Tçnâ koe Jenna,

Thank you for your OIA request to the Department of Internal Affairs (included with this email)

The Department will provide its response to your request as soon as practicable and within twenty working days.  The 20th working day is 14 October 2019

Please note that in cases where the Department’s response provides information that is identified to be of general public interest, the response may also be published on the Department of Internal Affairs website.  If the Department publishes its response to your OIA request, all personal information, including your name and contact details, will be removed.

Ngâ mihi

Michelle Reed | Lead Advisor – Official Correspondence 
Te Urungi - Organisational Strategy and Performance
Te Tari Taiwhenua - The Department of Internal Affairs
45 Pipitea St | PO Box 805, Wellington 6140, New Zealand |  www.dia.govt.nz

-----Original Message-----
From: Jenna Stein <[FOI #11225 email]>
Sent: Sunday, 15 September 2019 4:00 PM
To: OIA <[email address]>
Subject: Official Information request - Data breach in 2015

Dear Department of Internal Affairs,

I have been reading online articles as part of some research I am doing on data breaches. I found a reference to a DIA data breach in 2015 in one of the comments in the comments section under one news article. I have searched online and cannot find any public information about this. So if it did happened it looks like the public may not have been notified.

The comment read "When the Internal Affairs Financial Integrity team (now called the AML team) emailed confidential information about hundreds of businesses out to each other in late 2015...."

I am hoping to find out
A. If it happened, and if it did
B. Exactly what happened and how and what information was sent out that should not have been C. If the public were notified and if not why not

The comment also said that there was human error involved and that it would not have happened if there were more than "one layer of protection" in the processes. So if this is correct I would also like to find out D. What process or system changes have been made to prevent it happening again E. What were the position(s) of the person or people who made the human errors and how does DIA decide if they are responsible or capable enough to be in positions where they have the potential to make errors like this F. What extra training they got after the incident and what has changed for new people being trained for those roles G. Whether any disciplinary information was taken H. I would also like a copy of the investigation report from the investigation of the incident please

Yours faithfully,

J Stein

-------------------------------------------------------------------

This is an Official Information request made via the FYI website.

Please use this email address for all replies to this request:
[FOI #11225 email]

Is [DIA request email] the wrong address for Official Information requests to Department of Internal Affairs? If so, please contact us using this form:
https://fyi.org.nz/change_request/new?bo...

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

hide quoted sections

Please find attached a response to your OIA request from the Department of
Internal Affairs.

 

Kind regards

 

Rachel Chrystall | Senior Advisor Official Correspondence | Regulatory
Services 
Department of Internal Affairs | Te Tari Taiwhenua
45 Pipitea St | Thorndon |Wellington 6011| New Zealand

| [1]www.dia.govt.nz

[2]cid:image003.png@01D40167.C4013620

 

References

Visible links
1. http://www.dia.govt.nz/

Dear Jenna,

Thank you for your OIA request to the Department of Internal Affairs (included with this email).

The Department will provide its response to your request as soon as practicable and within twenty working days. The 20th working day is 8 November 2019.

Kind regards

Rachel

-----Original Message-----
From: Jenna Stein <[FOI #11225 email]>
Sent: Thursday, 10 October 2019 7:38 PM
To: Rachel Chrystall <[email address]>
Subject: Re: Response to your Official Information Act 1982 ("OIA") request dated 15 September 2019 (OIA19200243)

Dear Rachel Chrystall,

Thank you for the response. My research has continued while I awaited a response. The response claims that the breach did not happen. My research suggests that that is not true.

I have now met a person who was there at the time of the breach. The person related how an "Assistant Compliance Officer" accidentally emailed a number of businesses information identifying a number of other businesses that had failed to meet a legislative requirement to provide a report to DIA by the due date and were thus in breach of law. These businesses were clearly identifiable in the email and email addresses internal to these businesses were also made available to all of the businesses receiving the email.
The person has also told me that Mike Stone the very person that wrote the letter responding to my request saying that it did not happen was there at the time this happened and was well aware of it. Mike Stone's letter even says that he had spoken to all of the staff who were in that team then who were still with DIA and none knew about it. But the person has told me that the officer that sent the email still works for DIA. She even gave me his name. So either he wasn't asked about it or he forgot about it. Neither of these seems very plausible.
So the man that wrote the reply to me knew about it so did the man who made the breach. So why is the reply saying that it did not happen? Please explain this and respond with truthful information to my request or I will have to go to the ombudsman.

Yours sincerely,

Jenna Stein

-----Original Message-----

Please find attached a response to your OIA request from the Department of Internal Affairs.

 

Kind regards

 

Rachel Chrystall | Senior Advisor Official Correspondence | Regulatory Services Department of Internal Affairs | Te Tari Taiwhenua
45 Pipitea St | Thorndon |Wellington 6011| New Zealand

| [1]www.dia.govt.nz

[2]cid:image003.png@01D40167.C4013620

 

References

Visible links
1. http://www.dia.govt.nz/

-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FOI #11225 email]

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

hide quoted sections

Dear Jenna,

Your email of 10 October 2019 provides further information to the Department and asks a new question that differs from your earlier request of 15 September 2019. Therefore, the Department considers that your email of 10 October 2019 is new OIA request which is due for response on 8 November 2019.

Kind regards

Rachel

-----Original Message-----
From: Jenna Stein <[FOI #11225 email]>
Sent: Friday, 18 October 2019 6:50 PM
To: Rachel Chrystall <[email address]>
Subject: RE: Response to your Official Information Act 1982 ("OIA") request dated 15 September 2019 (OIA19200243)

Dear Rachel Chrystall,

I made my request on 15 September. 20 Working days would have been 14 October. In your message you have restarted the 20 working days. Please explain

Yours sincerely,

Jenna Stein

-----Original Message-----

Dear Jenna,

Thank you for your OIA request to the Department of Internal Affairs (included with this email).

The Department will provide its response to your request as soon as practicable and within twenty working days. The 20th working day is 8 November 2019.

Kind regards

Rachel

-------------------------------------------------------------------
Please use this email address for all replies to this request:
[FOI #11225 email]

Disclaimer: This message and any reply that you make will be published on the internet. Our privacy and copyright policies:
https://fyi.org.nz/help/officers

If you find this service useful as an Official Information officer, please ask your web manager to link to us from your organisation's OIA or LGOIMA page.

-------------------------------------------------------------------

hide quoted sections

Dear Jenna,

 

Please find attached a response to your OIA request from the Department of
Internal Affairs.

 

Kind regards

 

 

Rachel Chrystall | Senior Advisor Official Correspondence | Regulatory
Services 
Department of Internal Affairs | Te Tari Taiwhenua
45 Pipitea St | Thorndon |Wellington 6011| New Zealand

DD: +64 4 816 4041 |Extn: 6041 | [1]www.dia.govt.nz

[2]cid:image003.png@01D40167.C4013620

 

References

Visible links
1. http://www.dia.govt.nz/