[BreachExchange] Children's safety at risk after multiple government privacy breaches

Wed Jul 13 20:55:12 EDT 2016

http://www.watoday.com.au/victoria/childrens-safety-at-risk-after-multiple-government-privacy-breaches-20160713-gq52dl.html

The confidential information of at-risk children and the foster carers who
look after them has been breached multiple times by the Victorian
government agency responsible for their safety.

In the most disturbing cases, parents jailed for violent crimes, convicted
of serious offences including threats to kill, and questioned by police
over child sex abuse have been given the home address of the children
removed from their custody.

Confirmed security violations of vulnerable children have been identified
in two of the four child protection divisions in Victoria, with a number of
government offices implicated.

Leaked documents reveal senior staff adopt a "risk management" approach
when concerns are raised by victims, which include offers of home security
upgrades, free counselling and negotiations about financial assistance to
move house. In some cases temporary relocation has been organised through
individual foster care agencies.

Fairfax Media revealed on Tuesday that the Department of Health and Human
Services offered to install a $4000 security system at a foster carers'
home after accidentally handing a violent father a confidential report
detailing where his traumatised children live.

The department - which had rejected the carer's request to be moved to a
new rental property if the father came to the house - this week went back
to the negotiating table with the family after the case was made public.

Revelations of the department's failure to keep sensitive client
information confidential prompted Families and Children Minister Jenny
Mikakos to order a review of all foster care security breaches in the child
protection system over the past five years. It follows advice from DHHS
that there had been other cases where private information was accidentally
disclosed.

Now, in a separate case involving another major security breach out of a
different DHHS office, it can be revealed the department sent a foster
child's home address to a father convicted of violent offences against
children.

Internal documents show the address was meant to be protected over fears
the father could be violent towards the child, who is on an undisclosed
placement.

DHHS apologised for the breach, describing it as a "mistake". "We don't
think he's a safe character at all. We don't want him to have your
address," a senior staffer told the carers after the breach.

After negotiations with the department, the family accepted an offer for
extensive security works to be carried out on their home. "We felt like we
had no choice. It was that or nothing," the carer said. "At first they
tried to dismiss the breach as if it was nothing to worry about. Now that
we have the cameras it doesn't really make us feel any safer. They're only
there if something does happen. It won't stop it from happening."

In a third confirmed case where a foster family received a
government-funded home security system after their address was given to the
parents, the carers said the father came to their house, allegedly drunk
and drug-affected, demanding to see his children.

Foster carers have also reported home break-ins, suspicious vehicles parked
outside their houses and anonymous calls to their mobile phones in the
weeks after their home addresses were disclosed by the department.

Another Victorian carer, whose foster children are on undisclosed
placements, said when she complained that her address had been given to a
parent she was told by her agency nothing could be done. Two other carers
whose privacy was breached were offered accommodation away from the house
for the weekend.

"This isn't a one off, it's been going on for years, the addresses being
released," one carer said. "I've got a big steel bar across the door now. I
did that after all this happened."

Foster Care Association of Victoria chief executive Katie Hooper said the
organisation had supported at least half a dozen carers whose home
addresses or contact details had been "wrongly given out" in undisclosed
child protection cases.

"Unfortunately this is not an isolated incident," Ms Hooper said, adding
that there had been "lots" of calls from concerned carers over the past 48
hours. "Breaches of sensitive information indicate a level of systemic
undervaluing of the position of volunteer foster carers who are trying to
provide a sanctuary of safety for the children and young people in their
homes."

Ms Hooper said foster carers needed more support and that revelations of
privacy breaches could have the unintended effect of deterring potential
carers.

DHHS said in cases where there was a privacy breach it worked closely with
the family and "considers any option that ensures their safety and peace of
mind".

A spokeswoman said the first breach exposed this week highlighted "that
there is a clear need for improvement in our processes and responses".

The department said it could not provide details of possible compensation
paid to families affected. The government's review will not be made public
but the recommendations and the department's response will be released.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160713/4b31b012/attachment.html>