Services Australia is planning to deploy a new intelligence and investigation system that will allow it to cross reference customer data with information held by law enforcement and other third-party sources.
The new system is a response to findings of a 2023 review of the agency’s staff safety and security arrangements following a stabbing attack at the Airport West Centrelink office in Melbourne, which left a staff member seriously injured.
Services Australia was found to be liable for the incident following a Comcare investigation and it was allocated $314 million over two years in the May 2024 budget to boost security across its service outlets.
One of the key findings of the 44 recommendations from the review released in July 2023 was for the agency to boost internal security capabilities, including tighter engagement with law enforcement to respond to aggressive customer behaviour rapidly.
Services Australia has published tender documents for the new system, which reveal that it expects the new investigation and intelligence management system (IIMS) to provide a comprehensive security information platform, including the ability cross reference sensitive customer information with law enforcement data.
“The IIMS will provide an integrated framework for managing intelligence and investigations, information management, task management, intelligence analysis, reporting, auditing, document creation, information disclosure, and brief of evidence creation and dissemination,” the tender documents state.
“Through integration with core agency systems, the IIMS will consolidate essential customer protected information with information from third party sources including law enforcement and open-source intelligence, enabling security intelligence and investigation teams to efficiently track matters from commencement to completion, manage workflows, task personnel, and deliver intelligence and investigation products to both Agency and external customers."
Ashton review
The federal government announced that the security review in response to the Airport West incident would be carried out by former Victoria Police Commissioner Graham Ashton in May 2023.
The Ashton review’s findings, which were released July that year, found that Services Australia’s customer privacy protection obligations were competing with its need to protect staff.
“There is … a strong focus in the agency on respecting the privacy of its customers’ data. This is understandable and very important when considering the personal nature of this information. That said, fears of contravening privacy legislation [have] acted at times as a dampening effect on safety measures within the agency.
“This was also determined to be the case by an internal PhD candidate who had examined customer aggression in detail. It is important that staff are aware of their privacy obligations, but also of the safety exemptions within the existing privacy legislation to deal with situations where safety-related information needs to be shared,” the Ashton review states.
iTnews approached Services Australia with a series of questions around the privacy exemptions and guidelines for implementing new platform, including which and how many staff would be have access to the new system.
A Services Australia spokesperson said that the agency was unable to respond until February when the tender is scheduled to close to new bidders.
The agency’s list of requirements for the new system, both essential and highly desirable, is extensive and ambitious in scope.
The agency wants the system to be live and operational by July 1 this year and according to the tender documents it’s seeking an off-the-shelf system to speed the deployment.
It will be required to connect to Services Australia’s core corporate systems and be able to connect to external cloud systems that the agency currently uses.
The system will also be required to integrate with a new network that Services Australia is developing to manage physical security including door locks, duress alarms and CCTV cameras.
“The product should be capable of integrating with the security network as it evolves, with the understanding that integration requirements may be updated as the network development progresses,” the tender states.
Services Australia also regards as essential the system’s ability to “manage entities and relationships, including defining, identifying and linking clusters, operations, people, objects, locations, events and projects to relevant cases or incident records.”
The tender will close to new bids February 4 this year.
_(20).jpg&h=140&w=231&c=1&s=0)
_(23).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0){kind=logo}
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
