Marist Brothers advise Privacy Commissioner of email breach

The error happened on May 9, the day the order made a public apology to abuse survivors in Auckland. The email advised of a delayed start time for the event. Email addresses of recipients were visible.

Abuse survivor Steve Goodlass said the breach was appalling. He said one survivor whose identity had never been revealed was distraught.

In an email sent on May 11 to survivors, the Marist Brothers’ professional standards manager Jonathan Sankey said he sincerely apologised for the privacy breach, which “should not have happened”.

Mr Sankey said he had reported the matter to the Privacy Commissioner and the Marist Brothers were also undertaking an internal review. He asked all the recipients to permanently delete the email and not save contact details.

He said the email contained email addresses for survivors, advocates, supporters and “stakeholders”. He said he recognised the situation could be upsetting or retraumatising for survivors and offered independent support.

The Privacy Commissioner’s office told Stuff that an organisation which had a privacy breach “that either has caused or is likely to cause anyone serious harm” must notify the Commissioner and anyone affected as soon as possible. “We would expect it to be an organisation or business who would provide any further detail they would want to share in relation to any breach.”

FULL STORY

‘Appalling’ email bungle exposes abuse survivors’ identities on day of apology (By Steve Kilgallon/Stuff)