16 Mar 2017

CYF 'stuff-up' fuels privacy concerns

7:27 pm on 16 March 2017

A Child, Youth and Family privacy breach is being brandished as proof the government cannot be trusted with people's private information.

Anne Tolley

Social Development Minister Anne Tolley said the incident was regrettable but "people can make mistakes". Photo: RNZ / Claire Eastham-Farrelly

The breach has been made public as the government faces a backlash over its plan to require agencies to hand over clients' details if they want state funding.

Kaitaia woman Kelly Stratton said she received a letter from Child, Youth and Family last month, inviting her to a family group conference for a distant relative she barely knew.

The letter contained a child's private details, she said.

"I was just really, really concerned that CYF could ... just send someone's private information to any person," she said.

"I can't understand that they could be so negligent."

The parents of the child were shocked and upset and had since lodged a formal complaint, Ms Stratton said.

"If they can send a letter to the wrong person... what else has been leaked out there? What other private information is being released?"

Social Development Minister Anne Tolley said the incident was regrettable but "people can make mistakes".

"Mistakes do happen. You can never completely eliminate that."

The incident would be reviewed to see what went wrong, but those types of mistakes were "pretty rare", she said.

The ministry worked with more than a million New Zealanders every year and had robust systems in place, she said.

But Labour Party social development spokesperson Carmel Sepuloni said the minister needed to acknowledge the breach was a "huge stuff-up".

"The government can't handle the data that they've already got - so to go to the level of identifying information that they're expecting organisations to report on is incredibly concerning," she said.

"We could see more leaks ... and more breaches of people's privacy."

The new arrangement, due to begin on 1 July, will require agencies to provide their clients' personal information to government organisations to be eligible for funding.

Sexual violence agencies have now been given a year's reprieve while the system is being developed, after a backlash from groups such as Rape Crisis.

Mrs Tolley met with sexual violence groups yesterday and said she would work with them to determine exactly what type of data they would need to provide.

The agencies would eventually be required to hand over some information to show the right people were getting the right services, she said.

Greens co-leader Metiria Turei said that was "completely irrational".

"It is disgusting that Anne Tolley and the government want these personal details about individuals who are victims of abuse, before the services that support these victims get money."

Maori Party co-leader Marama Fox called the breach "unbelievable".

"It's one of the most harmful things for a person to go through to have their innocence ripped away and to be sexually violated and now that information is going to be shared? If you wanted it shared, you would share it."

Social service agencies have written to the government asking that they too be granted a year-long exemption.

The Privacy Commissioner has launched an investigation into the data-for-funding issue and is expected to report back by the end of the month.