Privacy awareness week 2012 notes from the coalface presentation by mike flahive and dawn swan
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

Privacy Awareness Week 2012 Notes from the coalface Presentation by Mike Flahive and Dawn Swan PowerPoint PPT Presentation


  • 82 Views
  • Uploaded on
  • Presentation posted in: General

Privacy Awareness Week 2012 Notes from the coalface Presentation by Mike Flahive and Dawn Swan. In March : The News. Australian Cricket Association ACC data breach Ports of Auckland Law Commission / Code amendments CCTV in Pukekohe Police to pay damages Coronor’s comments.

Download Presentation

Privacy Awareness Week 2012 Notes from the coalface Presentation by Mike Flahive and Dawn Swan

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Privacy awareness week 2012 notes from the coalface presentation by mike flahive and dawn swan

Privacy Awareness Week 2012

Notes from the coalface

Presentation by

Mike Flahive and Dawn Swan


In march the news

In March : The News

  • Australian Cricket Association

  • ACC data breach

  • Ports of Auckland

  • Law Commission / Code amendments

  • CCTV in Pukekohe

  • Police to pay damages

  • Coronor’s comments


The reality

The Reality

  • Complaints

    > 968 last year, 915 currently

  • Enquiries

    > 7006 last year, 6475 currently

  • Eight team members hold files

  • On average, each investigator will

    receive 125 files and close 120 each

    year


Work in progress

Work in progress

  • An average of 50 files

  • Half access, 25% disclosure

  • Even split public and private sector

  • Age of files: 88% under 6 months

  • Dominant focus settlement

  • 30% settled


Outcomes on closed files 2010 11

Outcomes on closed files 2010/11

Closed999

No interference withprivacy686

Complaint hassubstance313

Settled /mediated281

Referred to Director of Human

RightsProceeding19


Settlement record 2010 11

Settlement record (2010/11)

Access

  • 534 access complaints

  • 208 settled

  • 185 involved release or partial release

    of information

  • 21 involved payment of money averaging

    $650 for slow release or refusal

  • 2 payments in excess of $2,000


Settlement record 2010 111

Settlement record (2010/11)

continued

Disclosure

  • 267 closed

  • 52 settled

  • 19 involved payment of money averaging

    $8000

  • 3 payments in excess of $10,000

  • 1 payment more than $40,000

  • Average without large payment $5,000


Examples of settlement

Examples of settlement

Health agency

  • Gave information to person about

    patient

  • Person not a relative or holding EPOA

  • No checking by health agency

  • Apology, assurances, training and

    $5,000


Examples of settlement1

Examples of settlement

continued

  • Agency repeatedly sent

    correspondent to complainant’s

    residential address contrary to

    arrangements to use PO Box

  • Spouse found out about secret

    arrangement

  • $1,000 new terms of contract


Examples of settlement2

Examples of settlement

continued

Agency employee browsing

  • Information used outside agency to

    significantly embarrass complainant

  • Loss of confidentiality

  • Loss of employment

  • Agency paid more than $40,000


Lochead macmillan vs ami insurance ltd 2012 nzhrrt 5

Lochead-MacMillan vs AMI Insurance Ltd[2012] NZHRRT 5

  • Fire damaged property, home and

    contents insurance claim

  • $10,000 damages

  • “Multiple, sustained and systemic

    failures” to comply with Privacy Act


Multiple information requests

Multiple information requests

  • 4 February – request for audio files

    and transcripts

  • 2 March – request for audio repeated

  • 13 April – Feb and March requests

    repeated

  • 6 May – request for fire report

  • 19 May – first three requests repeated

  • 8 July – request for AMI file


Breaches by ami

Breaches by AMI

  • Failure to comply with statutory time

    limit = deemed refusal

  • Failure to advise of right to seek an

    investigation by Privacy Commissioner

  • Refusal to release fire report –

    unjustifiably withheld twice


Damages awarded

Damages Awarded

  • $10,000 for injury to feelings

  • Repeatedly ignored requests

  • Plaintiffs kept in dark

  • Impression Privacy Act obligations

    not important

  • Unequal relationship

  • Plaintiffs made to feel insignificant,

    ineffectual and unimportant


Hrrt comments

HRRT Comments

  • Privacy principles are fundamental

    to good process

  • Requests for information cannot

    be ignored or dismissed

  • Good administration demands full

    compliance with Privacy Act


Sharoodi v director of civil aviation

Sharoodi v Director of Civil Aviation

[2011] NZHRRT 5 (25/2/11)

  • Withholding grounds

    [2011] NZHRRT 6 (9/3/11)

  • Non compliance with Part 5

    procedural provisions of the Act


General advice from tribunal

General Advice from Tribunal

  • Full index of documents

  • Pagination of documents

  • Identification of released, withheld

    or redacted information


Managing access requests

Managing Access Requests

  • Anticipate having to explain what

    you have done

  • A discovery process of indexing all

    documents is very handy

  • Create separate record of total

    information

  • Create separate record of withheld/

    redacted information


Tribunal discussion

Tribunal discussion

  • Series of misunderstandings around

    request for personal information which

    became “personnel” information

  • Request not answered until 21/2 months

    after reasonably expected to comply

    Therefore

  • Deemed refusal and undue delay


Damages

Damages

Loss of benefit - $5,000

  • A reluctant and piecemeal release

  • Revoked pilot’s licence before release

  • Not able to use/check information

    before revocation

  • Not given a “fair crack of the whip”


Damages1

Damages

continued

Humiliation, loss of dignity, injury to

feelings - $5,000

  • Interpreted request in a limited way

  • Revoked pilot’s licence knowing that

    information yet to be released

  • Late decisions to mitigate only after

    involvement of Privacy Commissioner


  • Login