Centrelink denies hiding privacy breaches

Centrelink says it is completely candid about privacy breaches by employees, after it was forced to clarify the number of breaches that occurred during the last financial year.

"We're up front with this," a spokesperson told ZDNet Australia. "We are dedicated to protecting privacy breaches. It's a case of 'yes, this did happen' and we're not hiding it away."

Centrelink was forced to detail how many breaches had occurred during the last financial year to prevent potential misunderstanding caused by Channel 7 conflating figures it had acquired under a Freedom of Information request, which covered two separate investigations, said the spokesperson.

Centrelink publishes the results of its investigations in its annual report, the spokesperson added.

Centrelink also said that "browsing" i.e. -- when an employee "cruises a customer record without a legitimate reason" -- has dropped significantly over the past three years.

Employees must agree to a statement stating that they understand Centrelink's electronic information policy when logging into e-mail accounts and are regularly reminded what constitutes a conflict of interest, according to Centrelink.

The agency said the reason behind a greater number of staff breaches being detected last year was the result of a "special project" to detect such activities, which took place in addition to Centrelink's normal monitoring activities. In August last year, 100 staff resigned when confronted with allegations of breaching privacy regulations and a further 300 faced salary reductions.

Centrelink's General Manager Hank Jongen said the latest proven breaches "show Centrelink's robust system for detecting inappropriate access is operating effectively."