Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


Privacy breaches, workplace safety should have same priority

10 February 2014

Privacy breaches should have same priority as workplace safety

Barely a month goes by when privacy breaches – by mostly government agencies like ACC, the Earthquake Commission and DHBs – aren’t in the headlines, but the gap is unlikely to be plugged so long as decision makers look to technology for the whole solution.

Chief Executive of New Zealand IT consulting and software development company Designertech, Ray Delany, said today that headlines like ‘ACC privacy breach probed’, ‘DHB acts to protect patient privacy’ and ‘IT policies threaten pupils' privacy’ may actually be prevented with low tech human solutions.

Mr Delany said part of the problem is that the overwhelming focus of IT is on efficiency even when, in some cases, efficiency is not necessarily a good thing.

“Most of the privacy breaches have been very kitchen sink level from an IT perspective. For example, somebody sends an email somewhere they shouldn’t. That’s the equivalent of turning on the wrong switch at the kitchen stove.

“More often than not, organisations think of technology in terms of how to improve efficiencies and increase productivity, when they might be better served by an understanding of their own priorities. For example, when client privacy is more important than efficiency.”

Mr Delany said three factors are critical to safeguarding client privacy:

• The culture of the organisation
• IT governance and policies
• Technology based checks and balances

“In terms of the culture of an organisation, we regularly encounter a fairly recent set of naïve beliefs that people hold, such as the perception that all email is miraculously private. It’s one thing to do something deliberately, but in most instances people are doing things without having the faintest idea that it is a risk.”

A review by Government chief information officer Colin MacDonald released last year found that 73 per cent of agencies did not have formal security standards and procedures in place.

“Don’t for one moment think it is only Government that has this problem – it’s just as widespread in the private sector. Technology is evolving so fast and people are working under increasing time pressures and workloads, so it’s inevitable that privacy breaches will continue.

Suggested solutions
“A good governance structure is critical, but so is having those policies and procedures deeply embedded in the thinking people and their workplaces, particularly where an organisation is used to shifting large quantities of data around on email.”

Mr Delany said one solution is to learn from the workplace safety industry.

“For example, simple signage and education programmes similar to those used by workplace safety officers can help change thinking about privacy.

“What is certain is that the overall governance of information management and strategy should no longer be neglected or relegated behind productivity because it is perceived as a cost rather than a profit activity.

“Companies and government organisations are learning the painful lesson that focusing on the human element is as much IT related as hardware, and also the more cost effective approach. Training people is cheaper than spending half a million on IT infrastructure,” he said.

Technology solutions that may be implemented are by no means fool proof, but can be designed to work in sync with human behaviour.

For example, some organisations could consider configuring rules into the IT system that prohibit the attachment of certain types of files to emails, as well as specifying certain file types or instituting a ten minute delay before an email goes.

“It is not difficult to come up with easy and cost effective solutions that force people to think before they act, or which undo actions before any consequence or errors occur. Knowing that, there is no excuse for privacy breaches,” he said.

About Designertech
Designertech is an innovative and successful IT support, product development and consulting company with specific emphasis on business outcomes based on strong relationships between people, technology and systems in order to provide tailored solutions that meet the unique needs of clients.

Through its core philosophy of finding ways for people and machines to work better together, Designertech has enjoyed excellent results with products like MailMarshall and also productive relationships with iconic New Zealand success stories such as Mainfreight, Plunket and Tegel.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Land & Water Forum: Fourth Report On Water Management

The Land and Water Forum (LWF) today published its fourth report, outlining 60 new consensus recommendations for how New Zealand should improve its management of fresh water and calling on the Government to urgently adopt all of its recommendations from earlier reports. More>>



Welcome Home: Record High Migration Stokes 41-Year High Population Growth

New Zealand annual net migration hit a new high in October as more people arrived from than departed for Australia for the first time in more than 20 years. More>>


Citizens' Advice Bureau: Report Shows Desperate Housing Situation Throughout NZ

CAB's in-depth analysis of over 2000 client enquiries about emergency accommodation shows vulnerable families, pregnant women and children living in cars and garages, even after seeking assistance from the Ministry of Social Development and Housing New Zealand. More>>


Speaking For The Bees: Greens Call For Neonicotinoid Pesticide Ban

The National Government should ban the use of controversial pesticides called neonicotinoids after evidence has revealed that even at low doses they cause harm to bee populations, the Green Party said today. More>>


Get More From Scoop

Search Scoop  
Powered by Vodafone
NZ independent news