Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

The newly released GCIO report is “a wake-up call to the government sector”, said Privacy Commissioner Marie Shroff. It reveals systemic weaknesses in the way privacy and security have been managed across the government sector.

“While departments are keen to make use of personally-linked data, the Report shows that they haven’t yet got their heads around how to handle it properly. I welcome the recommendations in the report. They are strong and comprehensive and will require some agencies to really lift their game.

“There has been a torrent of government sector failures. We now need to shift the focus to getting things right. Insecure, poorly-managed client data should be a thing of the past.

“Getting the security mechanics right is one thing – it’s necessary but not sufficient. Attitudes and culture also need to change.

“We need to get our priorities right from the start: government exists to serve the citizen, not the other way round. Chief executives and senior staff need to take on board the message that personally-linked data is an asset to their agencies – and it needs to be handled with respect. That respect means honouring the silent bargain with New Zealanders – ‘we have to give the government our information, but in return we expect the government to protect and respect it.’

“Government agencies want to share data about clients to provide better public services. That can lead to operational benefits, and I recognise there can be cost efficiencies and service improvements.

“But these initiatives must not mean that the citizen is pushed to the edges, with few options and little control,” Marie Shroff said.

Information management and respect for our personal data needed to be embedded throughout each government organisation. “Government agencies should respect personally-linked information from the time it is collected to when it is destroyed – and for all those years in between when it is being used, stored and shared. Staff attitudes, led from the top, will make this a reality.

“Government chief executives need to be certain how their agency stacks up on privacy and security measures, and to be held to account on those.

“I welcome the decision by the State Services Commissioner to introduce new performance measures for chief executives on how well they are protecting the public’s information.”


Note for Editors

View the full GCIO report.

For further information contact: Annabel Fordham 021 509 735 or 04 474 7598