Government ‘unreservedly’ apologises for privacy breach involving Covid-19 cases

Source: 1News

State Services Minister Chris Hipkins has apologised to people with Covid-19 whose personal details were leaked as part of a privacy breach.

“I unreservedly apologise on behalf of the New Zealand Government. We will find out who had the information who shouldn’t have and who released it in a way they shouldn’t have,” he said.

The apology comes after it emerged this morning personal details of New Zealand’s 18 active Covid-19 cases were leaked.

NZME and RNZ reported it had seen a document that included the full names, addresses, ages and names of the hotels and hospital 18 active cases were quarantined in. 

He said he didn’t know at this point whether the breach was deliberate or an error.

Mr Hipkins said he found out about the breach yesterday.

“If it was a malicious act, then clearly there will be consequences,” he said.

“If it was accidental, sometimes human error happens here, then obviously we still need to understand that. It’s still not okay.

“The systems should have been robust enough to stop that from happening.”

If the investigation found that the breach was accidental, he said he expected a “stern conversation” would take place.

Mr Hipkins said he ordered an investigation into the breach, and has brought in the State Services Commission to assist. 

He said he hadn’t personally contacted the people involved, and didn’t know of anyone who had contacted them either.

“We’re going to go back and have a very close look at who had the information, why they had the information and what systems were put in place to keep it secure.”

Mr Hipkins said the information would’ve “most likely to have been shared with people who are managing the quarantine and isolation facilities”.

“At this point, I don’t want to point the finger at any one person or organisation. There are a number of steps in this chain.”

He said the media shouldn’t have been given that information in the first place but commended the media for not making the details public.

Even though systems had been set up “at speed”, Mr Hipkins said he still expected officials to keep people’s private information safe.

He said he had “no reason not to be confident” information held by authorities was secure.