State
Services Minister Jonathan Coleman does not believe the Government has a
systemic problem of privacy breaches, or that the country is lagging
behind the rest of the world in protecting private data.
Under questioning from Labour's State Services
spokesman Phil Goff in the Government Administration select committee
today, Mr Coleman said "by and large the system is working".
Mr Goff referred to comments made by Privacy
Commissioner Marie Shroff last week following the release of a review by
KPMG of information security at 70 Government agencies.
In a statement, Ms Shroff said the review "reveals
systemic weaknesses in the way privacy and security have been managed
across the government sector".
The review found that security processes within many
agencies were under-developed and relied too much on the skills and
capabilities of staff and suppliers.
It covered 215 publically accessible information
systems across 70 Government agencies including kiosks and sign-in
systems at reception desks. The review found a dozen agencies that had
weaknesses or vulnerabilities, and the vast majority – 73 percent –
didn't have any security standards.
"We've had 120,000 cases
of individual material that should have been kept private relating to
personal aspects that has been released […] How can it be anything other
than systemic to have so many Government departments involved in these
problems?" Mr Goff asked.
Mr Coleman admitted the system "needs improvement", but it was not broken.
"A
systemic problem would be if a system was regularly being hacked into,
was broken down and there was a continuous outflow of information from
Government systems to the public. It's a rapidly changing IT environment
and the Government has to keep up."
Mr Coleman said there was no evidence of privacy breaches in the KPMG review.
The
agencies which had weaknesses in their systems will report to the Chief
Information Officer in July about whether they can manage their own
systems, he said.
Mr Goff said the Privacy
Commissioner believes New Zealand is lagging behind other countries in
protecting private sector information.
However,
Mr Coleman he did not think that was the case, but admitted there was
more work to do to keep up with changes in IT systems.
3 News Wed, 12 Jun 2013 1:02p.m.
No comments:
Post a Comment