You are using an older browser version. Please use a supported version for the best MSN experience.

Tolley disappointed with IT review outcome

NZ Newswire logoNZ Newswire 16/05/2017

The Ministry for Social Development didn't properly consider privacy and security risks in rolling out a client-level data system before a breach that could have exposed personal client details, a review has found.

Last month a fault in the MSD client-level data system caused a breach that allowed service providers to access folders where the private information of clients would have been stored.

But no personal information was breached because a large number of providers whose folders became accessible had not yet started using the system.

Social Development Minister Anne Tolley immediately ordered a review of the portal project, and was "extremely disappointed" by the findings released on Tuesday.

"While this occurred at a time when the ministry was going through major organisational change, the report highlights that the project lacked the appropriate governance, project management processes and dedicated project resource," she said.

"Privacy considerations and security risks were not properly identified and mitigated in a timely manner."

Mrs Tolley said she expected the lessons highlighted in the report to be taken on board.

image beaconimage beaconimage beacon