'Human error' behind Novopay breach

Last updated 18:12 09/04/2013

Relevant offers

Education

Two new Rolleston schools ready to open University of Canterbury's 30-year plan to create 'little city inside a larger city' Declining confidence in delivery of $206 million Lincoln Hub International cyber security conference heads to Hamilton Otahuhu College writes its own NCEA history Technology takes school stationery list to the next level Rugby, farming and homosexuality: Brave gay students tell their stories of schoolyard bullying to inspire others Angela Roberts looks back on ups, downs and almosts of four years at helm of PPTA Is politics the next move for outgoing PPTA president Angela Roberts? A Life Story - Bob Stothart, educationalist, dies, 82

Novopay is to blame for the latest privacy breach after 1600 schools received personal and pay details for staff at other schools.

Acting Secretary for Education Peter Hughes has announced that human error at Talent2 today resulted in a glitch in emails advising schools of payroll changes being worked on.

A Talent2 staff member made the mistake when doing a mail merge, and 1600 schools were sent an email involving 5600 transactions.

Of those, 3400 identified an individual and about 40 had other limited personal information, such as the dollar amount of an advance or underpayment, information about a relationship with another agency or circumstances such as parental leave.

"In simple terms, the pay administrators at these schools have received the names and Ministry of Education numbers for staff at another school, instead of their own, along with the transaction number for the outstanding issue," Hughes said.

"I treat this very seriously and sincerely apologise to those schools and staff."

While it was a case of human error, Hughes said, he was disappointed that it happened and had spoken to Talent2, which had also apologised.

"Privacy requirements are set out in our contract with Talent2, and in this case they have clearly failed to meet the terms of the contract and I have taken that up with their CEO."

He asked for a full review and report to help prevent any repeats of the error.

Pay administrators who received the incorrect emails were authorised users of the Novopay payroll system and had been asked to delete the incorrect email.

"They're a respected and professional group of people who deal with personal information daily and I expect they will do the right thing," Hughes said.

The Office of the Privacy Commissioner has been advised of the breach.

Ad Feedback

- Stuff

Special offers

Featured Promotions

Sponsored Content