IBAC's report, Unauthorised access and disclosure of information held by the Victorian public sector, analyses key risks associated with unauthorised access and disclosure of information by Victorian public sector employees and explains how the misuse of information or material by public officers may be corrupt conduct.

IBAC Commissioner, the Honourable Robert Redlich QC said helping public sector agencies to build their corruption resistance is an important focus of IBAC.

"IBAC's research reports help the public sector understand corruption risks and provide information on how to improve systems, processes and controls to prevent corruption."

"The public sector holds vast amounts of personal information, much of it sensitive, including citizen's financial data, health records and contact details along with political and economic information. It is vital that this information is properly secured and managed."

"The case studies contained in this report demonstrate how protected information is misused for corrupt purposes."

"The report tells us that unauthorised access and disclosure of information are key enablers of other corrupt behaviour, yet they are often rated as low risk by agencies," Commissioner Redlich said.

"The unauthorised use of data has serious adverse consequences. It can threaten community safety, increase the costs of government funded projects and contracts, reduce the amount of money available for much needed public services, and make people reluctant to share information with the public sector."

"Any misuse of information, including unauthorised access or release, whether intentional or unintentional, jeopardises the valued trust that citizens have in our public institutions."

"The Office of the Victorian Information Commissioner has established mechanisms to improve information security through the Victorian Protective Data Security Framework. There is a clear opportunity, however, for public sector agencies to be more proactive in implementing safeguards," Commissioner Redlich said.

Public sector agencies can better prevent and detect misuse of information by: comprehensive audit programs to identify and deter misuse; improving procurement processes; and raising awareness among government employees and the community of risks and the importance of reporting incidents when they do occur.

This report focusing on state government is the second in a series of three IBAC reports examining information misuse risks across the public sector including issues specific to Victoria Police (published in 2019) and local government (to be published in March). The full report is available on IBAC's website.

Media contact: 0427 480 840 or media@ibac.vic.gov.au