In 2011, The Baltimore Sun reported on an audit that found that Maryland's Department of Health and Mental Hygiene was not properly securing vital records such as birth and death certificates, leaving it vulnerable to criminals.
The audit revealed several practices that raised concerns including:
- Officials did not verify live birth information with hospitals to ensure accuracy
- There was no system in place to prevent the printing of fake birth certificates
- Blank certificates were not accounted for
- The number of certificates issued were never reconciled with the amount of fees collected
While this is just one department in one state, the audit's results reveal a vulnerability that should have been addressed years ago. According to TROY Group's whitepaper, Laser Printing of Vital Records: Meeting the Mandate for Improved Security, Congress enacted the Intelligence Reform Act of 2004 which required minimum security features and controls to officially recognized identity documents, including the birth certificate. Among other requirements, this act requires the use of safety paper, proof and verification of identity as a condition of issuance, and fraud prevention standards. IN addition, the REAL ID Act of 2005, which primarily affects driver licenses, requires states to verify source documents such as birth certificates as part of the driver license issuance process.
Imagine a stack of blank certificates in a supply room and a lack of accountability. What's to stop an employee from printing fake birth or death certificates? Fortunately, there's a lot that can be done to prevent just this including restricting access to blank certificates and securing the printing process.
According to TROY, the printing process has numerous risks starting with unauthorized access to the application software or database. In addition, as a file moves across the network, it could be vulnerable to file re-routing and network sniffing. The printer is also a weak spot. Not only could unauthorized printing take place, blank security paper could be stolen from the printer tray. Criminals could then create their own fake certificates at an offsite location where they'd be less likely to be caught. Printers with "paper jam recovery" features can be tricked into printing duplicate copies of certificates. Finally, certificates themselves are vulnerable. Criminals could alter legitimate documents using similar techniques used to "wash" checks.
Addressing each of these risks across the entire workflow can minimize document risk. For example, software should authenticate the user, verify the vital event, and create an audit trail. The records should be stored in a secure database with permissions set so that only authorized users may send a record to the printer. From there, the laser printer would print the record on security paper. Security paper includes features that prevent counterfeiting, alterations, copying, and scanning. Security features that validate authenticity are also desirable. Ideally, the printer would be equipped with locking paper trays to protect against theft as well as use tamper-evident toner that releases a bright red stain when chemical alteration is attempted.
Whether dealing with vital records or corporate documents, organizations responsible for managing document risk are wise to examine their processes for vulnerabilities and then adopt a more secure printing process that includes security paper.