ACCforum: ACC Privacy Champions - ACCforum

Jump to content

  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

ACC Privacy Champions ACC staff obtain Privacy Licences

#1 User is offline   so ovr sensitiveclaimsunit 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 489
  • Joined: 23-April 10

Posted 30 December 2011 - 10:33 AM

Found this interesting article on the Privacy Commissioner's web site - newsletter for December 2011: http://privacy.org.n...cember-201/#acc

So, training ACC on privacy principles?? Privacy Champions at ACC...Privacy Licences for ACC staff...you have got to be kidding me - right?? No, this is no joke.

ACC's Privacy Champions

The honour of Privacy Champion has been bestowed on staff in each of the Accident Compensation Corporation's 25 branches as part of its nationwide privacy training programme, which began in February this year.

"We wanted to recognise each person who had completed the training to acknowledge they are key in their branch in assisting with privacy issues. The Privacy Champion certificate is like having a privacy licence," said ACC's Miriama Henderson, Manager Government Services.

Business Manager, Jason Lardelli said their objective was to build privacy into day-to-day business, rather than it being an add-on or a reaction to an issue. "ACC has a lot of staff dealing with a lot of personal information, so it's vital that staff are aware of the privacy principles," said Jason.

Workshops were first held for managers, as the first stage in training, followed by training for the Privacy Champions. The branch staff members completed an online module focussing on the Privacy Act, the Health Information Privacy Code and the Official Information Act. New staff members will complete the online module as part of their induction, and staff will revisit it annually to refresh their knowledge.

Jason said, "Our aim is to build privacy capacity across the business. We want to spread the knowledge and ability across the branches, so that privacy queries or complaints are able to be dealt with at a local level, rather than relying on head office."

"Some staff deal with difficult clients in frustrating situations. Staff need to be able to stand back, remove some of the emotion and deal with the situation, thinking clearly about the privacy implications," said Jason.

"We've had really good feedback about the workshops - the branches have been really positive," said Miriama. "The challenge was to develop something that worked for everybody. We wanted to get across that ‘privacy is commonsense in action'."


As well as being a privacy champion, staff members can be recognised for their good privacy work with ACC's privacy award. ACC also produced a ready-reference set of privacy principles cards, linked together with a padlock. The final card in the set sums up ACC's privacy training: "Privacy is everybody's responsibility."
0

#2 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 30 December 2011 - 10:55 AM

and what about....

http://www.ssc.govt....e-stateservants

more money wasted!
0

#3 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 30 December 2011 - 11:00 AM

A code of conduct issued by the State Services Commissioner
under the State Sector Act 1988, section 57

FAIR
We must:
– treat everyone fairly and with respect
– be professional and responsive
– work to make government services accessible and effective
– strive to make a difference to the well-being of New Zealand
and all its people.

IMPARTIAL
We must:
– maintain the political neutrality required to enable us to work with
current and future governments
– carry out the functions of our organisation, unaffected by our
personal beliefs
– support our organisation to provide robust and unbiased advice
– respect the authority of the government of the day.

RESPONSIBLE
We must:
– act lawfully and objectively
– use our organisation’s resources carefully and only for
intended purposes
– treat information with care and use it only for proper purposes– work to improve the performance and efficiency of our organisation.

TRUSTWORTHY
We must:
– be honest
– work to the best of our abilities
– ensure our actions are not affected by our personal
interests or relationships
– never misuse our position for personal gain
– decline gifts or benefits that place us under any
obligation or perceived influence
– avoid any activities, work or non-work, that may
harm the reputation of our organisation or of the State Services
0

#4 User is offline   MG 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 503
  • Joined: 05-February 04

