Centrelink are now under investigation by federal privacy authorities after personal and financial details of clients were found lying around at a suburban railway station in Darra which is located in the southern suburbs of Brisbane.
It has been confirmed that the documents left contained financial details belonging to 23 clients. This included bank account numbers, investments and details of property holdings. Other details such as date of birth, phone numbers and relationship details were also exposed. It has also been confirmed that these documents were left by an official of the welfare agency.
It was only realised that these files had been left when a Queensland Rail worker called one of the people whose file was left behind.
It has also been reported that Centrelink employees regularly carry confidential data with them on public transport and are stored at their personal home address. This has been the result of efforts to cut costs as a system of transporting confidential files in government vehicles was abandoned.
The Department of Human Services (DHS) have been keen to stress that such incidents are very rare but have failed to confirm whether all of the affected people have or will be notified.
The Office of the Australian Information Commissioner has confirmed that they have been notified of the incident but went no further in stating what actions or possible sanctions may be enforced.
A DHS spokeswoman confirmed that that the documents were quickly recovered but that they are taking this incident very seriously.
The spokeswoman stated, “While the information relating to 23 customers was quickly recovered by the department from a Queensland Rail employee, we do not dismiss the serious nature of the incident. Privacy and security of personal customer records is of paramount importance, and any incident of this nature is investigated under well-established privacy processes.”
The spokeswoman added, “Department staff deal with tens of thousands of customers every day and these types of incidents are extremely rare. However, any incident that places customer privacy at risk is unacceptable.”