http://australianit.news.com.au/articles/0,7204,16769033%5E15319%5E%5Enbv%5E15306,00.html Heather Quinlan SEPTEMBER 30, 2005 WEST Australian government agencies have better control of their postage stamps than they do of confidential personal information stored in their computers, a report by the state's corruption watchdog shows. A Corruption and Crime Commission (CCC) study revealed personal data held on WA government computers was vulnerable to misuse and must be better protected through staff security screening, monitored access and beefed-up criminal laws. The Protecting Personal Data in the Public Sector report, tabled in parliament yesterday, found checks on inappropriate access and leakage of computer-held information were inadequate. CCC spokesman Glenn Ross said examples of data misuse ranged from looking up a friend's address on a work computer, to the murder of former police officer Don Hancock, which was made possible by information provided to an outlaw motorcycle gang by a public servant. Former transport department worker Karen Moore was charged and convicted after providing the name and address to match a car registration number supplied by a bikie associate. The following month, the same car - which belonged to Mr Hancock's friend Lou Lewis - was blown up, killing both men. A Gypsy Joker bike gang member was later convicted of the bombing murders. The CCC study examined the handling of personal data in six state and local government agencies, conducted surveys of 540 public sector staff and considered 17 submissions - 11 from members of the public. The state government, which is in the process of drafting new privacy legislation, said yesterday it would accept many of the CCC's recommendations. WA Treasurer Eric Ripper, commenting on behalf of Premier and Public Sector Management Minister Geoff Gallop, said the government must improve its practices. "Every citizen has the right to expect that confidential information that the government holds will not be used for unauthorised purposes," Mr Ripper told reporters. "Human nature being what is is, it is hard to offer guarantees but we need to do better in this area (of information security). "Many public sector managers feel there are deficiencies in our disciplinary framework and ... if they don't feel they've got the power to take action, then that is something government has to attend to." The report found state and local government agencies had better systems to control use of petty cash and postage stamps than the access to confidential information held on computers. The report, which also supported a privacy commissioner and privacy legislation, also recommended amending the criminal code to prohibit unauthorised access and disclosure of information. Other recommendations included the establishment of uniform definitions and criminal penalties, regular security checks of public sector staff, and the introduction of a public sector oath to maintain the confidentiality of information. AAP _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Oct 03 2005 - 23:00:50 PDT