Lawyers know better than to dip into their clients' trust accounts.
Pilots know not to drink before flying.
Priests don't blab about confessions they hear, no matter how juicy.
Why, then, are we starting the new year with yet another horrifying story of a government bureaucrat losing Canadians' sensitive personal information? It's high time careless handling of taxpayers' data, including social insurance numbers and medical records, is made a firing offence -- just like the cardinal no-nos in other occupations.
While many Canadians are still getting late holiday cards, 5,000 are opening apology and warning letters from Human Resources and Skills Development Canada.
Because a thumb-sized computer storage stick containing their personal information -- SIN numbers, birth dates, medical and disability-payment information -- was inexplicably lost by an HRSDC employee in a security gaffe QMI Agency first exposed last week.
It's bad enough the federal department never publicly said boo about the privacy breach, or that it took it more than a month -- until days before Christmas -- to report the lapse to Canada's privacy czar and get letters out to affected Canadians, coast to coast.
But far more egregious is what the bungling bureaucrat did in the first place, moving information on thousands of Canadians from protected computer files to a USB key with no encryption to safeguard that data from would-be identity thieves or anyone else who might happen across it.
SIN numbers, birth dates and medical records aren't like the information found in a phone book: It's gateway data, detail that -- in the wrong hands -- can easily be used to hijack identities and destroy privacy.
Unfortunately, we've seen this kind of cavalier government handling of sensitive information once too often. Just last summer, the agency that oversees Ontario's elections publicly admitted the loss -- again, belatedly -- of two thumb drives containing data on up to 2.4 million voters.
Not only were the two storage devices not locked up, they weren't password-protected or encrypted -- basic security precautions -- either.
The first thing government bureaucrats who find themselves copying sensitive personal data onto unsecured devices should do, is stop. If not, they should pay with their jobs.