The federal government is caught up in a second data privacy scare, this time involving a massive data-set on more than 96,000 of its public servants amid fears their confidential information might not be secure.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
In the second potentially serious Commonwealth data breach to become public in less than a week, the public service's workplace authority has confirmed that it has withdrawn the data gathered in its massive annual employee census from public view.
It is feared that identification codes for departments and agencies could be used to identify the individual public servants who filled in the census, the largest workplace survey undertaken in Australia, on condition of anonymity.
The data has been taken down from official websites to be washed of any features that could be used to breach the privacy of government officials.
But the Australian Public Service Commission has confirmed the data-set was downloaded nearly 60 times before the take-down, meaning the raw information is in circulation with no way to control how it is used or distributed further.
It is less than a week since Health Minister Sussan Ley was forced to apologise to a doctors group after potentially sensitive information about them, which appeared on Medicare and Pharmaceutical Benefits Scheme databases, was inadvertently published.
In the wake of the Health data-leak, Attorney-General George Brandis announced changes to privacy legislation that would make it a criminal offence to re-identify government data that has been stripped of identifying markers.
About 96,700 federal public servants filled in the employee census this year after being promised their responses would be confidential and all the data and information collected from the census will be stored appropriately and in accordance with the Privacy Act 1988.
The census has been collected each year since 2003 but this year is the first time agency identifiers have been attached to the data.
Fairfax has been told that the agency's ID attached to the data would make it reasonably easy for individual's information to be cracked with some basic knowledge.
An Australian Public Service Commission spokeswoman confirmed the data had been removed from public view and that a "review" was underway.
"De-identified APS Employee Census data is published annually on data.gov.au," an APSC spokeswoman told Fairfax.
"This year, for the first time, the Census data included a numeric code for each APS agency.
"We decided that extra care should be taken to ensure individual officers could not be inadvertently identified.
"A review of the data is underway.
"We anticipate this data will be available via data.gov.au in the coming week."
"The log records indicate the data-set was accessed 58 times before it was removed."
The Office of the Australian Privacy Commissioner,Timothy Pilgrim, is investigating the health data breach and checking the department's claims that no patient data was compromised but there is no indication that the Public Service Commission compromise has been referred elsewhere for investigation.
