. As Chair of the Senate Health and Human Services Committee, Sen. Benson highlighted a pattern of IT failures including MNSure’s failure to launch in 2013 to costly mistakes because basic checks eligibility and duplication weren’t performed, and phishing email attacks on department employees. The IT issues continue to plague DHS despite having 700 DHS employees designated just for IT services, in addition to support from MNIT.
Benson proposed a number of questions DHS should answer to earn back trust from the Senate, including:
- What steps are taken when they discover a breach?
- Why did outside contractors have to come in to investigate breaches?
- Why did they wait so long for software to prevent phishing emails if the last three major attacks all came from phishing emails?
- What trainings have they implemented to prevent these basic phishing emails?
- How many workers have gone through their data security training?
- Are there ongoing expenses we need to consider to prevent data security failures by DHS?
- How will ongoing security investments affect their services?
“DHS employees have exposed 35,000 individuals personal data to hackers in less than a year. That is unacceptable,” Benson said. “DHS will get their IT money with we see a path to program integrity. Let’s pause, get their house in order, and make sure they are doing the essential blocking and tackling Minnesotans expect before we add one more thing to their already full plate.”