Minister De Jonge van Healthcare acknowledges that last week he gave incorrect information to the House of Representatives during Question Time. ‘I want to correct my answers on three points, ‘says the Minister at the beginning of the debate.
Last Tuesday, the Minister said, among other things, that the GGD continuously checks privacy. It turns out to be done on a random basis. “I should have said that differently.” The Minister also thought that the system complied with the so-called NEN standard, a standard for technology. “I should have been clearer. It turned out to apply only to the software and not to the organization”.
He also hit the House of Representatives with his remark: “Someone who really wants evil, has not been washed against it.” De Jonge believes that he should not have pretended that there was no solution and that only the data thieves were responsible for the leak.
Today, the minister was criticized by his careless response to the GGD data breach. Last week it was announced that employees of the service had access to private data of people who had been tested for the coronavirus. An unknown number of data has been put up for sale. Criminals may use such data for, for example, Internet fraud.
De Jonge calls the GGD leak serious and regrets the situation. “It also affects citizens‘ confidence in testing policy.”
The Minister believes that he should have responded earlier to internal signals that there were problems with the privacy of the GGD systems. In July, GGD employees already warned about this and later reports appeared in various media.
De Jonge is grateful for the reports of reporter Daniël Verlaan of RTL Nieuws, which really made the case roll. But he says that even without this media attention there was work on an improvement plan from November onwards.
“ I admit that it should have been earlier,” he says in response to the criticism from the Chamber. But the Ministry assumed that the GGD itself had started working on the signals about unsafe systems. The Ministry spoke mainly with the GGD about scaling up the source and contact research, and not about system security.
A special number has been opened for people with questions about their potentially stolen data. The G.G.D. is going to call people who are sure their data was stolen. It’s not yet clear how big that group is.
Extra money for watchdog
De Tweede Kamer also wants extra money to be paid for the privacy watchdog Autoriteit Persoonsgegevens, which has to monitor the use of personal data. At the moment, there is one person who can be busy detecting data breaches one day a week.
It does not seem that this extra money will be settled in this cabinet period. The Cabinet is demissionary and can only make decisions on very important issues.