iTnews

Coding error behind missing child protection reports in Qld

By Paris Cowan on Oct 20, 2015 12:06PM
Coding error behind missing child protection reports in Qld

Deloitte’s OneSchool findings made public.

A simple but undetected coding error has been blamed for the failure of Queensland’s OneSchool system to successfully transmit hundreds of reports about school children at risk of abuse in the first half of this year.

Education Minister Kate Jones today publicly released the findings [pdf] of a Deloitte investigation into the issue, which was triggered by a software upgrade to the mandatory child protection reporting module of OneSchool in January.

The software failure, which resulted in the disappearance of up to 1000 serious messages from teachers and principals, was described by one state Education executive as “the most serious situation we had ever faced at head office”.

Deloitte traced the failure back to a contracted software developer responsible for the January update.

The system amendment was designed to allow the most serious child protection reports, according to a common risk matrix, to be sent directly to the Queensland Police Service without additional reference to the Department of Communities, Child Safety and Disability Services (DCCSDS).

But the developer failed to remove existing coding logic that blocked messages from being sent if they did not have an @communities.qld.gov.au listed in the ‘to’ field.

Therefore, all QPS-only reports - which included the highest-risk children identified by teachers and principals in the period - never made it out of the OneSchool system, despite being flagged as successfully sent.

The Deloitte consultants also found that the testing process for the software update failed to pick up on the error.

They concluded that a second staff member, on testing duties, failed to properly count the number of test messages generated by the new module - missing the fact that QPS-only messages were not being generated.

At the time, the Department of Education did not routinely conduct peer unit testing on OneSchool code before it was released into the test environment, the report found.

The new code went live on January 19 2015 after receiving a clean bill of health.

The error was not picked up until the original developer discovered it while scanning the codebase for an unrelated bug on July 29 2015.

The discovery prompted the department and state Labor government to enter crisis mode.

Within 24 hours of the discovery, Minister Jones went public with the revelation. It triggered the department to use its emergency text message facility to immediately contact all principals and alert them of the issue.

The report declined to name the third-party firm that supplied the software developer to the department, but revealed seven contractors - including the original author of the faulty code - had been placed under a contract executed on September 3 2013.

Jones previously stated that an external software developer and an internal testing officer had been stood down over the incident. CIO David O’Hagan also stood aside while the review was underway.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
deloittedepartment of education and trainingeducationitgovernmentitoneschoolqueenslandsoftwaretesting

Partner Content

Don't miss Australia’s premiere IoT Conference on 9th June
Promoted Content Don't miss Australia’s premiere IoT Conference on 9th June
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
5 essential digital transformation ideas
Promoted Content 5 essential digital transformation ideas
Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • 11th Annual Fraud Prevention Summit 2022
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Paris Cowan
Oct 20 2015
12:06PM
0 Comments

Related Articles

  • WA Education forced to restart schools system overhaul
  • Victoria to run AI over CCTV footage to pinpoint road incidents
  • Qld Police stand up Axon portal for community evidence uploads
  • Queensland locks in 2023 for digital driver's licence rollout
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'

Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co sizes up six-figure customer exodus a year to fixed wireless

Digital Nation

CTO Juergen Mueller offers a glimpse into SAP's metaverse play
CTO Juergen Mueller offers a glimpse into SAP's metaverse play
COVER STORY: Data and IoT set digital agriculture on a sustainable future
COVER STORY: Data and IoT set digital agriculture on a sustainable future
Why do DeFi and DAOs matter to business?
Why do DeFi and DAOs matter to business?
COVER STORY: A Year in the Metaverse
COVER STORY: A Year in the Metaverse
Lendlease launches its own metaverse in Milan
Lendlease launches its own metaverse in Milan
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.