Posted 30 December 2011 - 01:11 PM

If ACC staff are schooled up on the Privacy Act, they will then be able to skirt round its provisions and better serve ACC's corporate goal of shifting the costs of personal injuries onto the victims and their immediate families, by terminating claims (especially weekly compensation) as quickly as possible. A second benefit of having a few staff members who understand the Privacy Act (remember that the Privacy Act establishes and authorises subordinate privacy legislation, such as the Health Information Privacy Code 1994)is that, whenever claimants or their advocates complain about privacy breaches, ACC will be able to defeat them by trumpeting the status of the select few as privacy law gurus ("ACC would never breach claimant privacy because we have 'privacy champions'. The complaint is therefore frivolous and vexatious and should be dismissed."). Courts and reviewers seem impressed by formal qualifications such as this and often them as evidence that ACC/insurers take privacy matters seriously, when in fact, they do not. A third benefit of this move is that it will probably facilitate ACC's strategy of becoming a lead player in the emerging market for health information, of which Electronic Health Records (EHRs) seem set to become a key, tradable, commodity. Insurers will soon be able to buy, sell or trade claimant EHRs to whomever they choose (genetic testing anyone?) with little or no oversight by regulatory bodies, such as the Privacy Commissioner (ex-Cabinet Secretary and devoted servant to the executive branch of government), or the H&D Commissioner (ex-Ministry of Health bureaucrat appointed by our good friend Prof DF Gorman). Once EHRs become a traded commodity in the "free market", (nearly there) individual rights to privacy will become a quaint antiquity.
0

#5 User is offline   so ovr sensitiveclaimsunit 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 489
  • Joined: 23-April 10

Posted 30 December 2011 - 02:38 PM

View PostMG, on 30 December 2011 - 01:11 PM, said:

If ACC staff are schooled up on the Privacy Act, they will then be able to skirt round its provisions and better serve ACC's corporate goal of shifting the costs of personal injuries onto the victims and their immediate families, by terminating claims (especially weekly compensation) as quickly as possible. A second benefit of having a few staff members who understand the Privacy Act (remember that the Privacy Act establishes and authorises subordinate privacy legislation, such as the Health Information Privacy Code 1994)is that, whenever claimants or their advocates complain about privacy breaches, ACC will be able to defeat them by trumpeting the status of the select few as privacy law gurus ("ACC would never breach claimant privacy because we have 'privacy champions'. The complaint is therefore frivolous and vexatious and should be dismissed."). Courts and reviewers seem impressed by formal qualifications such as this and often them as evidence that ACC/insurers take privacy matters seriously, when in fact, they do not. A third benefit of this move is that it will probably facilitate ACC's strategy of becoming a lead player in the emerging market for health information, of which Electronic Health Records (EHRs) seem set to become a key, tradable, commodity. Insurers will soon be able to buy, sell or trade claimant EHRs to whomever they choose (genetic testing anyone?) with little or no oversight by regulatory bodies, such as the Privacy Commissioner (ex-Cabinet Secretary and devoted servant to the executive branch of government), or the H&D Commissioner (ex-Ministry of Health bureaucrat appointed by our good friend Prof DF Gorman). Once EHRs become a traded commodity in the "free market", (nearly there) individual rights to privacy will become a quaint antiquity.



Just a matter of time then MG - already the 'ball is is motion', first step, second step, and by the third step, hey presto, your information is everybody else's as well.

Big Brother, Nanny State, towering over the lives of us all is alive and well.

Si is the obvious nepotisim that exists between all of these Statutory organisations - or oterwise. Can't get much worse than this.

Even more reason for claimants to be vigiliant about where their information is going, why and when and vice versa.
0

#6 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 30 December 2011 - 03:32 PM

""Jason said, "Our aim is to build privacy capacity across the business. We want to spread the knowledge and ability across the branches, so that privacy queries or complaints are able to be dealt with at a local level, rather than relying on head office."

"Some staff deal with difficult clients in frustrating situations. Staff need to be able to stand back, remove some of the emotion and deal with the situation, thinking clearly about the privacy implications," said Jason.""

quote 1, its a requirement of a public servant to shut your mouth and NOT offer personal opinion, so that buggers up local level...and branch managers

quote 2 if the staff APPLIED the legislation they wouldnt be dealing with stressed out, in pain, frustrated claimants...

