In the wake of the Commission's 2018 Report into unauthorised release of confidential information of the Public Transport Authority, the Public Transport Authority has tightened its controls over confidential information and reinforced to staff the seriousness of accessing sensitive and personal material.
The Commission's investigation exposed how a Public Transport Authority employee took advantage of a colleague leaving their computer unattended and logged in, to access the confidential personal information of 1,750 PTA employees’ details, which he then leaked to the Australian Rail Tram and Bus Industry Union.
The Commission formed an opinion of serious misconduct in respect to the employee's conduct.
In response to the Commission's recommendations, the Public Transport Authority has made a number of changes to develop a more robust approach to securing their confidential information across their information technology systems and to ensure employees only have access to the information relevant to their roles.
The Public Transport Authority has also provided training and information to employees to ensure they are aware of their obligations in relation to accessing and disclosing confidential information.
Confirmation of the new regime is in Review of recommendations made following unauthorised release of confidential information from the Public Transport Authority, tabled in State Parliament today.
Data and information misuse is a growing concern in the Western Australian public sector, and a key priority area for the Corruption and Crime Commission.
Today's report serves as a reminder to all public sector agencies of the importance of IT security measures and records management, particularly when it comes to accessing confidential information.
Members of the public expect that their information is not being accessed by or disclosed to anyone who does not have a legitimate and lawful reason to do so.