Yesterday, Republican Rep. Libby Szabo sent a letter to Gov. John Hickenlooper demanding that he assure Coloradans that their data is safe on an incomplete new state government computer system, which launched on July 1.
Szabo also asked for an audit of the new system, dubbed the Colorado Operations and Resource Engine (CORE) project. In a press release, Szabo called Hick’s actions careless:
“Governor Hickenlooper had access to CORE progress reports and was warned by Secretary of State Gessler that CORE was behind schedule and its premature implementation could compromise taxpayers’ personal information – yet he carelessly chose to implement it. Since he decided to go forward with the July 1st rollout that could put confidential data at risk, I am asking Governor Hickenlooper to assure state employees, government vendors and Colorado citizens that their confidential and sensitive information will be secure.”
But, Szabo is not the only one calling for accountability with the new computer system. Fox31 also reviewed system and found it lacking:
“However, internal documents obtained by FOX31 Denver show the system isn’t even close to ready and won’t work as planned.”
Internal records from the Governor’s OIT division show CORE’s status as of May’s report was coded “red.” Red is the worst rating possible, defined as “behind schedule, with no approved recovery plan(s).”
The status report shows CORE was only 65 percent completed.
In May, Secretary of State Scott Gessler also took issue with the new system and sent a letter expressing his concern about its implementation, noting “this current path to failure is a train wreck about to happen.”
Further in the report from Fox31, developers agreed with Gessler:
“We spoke with a number of IT managers, private contractors and government employees familiar with the CORE project. As a group, they agreed with Gessler, saying it would be best to delay the launch.”
Data security is no joke. Last winter, Target’s data systems were breached. While the company has not yet finished tallying the cost, in the fourth quarter the breach cost the company at least $17 million – $61 million in total expenses, which were offset by a $44 million insurance payment. Perhaps more importantly, the breach compromised the credit card data of millions of shoppers. That’s just credit cards – an inconvenience for sure – but what happens if identity thieves are able to snag social security numbers (see: state tax returns)?
Well, Governor, we’re waiting for a response from you. Is our data secure or not? Does our state have a data security insurance policy like Target? Who pays if our data is compromised?