So...if there are any privacy complaints up until the training point, shouldnt the staff be fired, like those in the WINZ situation?
A breach of pivacy is just that, regarless of what information has been blurted/spread/written/passed on..etc


Hahaha, the ACC should pay more attention to their profiling!

I suggest you get hold of an article called Twilight of the Psychopaths, by Dr Kevin Barrett..Uncensored magazine 2008
0

#7 User is offline   Brionia 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 332
  • Joined: 20-November 07

Posted 30 December 2011 - 03:42 PM

NTV, the Privacy Commissioners 2011 annual report has a diagram of accepted information sharing relationships and the limitations of data that can be shared freely. This is very prescriptive (limited) and restricted to IRD and Ministry of social Development and now Prisons given criminals no longer have ACC entitlement.

It's on page 54. Can you scan and upload?
0

#8 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 30 December 2011 - 05:00 PM

1 Corrections/ACC Prisoners Programme

Purpose: To ensure that prisoners do not continue to receive earnings-related
accident compensation payments.

Year commenced: 2000
Features: Data is transferred weekly by online transfer.

Corrections disclosure to ACC: Corrections provides ACC with the surname,
given names, date of birth, gender, date received in prison and any aliases of all
people newly admitted to prison.

2010/11 activity:
Match runs 52
Records received for matching 109,734
Possible matches identified 4,572

Overpayments established (number) 29
Overpayments established $21,209
Average overpayment $731

Challenges 0
Challenges successful 0
Compliance: Compliant.


2 IR/ACC Levies and Compensation Programme

Purpose: To identify ACC levy payers, and to calculate and collect premiums
and residual claims levies.

Year commenced: 2002

Features: Data is transferred weekly by encrypted USB stick.

IR disclosure to ACC: For self-employed people, IR provides ACC with the
full name, contact details, date of birth, IR number and earnings information.
For employers, IR provides ACC with the name, address, IR number, and total
employee earnings.
2010/11 activity:
Self-employed people’s records received for matching 545,695
Employers’ records received for matching 532,286

Invoices issued to self-employed people 442,986
Invoices (individual employee) issued to employers 583,489

Challenges by individuals 30
Challenges by corporations 65
Total challenges 95
Successful challenges 8
Compliance: Compliant.


26 ACC/MSD Benefit Eligibility Programme

Purpose: To identify individuals whose MSD entitlement may have changed
because they are receiving ACC payments, and to assist MSD in the recovery of
outstanding debts.

Year commenced: 2005

Features: Data transferred weekly by online transfer.

ACC disclosure to MSD: ACC selects individuals who have:
• claims where there has been no payment made to the claimant for six
weeks (in case MSD needs to adjust its payments to make up any shortfall)

• current claims that have continued for two months since the first payment

• current claims that have continued for one year since the first payment.
F or these people, ACC provides MSD with the full name (including aliases), date
of birth, address, IRD number, ACC claimant identifier, payment start/end dates
and payment amounts.

2010/11 activity:
New match runs started in the reporting period
Match runs 53
Records received for matching 1,952,282
Possible matches identified 5,836

Notifications received for debt recovery (from 30 May) 568
All match runs active in the reporting period
Matches that required no further action 3,856
Notices of adverse action 1,914

Challenges 50
Successful challenges 33

Overpayments established 1,319
Value of overpayments established $1,658,024

Commentary: On 30 May 2011, MSD started using information received
through this programme to assist it in the recovery of outstanding debts.
Detailed reporting on this activity will commence in the next annual report.

Compliance: Compliant.
0

#9 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 30 December 2011 - 05:02 PM

Please note...

the only agencies acc can lawfully interact with are

corrections

inland revenue

and MSD (WINZ)
0

#10 User is offline   jocko 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 988
  • Joined: 15-September 03

Posted 31 December 2011 - 08:38 AM

View PostMG, on 30 December 2011 - 01:11 PM, said:

