BreachExchange mailing list archives
Ministry breaches pupils' privacy
From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 24 Apr 2013 10:27:15 -0400
http://www.stuff.co.nz/dominion-post/news/8592442/Schools-breach-pupils-privacy The Privacy Commissioner has been notified after the school marks of 38 teenaged pupils were sent to the wrong email recipients. Acting Secretary for Education Peter Hughes announced the privacy breach today, in relation to a PISA international study assessing and comparing how well countries are preparing their 15-year-old pupils for real life. ________________________________ Were you affected? Leave a comment below the story or call us on 0800 DOMPOST ________________________________ More than 5200 pupils voluntarily took part in the study and 2500 asked to be emailed feedback that included their name, school and marks in maths, science, reading and financial literacy. "But unfortunately, 38 went to the wrong recipients due to human error with data entry or because email addresses, that had been hand-written by all the students, were read incorrectly." Mr Hughes "extremely disappointed" and had now taken steps to ensure all test result information is managed by the New Zealand Qualifications Authority from now on. NZQA's core business was communicating this sort of information to students - they had the right expertise and processes for handling it, he said. "We've only ever sent this information out in relation to PISA, which happens every three years, but it will not be happening again." "We apologise to the 38 students affected and will be contacting them, and are also contacting the people who received their information and asking them to delete it." Around 200 students who asked for their results to be emailed have not received them because the email addresses supplied were no longer valid or were not legible. The Office of the Privacy Commissioner had been informed about the privacy breach. _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Ministry breaches pupils' privacy Erica Absetz (Apr 24)