[LINK] Centrelink staff sacked for privacy breaches
Marghanita da Cruz
marghanita at ramin.com.au
Wed Aug 23 09:47:56 AEST 2006
brd at iimetro.com.au wrote:
> Kim,
>
> I don't know what you find wrong about the reports but the issue that
> disturbs
> me is that systems have been built and are still being used that do not
> monitor who is accessing sensitive information. If information should
> only be
> viewed/accessed by those who need to know and who are appropriately
> authorised, then the system should have features built in that at least
> monitor access or, preferably, control access.
>
> To me it is a failure of requirements identification and system
> architecture.
>
> I bet there are many systems out there, both in the public and private
> sector,
> that have all or nothing access controls - if you can access the system
> you can view anything.
>
...this assumes they have policies on this in the first place...in which
case these policies should be implemented in the ICT systems...it seems
convenient to blame the ICT system.
M
--
Marghanita da Cruz
Ramin Communications
http://www.ramin.com.au
Phone: 0414-869202
Email: marghanita at ramin.com.au
More information about the Link
mailing list