❓ Question regarding government agencies failing to adequately secure personal information on disposed computer equipment. The government acknowledges the issue and outlines steps taken to address it, including guidelines, contractual agreements, and agency communication.
AnsweredQoN 3233Legislative Assembly
QuestionView source ↗
(a) why have people’s personal, private and very sensitive information not been kept safe by the Government;
(b) has any official action been taken to find out why the above happened; and
(i) if the answer is yes, what specific actions have been taken and what staffing and funding have been allocated to undertake these actions; or
(ii) if no, why not; and
(c) are there any plans in place to make sure that this does not happen again; and
(i) if the answer is yes, what specific actions have been taken and what staffing and funding have been allocated to undertake these actions; or
(ii) if no, why not?
(b) has any official action been taken to find out why the above happened; and
(i) if the answer is yes, what specific actions have been taken and what staffing and funding have been allocated to undertake these actions; or
(ii) if no, why not; and
(c) are there any plans in place to make sure that this does not happen again; and
(i) if the answer is yes, what specific actions have been taken and what staffing and funding have been allocated to undertake these actions; or
(ii) if no, why not?
AnswerView source ↗
Answered
6 May 2008
Responded by
Minister for Public Sector Management
Response time
35 days
Department of the Premier and Cabinet advises:
(a) The Auditor General found that all seven agencies audited did have a process in place for the secure removal of data from computer equipment prior to disposal, however it was either inadequate or was not applied consistently.
(b) Yes. The Office of e-Government has discussed the reasons why information was left on ex-Government computers with the Office of the Auditor General in order to take remedial action.
(i) The State Records Office has developed a
Sanitizing of Hard Disks and Magnetic Media Guideline
for agencies to follow. This guideline must be followed as part of the State Records Office new Standard 8: Digital Recordkeeping.
The Office of e-Government has also met with the Department of Treasury and Finance who have agreed to address this issue at a contractual level under Common Use Arrangement 5105 for the Disposal of Information & Communications Technology Equipment.
The Director General, Department of the Premier and Cabinet as Chair of the e-Government Sub-Committee wrote to agencies on 31 March 2008 to draw their attention to the issues, and recommended that they include appropriate media sanitization policies and procedures into existing information security frameworks, and to ensure that these are carried out. The letter also referred agencies to media sanitization products available that have been endorsed by the Defence Signals Directorate.
(ii) Not applicable
(c) Yes.
(i) Specific action listed above in (b i). Staffing and funding is an issue for each individual agency.
(ii) Not applicable
Notice: This document is created or edited using unregistered or evaluation copy of rtLib valid for testing or development purposes only. To use it for productive or any other purposes please register it. You may purchase the license on
http://www.rtlib.com
(a) The Auditor General found that all seven agencies audited did have a process in place for the secure removal of data from computer equipment prior to disposal, however it was either inadequate or was not applied consistently.
(b) Yes. The Office of e-Government has discussed the reasons why information was left on ex-Government computers with the Office of the Auditor General in order to take remedial action.
(i) The State Records Office has developed a
Sanitizing of Hard Disks and Magnetic Media Guideline
for agencies to follow. This guideline must be followed as part of the State Records Office new Standard 8: Digital Recordkeeping.
The Office of e-Government has also met with the Department of Treasury and Finance who have agreed to address this issue at a contractual level under Common Use Arrangement 5105 for the Disposal of Information & Communications Technology Equipment.
The Director General, Department of the Premier and Cabinet as Chair of the e-Government Sub-Committee wrote to agencies on 31 March 2008 to draw their attention to the issues, and recommended that they include appropriate media sanitization policies and procedures into existing information security frameworks, and to ensure that these are carried out. The letter also referred agencies to media sanitization products available that have been endorsed by the Defence Signals Directorate.
(ii) Not applicable
(c) Yes.
(i) Specific action listed above in (b i). Staffing and funding is an issue for each individual agency.
(ii) Not applicable
Notice: This document is created or edited using unregistered or evaluation copy of rtLib valid for testing or development purposes only. To use it for productive or any other purposes please register it. You may purchase the license on
http://www.rtlib.com
Explore WA Government Data
Search the full archive in the free dashboard, or query programmatically via API.
Explore more
Government Gazette
Appointments, regulatory notices, planning changes.
Hansard
Debates, questions, speeches and sentiment.
Tabled Papers
Reports and documents tabled in Parliament.
Committees
Committee profiles and recent reports.
Regulations
Subsidiary legislation with filters and summaries.
Bills
Proposed laws and parliamentary progress.
Acts
Current WA legislation and summaries.
Explanatory Memoranda
Bills with EMs (text/PDF) available.
Members
MP profiles, party breakdown and rankings.
Pollie Rankings
Data-driven rankings across 19 categories.
Amendment Chains
Track how schemes and regulations evolve over time.