HALIFAX – A pair of reports slam the Nova Scotia government for failing to protect personal information, saying the risk management around its freedom-of-information website was inadequate and a privacy breach last year was preventable.
In his report released Tuesday following a nine-month investigation, provincial Auditor General Michael Pickup says the breach was a “very clear example” of what can happen when government doesn’t protect the personal information entrusted to it.
“The inappropriate disclosure of personal information is actually not surprising given the extent of the failures found during our audit,” said Pickup.
A second report by Information and Privacy Commissioner Catherine Tully says the immediate cause of what were a series of 12 breaches by two individuals between Feb. 27 and April 3 of last year was a design flaw in the freedom-of-information website portal.
She adds the breaches were ultimately preventable and were caused by a “serious failure of due diligence” in the deployment of a new technology tool.
The initial breach on March 3 wasn’t detected until a month later when it was inadvertently discovered by a government worker…