Centrelink staff have again come under fire for 367 breaches of privacy regulations governing the Commonwealth public sector.
Twenty-four staff have resigned and two have been fired following an audit conducted by Centrelink of staff access to client records during 2005.
Another 296 Centrelink staff were issued written warnings, 44 have been fined and 13 have been reprimanded.
Responding to a Channel 7 investigation regarding 140 staff fired for breaching privacy regulations and 547 instances of breaches occurring, general manager Hank Jongen clarified there were 367 "proven breaches".
Jongen said Centrelink is using data-matching analysis tools to monitor access to client records by staff but said most of the breaches did not involve records being disclosed to third parties. He added that around 40 percent of the breaches were the result of human error relating to "misdirected mail".
This the second time in as many years that Centrelink staff have been caught inappropriately accessing customer records. In August last year, 100 staff resigned when confronted with allegations of breaching privacy regulations and a further 300 faced salary reductions.
A cultural problem at Centrelink?
Community and Public Sector Union spokesperson, Dermot Browne told ZDNet Australia: "Well, certainly there have been some incidents where [privacy breaches] have happened. Centrelink has staff of over 20,000 people. While every breach is serious, if there are 20 people out of 20,000, that's serious but it's not a huge amount."
Browne said the CPSU, which represents over 50,000 Commonwealth public sector as well as territory public sector employees, encourages its members to "know the rules and know what will happen if [they] do that and encourage people to abide by these rules to the letter."
"Overwhelmingly the vast majority do the right thing," said Browne, adding that staff process millions of transactions each whilst under "an intense level scrutiny".
"I think the message that clients' privacy is vitally important is getting through and the overwhelming majority respect and support that," said Browne.
Centrelink has been unable to respond to ZDNet Australia's questions.
Earlier this year a dozen ATO staff were sacked after it discovered inappropriate access to client records.
"While no level of unauthorised access is acceptable, in an organisation of about 22,000 people it is inevitable that a very small number of people will be tempted to do the wrong thing," an ATO spokeswoman said at the time.
I find it bewildering that in the face of evidence like this, people continue to claim that central databases of detailed personal information (such as those provided by ID card systems) are a good idea.
Identity theft is already quite easy enough.