Our website uses cookies so we can analyse our site usage and give you the best experience. Click "Accept" if you’re happy with this, or click "More" for information about cookies on our site, how to opt out, and how to disable cookies altogether.

More Accept ×

We respect your Do Not Track preference.

Close ×

opc header logo

Print | Email this page

Independent review of ACC's privacy and security of information

A person's hand lifts a report off a stack of reports on a desk. In conjunction with ACC's Board, we commissioned an independent review of ACC's practices in relation to privacy and security of information. We did that following a significant data security breach that happened on 5 August 2011 and that became public in March 2012.

The breach involved the unauthorised disclosure of details of 6,748 clients.

The Terms of Reference required the Independent Review to make an assessment of ACC's Privacy and Security of Information and to specifically report on:

  • The circumstances of the breach including the cause(s) and ACC's response.
  • The appropriateness of policies and practices (including comparability with private sector practices, consistency with good practice in the public sector and the health sector, appropriateness in terms of the risk related to the nature of the client data/information maintained by ACC).
  • The effectiveness of policies and practices (in the context of addressing staff and clients need for access to information, maintaining confidentiality and privacy, communication, compliance, monitoring and culture of the organisation).
  • Recommendations to OPC and the ACC Board to restore and increase public confidence in ACC's current and future client information handling policies and processes. 

Read the full report (opens to PDF, 1.46MB). 

 

Back to top