ACC, Auditor General Reports Issued
DATA PROTECTION—NEW ZEALANDAugust 23, 2012
An independent report on New Zealand’s Accident Compensation Corporation (ACC) has revealed that a data breach was due to “human error” but also “systemic weaknesses within ACC’s culture, systems and processes.” Commissioned by New Zealand Privacy Commissioner Marie Shroff, the Independent Review of ACC’s Privacy and Security Information was undertaken by KPMG and former Australian Privacy Commissioner Malcolm Crompton, CIPP/US. Shroff said the ACC “has elements of privacy protection and security” in place, but they “are not up to the standard expected” of such an organisation, adding, a “culture change” will be necessary, starting “right at the top.” ACC Minister Judith Collins says she agrees with the report’s recommendations. The Auditor General has concluded its investigation and released a report as well. Meanwhile, State Services Commissioner Iain Rennie urged vigilance by public servants processing personal data.