If ACC staff are schooled up on the Privacy Act, they will then be able to skirt round its provisions and better serve ACC's corporate goal of shifting the costs of personal injuries onto the victims and their immediate families, by terminating claims (especially weekly compensation) as quickly as possible. A second benefit of having a few staff members who understand the Privacy Act (remember that the Privacy Act establishes and authorises subordinate privacy legislation, such as the Health Information Privacy Code 1994)is that, whenever claimants or their advocates complain about privacy breaches, ACC will be able to defeat them by trumpeting the status of the select few as privacy law gurus ("ACC would never breach claimant privacy because we have 'privacy champions'. The complaint is therefore frivolous and vexatious and should be dismissed."). Courts and reviewers seem impressed by formal qualifications such as this and often them as evidence that ACC/insurers take privacy matters seriously, when in fact, they do not. A third benefit of this move is that it will probably facilitate ACC's strategy of becoming a lead player in the emerging market for health information, of which Electronic Health Records (EHRs) seem set to become a key, tradable, commodity. Insurers will soon be able to buy, sell or trade claimant EHRs to whomever they choose (genetic testing anyone?) with little or no oversight by regulatory bodies, such as the Privacy Commissioner (ex-Cabinet Secretary and devoted servant to the executive branch of government), or the H&D Commissioner (ex-Ministry of Health bureaucrat appointed by our good friend Prof DF Gorman). Once EHRs become a traded commodity in the "free market", (nearly there) individual rights to privacy will become a quaint antiquity.

On the button
0

#11 User is offline   not their victim 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 10829
  • Joined: 04-August 08

Posted 31 December 2011 - 08:54 AM

http://www.informati...rivacylaws.html

then we may have to get this modified to ensure our right to privacy remains as such

PRIVACY IS A RIGHT...and lets face it...acc dont give a rats bottom about what info they send where...
0

#12 User is offline   doppelganger 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 1740
  • Joined: 19-September 03

Posted 31 December 2011 - 09:24 AM

then you can do some costing here.

Cost to ACC of privacy breach.

How much do ACC spend on spin doctoring including training for privacy breaches.
0

#13 User is offline   MG 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 503
  • Joined: 05-February 04

Posted 31 December 2011 - 01:01 PM

Two-thirds of people who challenge MSD/ACC decisions establishing benefit over-payments, after electronic fishing expeditions, succeed, according to the above. That's not bad at all, considering the legislative complexity of it all. The big issue, IMHO, is the market in health information, where individual EHRs will be bought, sold and traded among third parties for their commercial benefit and to the detriment of the individuals concerned. Again IMHO, I cannot see our government taking any effective action to stop this (especially since the insurers and the "business community" pay the National Party so much money in campaign donations). It might be worth making submissions to the select committee on the inadequacy of current privacy law when the ACC privatisation bill reaches them (probably in the first half of 2012).
0

#14 User is offline   hukildaspida 

  • Advanced Member
  • PipPipPip
  • Group: Member
  • Posts: 3353
  • Joined: 24-August 07

Posted 17 June 2012 - 12:49 AM


Do Miriama Henderson & Jason Lardelli quoted in post #1 still have jobs at
http://www.acc.co.nz?

May we assume as "managers" they may have been 2 of the 50 managers who failed to provide a service they are paid to provide in regards to some of the Privacy Breaches that have occured, including the email breach to Bronwyn Pullar and the 100 businesses accounts breach.

We would expect a Privacy Officer and the Business Manager within ACC to have reported these significant breaches in the first instance or was that too obvious in the job description they have?

0

#15 User is offline   so ovr sensitiveclaimsunit 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 489
  • Joined: 23-April 10

Posted 17 June 2012 - 09:11 AM

View Posthukildaspida, on 17 June 2012 - 12:49 AM, said:


Do Miriama Henderson & Jason Lardelli quoted in post #1 still have jobs at
http://www.acc.co.nz?

May we assume as "managers" they may have been 2 of the 50 managers who failed to provide a service they are paid to provide in regards to some of the Privacy Breaches that have occured, including the email breach to Bronwyn Pullar and the 100 businesses accounts breach.

We would expect a Privacy Officer and the Business Manager within ACC to have reported these significant breaches in the first instance or was that too obvious in the job description they have?




