The following can be attributed to Supt Richard (RJ) Wilson – Director of Operations, Te Tari Pureke – Firearms Safety Authority.
Keeping people’s information secure is fundamental to the trust the public and firearms licence holder community have in us.
We regret this breach occurred and have implemented practices to prevent it happening again. We have also apologised to the impacted licence holders.
Police took this incident extremely seriously and notified the impacted licence holders 9 minutes later. We then made a public statement in the afternoon and let the Privacy Commissioner know. After further discussion with the Commissioner, Police completed a formal notification as well.
As a consequence of the breach, Te Tari Pūreke introduced a new interim email policy to put in place the kind of guard rails the Office of the Privacy Commissioner (OPC) expects. Currently no bulk emails are being sent from Te Tari Pūreke unless authorised by a senior manager.
Te Tari Pūreke has also taken the following steps:
1. We have held discussions with the Government’s Chief Privacy Officer who has offered advice on tools/technology systems we can adopt,
2. We have brought in an independent security expert for advice around our email systems,
3. We have reached out to other public sector agencies to understand their best-practice approach to this issue.
As a consequence of this work, we will be introducing a new technology solution.
Today’s release from the Office of the Privacy Commissioner references privacy thinking around the introduction of the Firearms Registry. The breach did not come from the Registry system, it was the consequence of using the Police email system.
Te Tari Pūreke does not accept that privacy breaches are acceptable or inevitable and we will work hard to make the necessary changes to lift our performance.
Need help? | |
Phone 0800 844 431 (04 499 2870) 8.30am to 5pm, Monday to Friday |