Privacy Commissioner John Edwards says the Ministry of Social Development’s policy which requires social service providers to disclose client information goes too far.
Under the policy, providers will have to give the client information to the ministry when they apply for funding.
Mr Edwards said in a report released today the requirement was “excessive and inconsistent with privacy principles”.
“There is a real risk that the new arrangement will deter some people who are most in need from seeking support or assistance,” he said.
Social Development Minister Anne Tolley said the information was necessary.
“We know that many people are getting services from a number of NGOs, and we also know there are vulnerable families out there who are getting no services from NGOs,” she told RNZ.
“In order to make sure we have coverage, that there is no duplication and no gaps, we need to know who those NGOs are working with so we can make sure all vulnerable families are getting access to the services the Government provides.”
Labour and the Greens have opposed the policy from the start, and they back Mr Edwards.
“The report confirms Labour’s belief that those who are most in need of social services, such as Women’s Refuge, Rape Crisis and Mental Health Services, may be deterred from seeking support,” Labour’s Carmel Sepuloni said.
The Greens’ Jan Logie said the Government must drop the policy.
A Government IT system was shut down on Tuesday night over concerns it could breach client privacy, Mrs Tolley said.
She said her ministry told her about “a technical issue” with a portal where NGOs upload client data.
The MSD system uses a Department of Internal Affairs platform, and the portal is shared.
“No private information on clients was available,” Mrs Tolley said in a statement.
“However, a provider was able to view another provider’s folder.
“The system was shut down as a result. I’ve asked officials for advice on the next steps which will involve using a different IT platform that will be robustly tested.” NZN