Is there another way to provide the services that TAG does without giving the TAG technician complete access?
Probably not. That’s why there should be clear policies that are communicated to the client. It can start with a clear disclosure form. What steps are taken to safeguard my information? Are technicians and other employees with access vetted? Is there a log anytime someone’s device is accessed, and a means to detect suspicious patterns of activity? What does TAG/ Meshimer/ etc. do with my info;who can see the information? Can the school of other outside organization see client filter levels, requests for access, phone usage etc? Can any outside entity change my filter level without my knowledge?
We don’t know that the individual above accessed any client info whatsoever in his capacity at TAG, but the ease with which he could have has got to be a concern.