Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
New South Wales: IPC issues statement on COVID-Safe business registration venues dataset
The Information and Privacy Commission ('IPC') issued, on 16 February 2020, a statement addressing concerns regarding the COVID-Safe business registration venues dataset. In particular, the IPC highlighted that it is aware of media reports suggesting a breach of the QR Code dataset.
Further to this, the IPC noted that the dataset, which was published in September 2021, did not involve a compromise of the QR Code dataset. As such, the IPC clarified that a decision had been made to make publicly available the list of businesses which had registered as COVID-Safe businesses. Furthermore, the IPC added that, in publishing that list of addresses, the Department of Customer Service ('DCS') also published, in error, addresses of businesses that were of a sensitive nature as the dataset expanded.
Moreover, the IPC confirmed that it was briefed by the DCS on the incident, including as to the circumstances which resulted in the incident, and was satisfied with the actions taken to contain, respond to, and remediate the incident. Additionally, the IPC added that the DCS undertook a review of the incident and that the findings were shared with the IPC. Finally, the IPC stated that the dataset is no longer published.
You can read the press release here.