Go back
Features
Home page
News Desk
News Briefs
Columnists
Sports
Editorial
Arctic arts
Readers comment
Find a job
Tenders
Classifieds
Subscriptions
Northern mining
Oil & Gas
Construction (PDF)
Opportunities North
Best of Bush
Tourism guides
Obituaries
Advertising
Contacts
Archives
Today's weather
Leave a message

CDs

NNSL Logo .
 Email this articleE-mail this story  Discuss this articleOrder a classified ad Print window Print this page

Review called for security breach

Jason Unrau
Northern News Services
Monday, May 28, 2007

YELLOWKNIFE - The Minister of Human Resources wants a full review of department policies and procedures after a security breach involving personal information of government employees was kept from him until he was questioned by an MLA.

"I didn't become aware of it until last Thursday (May 17)," said Charles Dent. "I think it's an issue I should've been made aware of...(but) we're working to ensure we have a policy in place as to how this should be handled in the future."

Two days earlier, Dent told the assembly he was unaware of any security problems related to Human Resources' implementation of People Soft - computer software that allows employees to log overtime, determine holiday time and remuneration online.

According to Hay River South MLA Jane Groenewegen, the "window of opportunity" to obtain government employees' personal information could have been months and that she informed the department of the matter privately, "a month ago."

"Definitely the deputy minister had knowledge of this so why didn't (the department) let the minister know?" said Groenewegen adding that she did not think the matter was being treated with the gravity it warranted.

"This goes to the fact (the department) doesn't think it is serious...don't you think they would have a protocol to inform anybody, the minister or the people whose information had gone out?"

But Dent told News/North that he believed the breach was limited to the Fort Smith Health and Social Services Authority, Public Works Technology Service Centre and Industry, Tourism and Investment (ITI).

"At ITI we believe it was for a period of hours," he said. "After the self service program went online the morning of February 26, the department got a message that people could see files with the same last name."

The minister said a patch was applied to the software, which solved the problem that, according to him, was those employees sharing the same surname could access each other's files.

Personal information contained in People Soft "self service" files included Social Insurance Numbers, holiday time and sick leave, "And from that you could've figured out their salaries," said Dent.

Bank information, telephone numbers and addresses are not part of these files.