Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
ForumsOff topicEQC email mishap


199 posts

Master Geek
+1 received by user: 28


Topic # 115446 26-Mar-2013 12:36
Send private message

Hey all,

Having heard the news about the mistake at EQC resulting in claim details being sent to external parties (and one that has it in for EQC at that), our senior management have started to question whether we would be at risk here (as they had heard it was a 'system issue'). In this instance EQC are blaming Outlook's autocorrect functionality for the mistake.

Please see http://www.nbr.co.nz/article/privacy-commissioner-thinks-about-writing-letter-eqc-admits-breach-affected-83000-ck-137700 for a source if you are unfamiliar.

I was keen to hear others take on the whole situation. I know that auto-correct is absolutely loved by our staff here, many of whom are not massively literate computer users, so they appreciate the time savings it provides them.

Of course, human mistakes are always going to happen, I'd suggest the EQC case was a rather unfortunate one. Disabling email auto-correct as a whole seems somewhat knee-jerk to me though. Taking a step back I think emailing large documents arounds the office (for purely internal use even) was perhaps the bigger issue.

I've suggested we implement a policy of only ever sending references into our document management system around, that way if there is a mistake and something is sent to an external party, they will not be able to access the document, and really it's no harder for our staff (not to mention the other benefits - avoiding large attachments, duplicating data, etc). This generally happens now anyway, but I think it is perhaps a good time to formalise it a bit more.

Of course, always being vigilant about who you are sending to, and what you are sending them, is important!

Thoughts?

Create new topic
6324 posts

Uber Geek
+1 received by user: 391

Moderator
Trusted
Lifetime subscriber

  Reply # 787273 26-Mar-2013 14:52
One person supports this post
Send private message

My reply I am making a bucketload of assumptions.  I am not privy to the exact details, however I'm guessing on what I think has happened.

A recipient with a business relationship with the EQC has asked for a set of data to fulfill a proposal or giving a costing for some reason.  The staff member wasn't able to fulfill this in their internal system, so they exported all the data, modified it into the spreadsheet and accidentally emailed it to the wrong recipient.  Innocent enough to fulfill a need.

The big hole I'm seeing is their internal system should not allow for mass exporting of data.  Everything should be done within the system (securely) with NO exporting functions whatsoever.  If a third party needs access, this should be severely limited to exactly what they need with no deviations.  As soon as that requirement has been completed, their access is disconnected.

Everyone makes mistakes.  What amazes me is one person got this data, informed the EQC and destroyed it.  The ramifications of this could've been massive, however they weren't.  Give the employee are warning, improve your internal processes and move on from there.

14274 posts

Uber Geek
+1 received by user: 1848


  Reply # 787281 26-Mar-2013 15:04
Send private message


I think what people want to know is why the processes weren't in place initially, and should they even be using off the shelf outlook software. These heads do get paid an obscene amount, and you would hope they are employing companies at the top of the pack to implement their systems for them. I do think it is a substantial failure of their systems, considering their size and the amount they get paid. It shouldn't need human error like this to find a weakness in their systems. But NZ does tend to an an ambulance at the bottom of the cliff country.
I do however like how they did come out and admit the problem, and have been open about it. They should be commended for that.

4055 posts

Uber Geek
+1 received by user: 710

Trusted
Subscriber

  Reply # 787602 26-Mar-2013 22:43
Send private message

nate: The big hole I'm seeing is their internal system should not allow for mass exporting of data.  Everything should be done within the system (securely) with NO exporting functions whatsoever.  


In an idealistic sense I agree with you, but having worked for corporates for many years I know that underinvestment in infrastructure and the need for flexibility tend to lead to the overuse of spreadsheets for analysing or extracting vast amounts of data. It shouldn't really happen, but it's just the reality.

Fundamentally I think the problem here is that workplace email systems don't draw a clear boundary between internal vs external communication. When you prepare a new email you select recipients in exactly the same way, use the same application, and have the same opportunity to attach files irrespective of whether the recipients are internal or external.

I don't know exactly what the solution is, but without some sort of ring-fencing I suspect that a lot of organisations are a lot more vulnerable to this sort of thing than they would like to think. 

Infrastructure Geek
4056 posts

Uber Geek
+1 received by user: 195

Trusted
Microsoft NZ
Subscriber

  Reply # 787628 26-Mar-2013 23:33
Send private message

mattwnz:  and should they even be using off the shelf outlook software.


not really sure what to make of that comment.  'autocorrect' for recipients isnt a feature limited to outlook, and what would you replace it with?  a closed email system that didnt allow external recipients to receive emails?

there are solutions available for -any- email system that can 'quarantine' outgoing attachments. some of them are probably clever enough to look inside a spreadsheet file and stop an email if the file contains more than 'X' rows. this is one option that might help prevent a data leak externally while still allowing some flexibility within the organisation.

as for EQC having some massive integrated systems in place to do their job in a specific way, we have to remember that, post the christchurch quake, their 'business' has probably changed substantially.  its not like they have been rebuilding whole cities every year since first introducing systems.

I can just see the headlines now... "EQC spends time building new $3m IT system to better serve 'customers' and reduce privacy breaches.  The project will take 3 years to complete and will cause delays to existing claims by up to 1 year"

an organisation typically has priorities for projects, and i can imagine that a ground up rebuild of their internal systems is somewhere low down on that list.




