MSD review doesn’t resolve the client data problems
An independent report released today into a recent data breach at MSD shows the problems created by a project with an
unrealistic timeframe being imposed on a complex and sensitive area.
ComVoices is pleased to learn that no personal data was mistakenly released but the report details a series of mistakes
and inadequacy.
ComVoices chair Brenda Pilott said that these errors were symptomatic of the implementation of this project to require
community providers to collect and share personal information with MSD. “We have said from the outset that this process
was being rushed and was not affording MSD time to consider all the issues. Nor have they engaged well with providers
and other experts.”
ComVoices has consistently advised the department and Minister to slow down. “The timeframe for this project was
self-imposed and coincided with a period of major restructuring within MSD. No wonder mistakes were made”, said Brenda
Pilott.
“The Privacy Commissioner made four recommendations to MSD and its Minister, of which data security was just one. The
other recommendations have not been addressed yet. Privacy considerations must be looked at carefully. Neither we nor
MSD can give providers any reassurance that they can provide this sensitive data to MSD with full trust and confidence.”
Brenda Pilott said: “My message to MSD is to slow down and to engage with provider groups in a co-design process. This
is too important to get wrong again.”