Privacy failures put spotlight on digital services

How safe is your data? Banks and other financial institutions continually warn us about the need to remain alert about intrusions, suspicious activity and to keep personal details private  and nothing strikes a chord of digital fear quicker than the notion of our hard-earned, however virtual, evaporating without trace. 

In an age where cloud servers are ubiquitous and social media invisibility is diminishing by the day, privacy and identity theft are greater problems than ever.

But what about those who retain our other data, most particularly the government institutions who are responsible for collecting the details of our lives? Public confidence in the government's digital services took another hit last week when it was revealed personal Medicare details were being sold online, and the Tax Office's web customer services went down.

Revelations are also alarming because the government doesn't know the source of the breach letting a darknet vendor sell Medicare details. In February, the Australian Taxation Office's tax return program has hit trouble after the agency was forced to shut down its online customer services for several hours, only a few days into tax time and of course there was the embarrassing census debacle, the shutdown of a widely used government portal in a critical period last year. 

Taken together, these failures in government digital services speak of a larger malaise in its IT program that has been growing for some time. The 'censusfail', the notorious robo-debt program, and a litany of other IT stuff-ups have strained the public's trust in crucial government online services.

While the causes of the Medicare breach remain unknown, there are risk factors that need attention in any review of its IT security. It's significant that the number of people with access to patients' Medicare card details online has climbed as the government tries to cut costs from manual claims by directing more medical practices to its digital system. 

Given the blame for the robo-debt disaster directed at the Department of Human Services' push to cut manual processing of Centrelink debt claims in favour of an online program, the government needs to re-examine its reasons for moving them. The government shouldn't let the drive to cut costs motivate it to digitise services if changes escalate privacy risks, or client welfare without mitigating these risks better.