Technical Evangelist
Microsoft NZ
about.me/nzregs
Twitter: @nzregs

475 posts

Ultimate Geek
+1 received by user: 86


  Reply # 787659 27-Mar-2013 08:10
Send private message

I think the main issue is why are they are using xls to view there database?

103 posts

Master Geek
+1 received by user: 11


  Reply # 787677 27-Mar-2013 09:08
Send private message

The NBR report says that the recipient was sent an Excel pivot-table.
A pivot-table should never be sent to an external party because the raw data is still sitting on the document.
At least high-light the portion that the party requires, copy & paste into a new doc, and then send it.

I'm usually a fence-sitter, benefit of the doubt kinda guy, but in this case it comes down to user error. Basic PEBCAK.
Always double-check your e-mail recipient is correct, and always make sure the attachment is correct.

1020 posts

Uber Geek
+1 received by user: 73

Subscriber

  Reply # 787684 27-Mar-2013 09:34
Send private message

I can see how it happens, especially in large organisations. We are lucky in healthcare that we have an anonymous identifier (National Health Identifier or NHI) which is 3 alpha 3 number 1 checksum character which we use for everything.

The only way to tie it back to a name and address is doing it manually, which we don't need to do. Having it means we can usually use our data comparatively safely. It is also good because we generally only do analysis to a TLA or Domicile code level so don't need addresses either.

Ironically it seems that even though we have this, we are paranoid about the EQC thing happening at my employer. Some of the guys did some analysis last year about how we could add age, domicile code, ethnicity, gender and all the other data (like GP or service providers) we have, to peg a NHI to a name and address when combining it with public data sources eg. whitepages and voting register.

Suffice to say that would take a lot of effort and time, it would probably be faster and easier to hack our system.

Jon

1245 posts

Uber Geek
+1 received by user: 137


  Reply # 787714 27-Mar-2013 10:32
Send private message

It is a business process issue, not a technical one. Sensitive information should be encrypted, there are tools available and can be deployed across assets.

I am familiar with the tools used in the insurance industry and know that exporting that amount of specific data is not supported. That would be a data warehousing task that was specifically obtained from the back end database for a particular purpose.

710 posts

Ultimate Geek
+1 received by user: 116


  Reply # 787977 27-Mar-2013 14:28
Send private message

A basic tenet of security is you put most of your security resource closest to the thing of most value.

 

In EQC’s case the thing of most value is the whole database. You do not let those without appropriate clearance near the whole data base. You do not replicate the database – full stop end of story. If data is let out it is done so in a small piece and in a controlled manner;  its ring fenced /  followed with security and returned back to the main data base or destroyed

 

If the tenet is applied the risk of a breach in security is minimised.

 

That there was a breach is an indication of incompetence. But that is no surprise. This is an organisation that is simply unskilled, at all organisational levels,with managing claims of this magnitude. It is out of its depth and it always was going to be from September 11

 

If I could implement one EQC change it would be that an EQC levy is paid but the insurance company manages the claim. Cut EQC right out of the equation.

14274 posts

Uber Geek
+1 received by user: 1848


  Reply # 787982 27-Mar-2013 14:32
Send private message

I thought there was some tool that could be applied to documents that prevented them being sent out from an organisation, so they could only be viewed and edited inhouse. A bit like library books that have a chip in them, which don't allow them to exit the building. If it does get sent outside the orgainsation its encrypted so is not viewable anyway to anyone outside the orgaisation without the key.If there isn't such a tool it could be a multi billion dollar idea.

Infrastructure Geek
4056 posts

Uber Geek
+1 received by user: 195

Trusted
Microsoft NZ
Subscriber

  Reply # 788210 27-Mar-2013 20:02
Send private message

mattwnz: I thought there was some tool that could be applied to documents that prevented them being sent out from an organisation, so they could only be viewed and edited inhouse. A bit like library books that have a chip in them, which don't allow them to exit the building. If it does get sent outside the orgainsation its encrypted so is not viewable anyway to anyone outside the orgaisation without the key.If there isn't such a tool it could be a multi billion dollar idea.


You can implement a DRM (digital rights management server) and use it with Exchange/Outlook,  and Office apps (Word/Excel/Powerpoint etc) to enforce rights on documents.  This would definitely stop an external party from accessing a DRM'd document (unless they break encryption).




Technical Evangelist
Microsoft NZ
about.me/nzregs
Twitter: @nzregs

3055 posts

Uber Geek
+1 received by user: 1538


  Reply # 788233 27-Mar-2013 20:46
2 people support this post
Send private message

= storm in a teacup IMO.

yes by all means protect your documents, but the way these things play out these days just makes my skin crawl.

A few years ago no one would have given a toss. Someone made a boo boo (it happens to the best of us) and in days gone by the recipient would have had some modicum of respect and discretion, would have deleted the email (or returned the envelope UNOPENED) and politely advised the sender. End of story, everyone would have got on with life.

Now everyone wants to score political points, have their 5 minutes of fame, and the media blow the whole thing out of all proportion...as sensationalist as our media have now become.

Just my 2 cents...









Always be yourself, unless you can be Batman, then always be the Batman

956 posts

Ultimate Geek
+1 received by user: 346
Inactive user


  Reply # 788862 28-Mar-2013 18:29
Send private message

http://www.stuff.co.nz/national/politics/8485413/EQC-email-system-shut-down

Knee jerk SHUT IT DOWN!

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.