Post by bear on Mar 5, 2020 7:45:45 GMT 7
Centrelink accidentally sends pensioner's personal information to wrong man
Melbourne man pursued over robodebt is given details of another person’s payments, as welfare privacy breaches grow
Services Australia accidentally released the personal information of a disability support pensioner to another former welfare recipient who had received a robodebt letter in what is among a growing number of privacy breaches with the agency.
Melbourne man Mike Reid told Guardian Australia he had requested a 2017 letter that Services Australia (formerly Centrelink) claimed they had sent to him after they began pursuing him two weeks ago over the potential debt.
Despite the ongoing robodebt saga, Reid, who is no longer receiving welfare payments, was asked two weeks ago to provide payslips or other information to confirm his employment income.
When he asked for copies of earlier correspondence, Reid was instead sent three pages’ worth of information about another person’s payments, including what appears to be a breakdown of alleged overpayments from the agency.
“The attached documents [were] three pages of a table with someone else’s name, their CRN, [and] that it was related to the disability support payment,” he said.
“And I had their payment history, their fortnightly payments and what they were paid, what they believe they should have been paid, and the overall kind of discrepancy that that person had. At the bottom of it, it calculated the total overpayment.
“It was something completely different to what I’d asked for. And somebody else’s details.”
Reid told Guardian Australia that he was concerned that this meant his own information had been sent to another welfare recipient.
He has contacted Services Australia about the privacy breach and said he was told to bring the documents into a Centrelinkshopfront to have them destroyed, or to do so himself.
It comes amid a huge increase in the number of privacy breaches by the agency. Services Australia’s last annual report showed there was a 43% jump in substantiated privacy incidents, from 988 in 2017-18 to 1,416 in 2018-19. Since 2012-13, the number of incidents has increased by 200%, although there was a brief spike in 2014–15 when the agency recorded 1,939 breaches.
The agency told Senate estimates recently that these incidents occurred across the whole department, not just Centrelink.
Hank Jongen, a spokesman for Services Australia, said the agency took “the protection of personal information very seriously and apologise for any inconvenience”.
“We take immediate action to address a privacy incident as soon as it is identified, including taking available measures to remediate the incident and minimise any harm that may arise from it,” he said.
“We also undertake regular quality assurance and training activities to reduce the likelihood of privacy incidents occurring. This can include feedback and training to staff involved, increased guidance for all staff, and process and system improvements.”
Asked about the huge increase in privacy incidents last financial year, Jongen said the agency had 980m interactions with individuals in 2018-19 and that “privacy incidents represent a very small proportion of our overall interactions”.
“The number of substantiated privacy incidents includes some incidents that we proactively identified as part of our data quality processes and subsequently corrected before they had any impact on customers.”
Citing an investigation into the breach, Jongen declined to comment on whether Reid’s personal information had also been inadvertently shared, nor whether the agency had contacted the person whose data had been accidentally sent to Reid.
www.theguardian.com/australia-news/2020/mar/04/centrelink-accidentally-sends-pensioners-personal-information-to-wrong-man
Melbourne man pursued over robodebt is given details of another person’s payments, as welfare privacy breaches grow
Services Australia accidentally released the personal information of a disability support pensioner to another former welfare recipient who had received a robodebt letter in what is among a growing number of privacy breaches with the agency.
Melbourne man Mike Reid told Guardian Australia he had requested a 2017 letter that Services Australia (formerly Centrelink) claimed they had sent to him after they began pursuing him two weeks ago over the potential debt.
Despite the ongoing robodebt saga, Reid, who is no longer receiving welfare payments, was asked two weeks ago to provide payslips or other information to confirm his employment income.
When he asked for copies of earlier correspondence, Reid was instead sent three pages’ worth of information about another person’s payments, including what appears to be a breakdown of alleged overpayments from the agency.
“The attached documents [were] three pages of a table with someone else’s name, their CRN, [and] that it was related to the disability support payment,” he said.
“And I had their payment history, their fortnightly payments and what they were paid, what they believe they should have been paid, and the overall kind of discrepancy that that person had. At the bottom of it, it calculated the total overpayment.
“It was something completely different to what I’d asked for. And somebody else’s details.”
Reid told Guardian Australia that he was concerned that this meant his own information had been sent to another welfare recipient.
He has contacted Services Australia about the privacy breach and said he was told to bring the documents into a Centrelinkshopfront to have them destroyed, or to do so himself.
It comes amid a huge increase in the number of privacy breaches by the agency. Services Australia’s last annual report showed there was a 43% jump in substantiated privacy incidents, from 988 in 2017-18 to 1,416 in 2018-19. Since 2012-13, the number of incidents has increased by 200%, although there was a brief spike in 2014–15 when the agency recorded 1,939 breaches.
The agency told Senate estimates recently that these incidents occurred across the whole department, not just Centrelink.
Hank Jongen, a spokesman for Services Australia, said the agency took “the protection of personal information very seriously and apologise for any inconvenience”.
“We take immediate action to address a privacy incident as soon as it is identified, including taking available measures to remediate the incident and minimise any harm that may arise from it,” he said.
“We also undertake regular quality assurance and training activities to reduce the likelihood of privacy incidents occurring. This can include feedback and training to staff involved, increased guidance for all staff, and process and system improvements.”
Asked about the huge increase in privacy incidents last financial year, Jongen said the agency had 980m interactions with individuals in 2018-19 and that “privacy incidents represent a very small proportion of our overall interactions”.
“The number of substantiated privacy incidents includes some incidents that we proactively identified as part of our data quality processes and subsequently corrected before they had any impact on customers.”
Citing an investigation into the breach, Jongen declined to comment on whether Reid’s personal information had also been inadvertently shared, nor whether the agency had contacted the person whose data had been accidentally sent to Reid.
www.theguardian.com/australia-news/2020/mar/04/centrelink-accidentally-sends-pensioners-personal-information-to-wrong-man