Miriama Henderson is the current ACC Privacy Officer and I think Jason Lardelli is a Business Manager in some ACC section - whatever that may be or mean!! Just another title with a bunch of useless morons having heaps of 'hui, but not much doey', but being VERY well paid to write mindless nonsense - as in the Tough Love Stragtegy and the implementation of same - culling the swamp dwellers, swamp creatures and low hanging fruit.
0

#16 User is offline   jocko 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 988
  • Joined: 15-September 03

Posted 17 June 2012 - 10:06 AM

Maybe this is what the Pullar red herring is about. A big tighten up on the release of information. The witholding of evidence. The destruction of documents. Time wasting and denial in requests for information from the gatekeepers of ACCs secret files; The Privacy Champions.
Tell me? What qualifications does a Privacy Commissioner need for the job? Fancy name for a paper tiger with little qualifications?
I had ACCs policy on information release telling cms to withold anything that was naughty.I'll have a look for it later.
0

#17 User is offline   jocko 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 988
  • Joined: 15-September 03

Posted 17 June 2012 - 10:42 AM

Altering, concealing, destroying, or reproducing documents with intent to deceive
(1) Every one is liable to imprisonment for a term not exceeding 10 years who, with intent to obtain by deception any property, privilege, service, pecuniary advantage, benefit, or valuable consideration, or to cause loss to any other person,—
(a) alters, conceals, or destroys any document, or causes any document to be altered, concealed, or destroyed; or
(B) makes a document or causes a document to be made that is, in whole or in part, a reproduction of any other document.
(2) An offence against subsection (1) is complete as soon as the alteration or document is made with the intent referred to in that subsection, although the offender may not have intended that any particular person should—
(a) use or act upon the document altered or made; or
(B) act on the basis of the absence of the document concealed or destroyed; or
© be induced to do or refrain from doing anything.
Compare: 1961 No 43 ss 231, 256, 266A
Section 258: substituted, on 1 October 2003, by section 15 of the Crimes Amendment Act 2003 (2003 No 39).
0

#18 User is offline   unicorn57 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 1468
  • Joined: 01-June 10

Posted 17 June 2012 - 07:42 PM

View Postnot their victim, on 30 December 2011 - 05:02 PM, said:

Please note...

the only agencies acc can lawfully interact with are

corrections

inland revenue

and MSD (WINZ)

WINZ cannot communicate with ACC about you if you specifically tell them they cant!

And if you specifically write on your WINZ information release when you apply that they cannot seek info about you.

SO far, WINZ have honoured this entirely, and when I checked up to see if they were still being correct about it - they were!
0

#19 User is offline   hukildaspida 

  • Advanced Member
  • PipPipPip
  • Group: Member
  • Posts: 3353
  • Joined: 24-August 07

Posted 07 October 2012 - 06:16 PM

We trust that Jason Lardelli will also be following in Miriama Henderson's footsteps out the door if she left http://www.acc.co.nz as a result of her own incompetence/misconduct as he too is a party to the same incident.

View Posthukildaspida, on 17 June 2012 - 12:49 AM, said:


Do Miriama Henderson & Jason Lardelli quoted in post #1 still have jobs at
http://www.acc.co.nz?

May we assume as "managers" they may have been 2 of the 50 managers who failed to provide a service they are paid to provide in regards to some of the Privacy Breaches that have occured, including the email breach to Bronwyn Pullar and the 100 businesses accounts breach.

We would expect a Privacy Officer and the Business Manager within ACC to have reported these significant breaches in the first instance or was that too obvious in the job description they have?


0

#20 User is offline   Aldri Gi Opp 

  • Advanced Member
  • PipPipPip
  • Group: Members
  • Posts: 168
  • Joined: 13-May 12

Posted 08 October 2012 - 09:02 AM

Miriama has seen the light and left ACC ...... And watch this space it appears Deborah-IwasalawyerintheUK-Mury is tipped to become the Business Unit manager now she has suddenly risen to "leading TCM" in a matter of months.
0

Share this topic:


  • 2 Pages +
  • 1
  • 2
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users