Naughty pictures, resumes and Social Security numbers were some of the items that turned up on a handful of University at Albany library computers that were about to be re-used or sold last year, according to an audit by state Comptroller Tom DiNapoli’s office.
Also on the computers: vacation photos, student term papers and potentially sensitive personal financial data.
The audit examined computer disposal practices in the first five months of 2012, according to the comptroller’s office. Auditors looked at 36 computers being removed from the library as surplus, and found that seven still contained data despite a certification that they had been digitally scrubbed clean.
The photos, which auditors said could be “considered offensive for the work place,” showed scantily clad women but weren’t pornographic, said DiNapoli spokesman Mark Johnson.
UAlbany spokesman Karl Luntta said the failure to wipe all 36 computers clean was an honest mistake that involved an error in use of software.
“This employee was acting in good faith,” he said, adding that the person has since been retrained on how to properly scrub computer hard drives.
The computers, including a laptop, were headed for the state Office of General Services, which gives them to other state agencies or local governments, or tries to sell them. It’s also possible that some might have been re-used in other UAlbany departments.
State policy calls for computers to be wiped clean for security purposes before they are re-assigned or sent to surplus. Other audits by the comptroller’s office have turned up similar difficulties.
An audit last year, for instance, also found information such as Social Security numbers, medical records and human resource information on computers that came from the Department of Veterans Affairs.
While OGS handles the re-use or surplus sale of computers, the policies on data scrubbing are set by the state Office of Cyber Security.