ChoicePoint Inc.'s chief screener said Monday no employees were involved in a breach last fall of the company's massive database of personal information, and she stressed that while procedures need to be improved she doesn't believe any individuals made mistakes.
Carol A. DiBattiste, the former deputy administrator of the Transportation Security Administration who took over as ChoicePoint's head credentialing, compliance and privacy officer in May, told The Associated Press that while she hasn't been involved in the company's investigation of the breach, other executives have told her no employee contributed to what happened.
"What I can tell you, it did not involve a ChoicePoint employee," DiBattiste said in her first interview since assuming her new job.
Asked if she thinks she should be involved in the investigation, DiBattiste said, "No, I don't." She noted that her role at ChoicePoint is independent — she reports only to the board of directors — but she is focused on the future, not the past.
"I think my role is going forward and looking at these systemic issues," she said from her office in McLean, Va.
One of DiBattiste's key tasks has been in the area of screening. She said the company has already turned away more than 200 potential customers since April 1 after it said it would rescreen some business customers and improve its procedures for ferreting out fraud. She declined to say why those people were turned away because the company doesn't want thieves to know its checklist.
"ChoicePoint has gone well beyond their announcement," DiBattiste said. "I think that is hopefully turning around the public and investors."
Besides better screening of customers, DiBattiste said she plans to improve the company's procedures for screening prospective employees, though she stressed that is not because she believes anyone did anything wrong regarding the breach. No employees have been fired over the breach, company spokesman Dan McGinn said.
"Public perception. We care very much about that, and I think the things we are doing are making a difference," DiBattiste said.
Asked if any mistakes were made by ChoicePoint, DiBattiste noted that the Alpharetta, Ga.-based company has apologized several times for the breach in which thieves posing as small business customers gained access to its database, possibly compromising the personal information of 145,000 Americans. The breach was found in late September, but not disclosed publicly until mid-February.
Authorities say at least 750 people were defrauded in the scam. The breach has fueled consumer advocates' calls for federal oversight of the loosely regulated data-brokering business, and Capitol Hill hearings were to be scheduled on the issue. The Securities and Exchange Commission and Federal Trade Commission have launched investigations of ChoicePoint.
"I would not say mistakes were made," DiBattiste said. "Mistakes to me is a culpability kind of term. I have seen very sound practices that I'm looking on improving."
ChoicePoint has declined to say how much DiBattiste is being paid for her service.
In addition, DiBattiste said her office is working on a new consumer notification policy that will apply not only to states that require notification when there is breach, but also to other states. She did not give a timeframe for implementing the policy or provide program specifics.
ChoicePoint collects data on individuals, including Social Security numbers, real estate holdings and current and former addresses. It has about 19 billion records, and its customers include insurance companies, financial institutions and federal, state and local agencies.
ChoicePoint shares closed at $40, unchanged from afternoon trading Monday on the New York Stock Exchange. The stock has dropped about 12 percent since the breach was announced.
ChoicePoint's profit rose in the first quarter. Also, last month the Internal Revenue Service said it awarded a $20 million contract to ChoicePoint. The arrangement allows IRS auditors and criminal investigators to use ChoicePoint's databases to locate assets owned by delinquent taxpayers. It's part of an IRS effort to close a more than $300 billion gap between taxes owed and taxes paid.