Or should, as the poster says, processes by changed to ensure security? This comes from the Little League Facebook page. The poster raises his concerns about providing his social security number required for Little League’s mandatory background checks. His points seem valid, but the background screenings are necessary as well. Is there a middle ground?
I wanted to volunteer to be a manager for my son’s team, but I was not willing to give my SSN over due to insecure practices on the part of the local league and the little league organization.
You guys really need to join the 21st century and take steps to provide better security for the privacy and protection of the prospective volunteer’s information. Under no circumstances should volunteers be handing over any of their sensitive information to untrained personnel working for the local leagues. They do not have the training or the resources to protect this information. The only people that volunteers should be handling this information are the people who do the background checks. Any required information should be entered by the volunteer DIRECTLY to the organization performing the background check. Reports sent back to the league should remove the sensitive information from the background check report.
By handing the information (typically on paper) over to local league personnel, you give an unnecessary number of third parties access to the information. You also risk improper disposal and/or unwanted + insecure storage of the material. By enabling the local league to have access to the reports with this sensitive information, you risk potential dissemination of the volunteer’s information. This is something that needs to be fixed immediately, and would only require a small effort on behalf of Little League and a company like first advantage.
Make no mistake, identity theft is very likely occurring due to these practices. Over 10% of US adult citizens are victims to identity theft *every year*. Some of those are going to be little league volunteers due to your practices. It is a pervasive and serious problem that your organization needs to take more seriously.
Believe me, I would really like to be a manager/coach… but as an information security professional, and someone who is increasingly conscientious of protecting themselves from identity theft, I simply will not submit to your verification process. For me, its especially sad because our local league starts in a week, and many teams still lack the necessary coaches…