Securus Technologies, a Dallas based prison phone company, was recently exposed for a data breach that includes 70 million records of phone calls, placed by the prisoners to at least 37 states, according to The Intercept. Legalities and privacy issues are a concern for consumers when any data breaches occur; however, this breach breaks confidentiality in the most extreme form, because of attorney and prisoner privileges.
Companies have to assure that they are safeguarding their customer and employee data through proper security procedures. This is even more important for companies like Securus Technologies that has the responsibility of protecting a person’s constitutional rights. According to The Intercept, the breach includes “at least 14,000 recorded conversations between inmates and attorneys, a strong indication that at least some of the recordings are likely confidential and privileged legal communications — calls that never should have been recorded in the first place.”
The Securus Technologies breach conveys a deeper issue beyond the information that the fraudsters captured and released. Regardless of the intent of recording conversations, it gives insight into the current surveillance of attorneys, prisoners and their family members. Although, the person on the phone may receive a disclaimer that it may be recorded or monitored, it would be difficult to believe that this would be done and saved, with the opportunity for someone to access it. Recordings saved over a long time can negatively impact attorneys and prisoners in a variety of ways.
Securus is an example for companies of all sizes and types that it is essential to safeguard data, evolve their security practices and keep employees informed and educated on those practices. The security and safeguarding practices depend on the needs of the company. It is easier for companies to be proactive instead of reactive whether they need to implement identity verification, remain compliant or something unique to their industry.