Inmates’ access to personnel info has been cut off
A settlement has been reached in a lawsuit against the state for exposing employee personnel information to Pelican Bay State Prison inmates.
The settlement last week came after five years of litigation stemming from two incidents in 2006 when the prison allowed inmates to help dispose of files, some of which held personnel records of employees, and kept them in an unsecured area inmates could access.
Information from at least 64 employees — ranging from wardens to correctional officers and including social security numbers, driver license numbers and home addresses — were found in the possession of inmates.
The settlement awarded a total of $175,000 to 23 plaintiffs to pay for credit-monitoring services and court costs.
A spokesperson for the state Attorney General’s Office, which represented the California Department of Corrections and Rehabilitation, declined to comment about the state’s costs as the defendant in the case.
“Since the lawsuit was filed they basically fought it tooth and nail every possible way; even going as far as the appellate court and that was rejected,” said George Mavris, an attorney for the plaintiffs. “Following the eve of trial, we ended up settling the case.”
The suit was filed on the grounds that CDCR violated the Information Practices Act, was negligent and inflicted emotional distress. It was not filed as a way to gain monetary benefit, but to change Pelican Bay’s policy for handling personnel information, Mavris said.
“They changed their policies,” said Mavris. “I think as a result of this lawsuit, Pelican Bay has taken a lot of steps to be in compliance with the Information Practices Act.”
Inmates are no longer allowed to assist staff with records to be archived or destroyed, and a supervisor must be present at all times while employees are destroying documents as a result of the lawsuit, a spokesperson for the CDCR said.
“They’ve really tightened up their ship,” said Mavris. “I think for the time being they’re really a lot more vigilant.”
In February 2006, 13 employees were notified their personal information had been found in a work area of an inmate clerk after inmates had been used to check folders to ensure they were empty.
The notification came after a prison informant told Pelican Bay staff that another inmate had approached him about selling social security numbers, Mavris said.
An investigation was then conducted that included allowing the inmate to return to his workspace to see what he was going to do with the information, Mavris said.
Eight more employees were notified by the prison in March 2006 that their personal information was stored in an unsecured area in the B-gym of Pelican Bay.
CDCR attorneys’ main stance was that there was no evidence to show actual harm resulting from a “brief exposure or potential exposure” of personnel information and the CDCR could not be held accountable for the inmates’ actions, court documents indicate.
There were no reports of credit fraud, court documents stated.
“They were just trying to avoid responsibility,” said Mavris, adding that a lot of taxpayer money was spent as a result.
“I know our costs were in the tens of thousands,” said Mavris. “I can’t imagine ... what theirs was.”