[LINK] Centrelink staff sacked for privacy breaches
Geoff Ramadan
gramadan at umd.com.au
Wed Aug 23 10:08:22 AEST 2006
Isn't this what the Governments Identity Management for Australian Government
Employees Framework (IMAGE)is all about.
http://www.agimo.gov.au/infrastructure/authentication/image_framework
(not to be confused with the Health Access Card)
Regards
Geoffrey Ramadan, B.E.(Elec)
Chairman, Automatic Data Capture Australia (www.adca.com.au)
and
Managing Director, Unique Micro Design (www.umd.com.au)
brd at iimetro.com.au wrote:
> Kim,
>
> I don't know what you find wrong about the reports but the issue that
> disturbs
> me is that systems have been built and are still being used that do not
> monitor who is accessing sensitive information. If information should
> only be
> viewed/accessed by those who need to know and who are appropriately
> authorised, then the system should have features built in that at least
> monitor access or, preferably, control access.
>
> To me it is a failure of requirements identification and system
> architecture.
>
> I bet there are many systems out there, both in the public and private
> sector,
> that have all or nothing access controls - if you can access the system
> you can view anything.
>
More information about the Link
mailing list