Minister furious over ACC's privacy stance
ACC Minister Judith Collins wants the state insurer to start sacking staff who breach a new "zero tolerance" policy on privacy breaches.
A furious Ms Collins has revealed her astonishment at the failure of ACC to include privacy among nine of its "top priorities".
"I'm not going to sit back and let one of the most important government entities [that] we have let people down time and time again around things such as privacy.
"They have to act in the way that I expect them to act. When I go around the branches, most of the people there absolutely understand it.
"But, actually, a few are letting them down and when we have things like the audit and risk committee having nine priorities for the year and not one of them [being] privacy, how can that be acceptable given everything else that's going on?"
Ms Collins' comments come as figures from ACC show 11 staff members have been reprimanded over "serious misconduct" since 2010.
The breaches involved: theft; fraud against ACC or a claimant; serious misuse of ACC property, including information and systems; dishonesty; disobeying a lawful and reasonable instruction from a manager; and any act that had the potential to bring ACC into disrepute.
Nine staff were sacked as a result of the breaches and two were given final written warnings.
Ms Collins said while the serious misconduct cases were "a shame", she was pleased they were taken seriously and not covered up. "I think that they need to be - and they are now - taking on a culture of zero tolerance to privacy breaches, in particular," she said.
Police had a "zero tolerance" approach to staff accessing private details about people without good reason.
"People lose their jobs over it, and that's something that I think ACC needs to have, which is that we have people's very personal information, we should treat it with respect and should understand it's a very privileged position."
ACC has been under siege over repeated privacy breaches since March, when it was revealed the private details of 6500 clients were accidentally sent to claimant Bronwyn Pullar.
The revelation sparked a string of controversies, culminating in three inquiries and the resignations of Cabinet minister Nick Smith, board chairman John Judge, chief executive Ralph Stewart and three other board members.
Separate inquiries by the privacy commissioner and the auditor-general will be released within weeks.
Ms Collins said she expected the new board members, including a new chairperson, to be in place "just after that".
"When I reappoint or appoint people to the board, that has to be someone who is going to be able to spend the time necessary in bringing about the cultural change that I expect from ACC . . . We need to do an awful lot around the culture of customer service and respect towards members of the public that I know most of our staff are providing."
Green MP Kevin Hague said even basic data protection systems at ACC still appeared to be hopeless.
"When every other state agency, let alone private sector organisation, was busily doing its best to protect data and figure out how to keep people's privacy protected, how come ACC, an organisation that was dealing with some of the most sensitive information out there in the state sector, was effectively doing nothing? I suspect that their focus has been not on meeting client needs. I think their focus has been on their financial result . . . thinking about clients as liabilities rather than people to whom they owe service."
The Dominion Post