Audit of Security and Controls Over the National Driver Register, October 29, 2007, Project ID: FI-2008-003 (32 pages, PDF)
“Summary: On October 29, we issued a final report on the audit of the National Driver Register (NDR) system administered by the National Highway Traffic Safety Administration (NHTSA). NDR is a central register that enables state department of motor vehicle officials to exchange information on problem drivers in each state, such as those convicted of driving under the influence of alcohol. This helps prevent problem drivers from obtaining a drivers license to operate a vehicle or being hired for safety-sensitive positions. In 2006, state officials made more than 70 million inquiries for driver license applicants, 9 million of which were found in NDR. Forty-two million problem drivers are recorded in NDR with personally identifiable information, such as driver’s name, Social Security number, date of birth, gender, height, weight, and eye color. We found that drivers’ personally identifiable information was properly secured in the NDR mainframe database. However, when transmitted or stored outside the mainframe computer, it was exposed to potential unauthorized access or unapproved use. For example, this sensitive information was not encrypted when transmitted on the network.”
Sorry, comments are closed for this post.