A billing system replacement at Greater Western Water came unstuck due to go-live pressures and data migration practices, leading to at least 320 privacy breaches involving customers.
The utility, which formed through the merger of City West Water and Western Water, elected to retire the billing systems of both component organisations and set up an entirely new one.
By March this year, it was clear that the project had problems, with “almost 200” customers having their bills sent to the wrong address.
An information-gathering exercise by the Office of the Victorian Information Commissioner (OVIC) found 320 potential privacy incidents, although this figure counts only the number of incidents reported by customers.
“In OVIC’s view, it is likely that the true number of privacy incidents is significantly higher,” the commissioner found. [pdf]
OVIC elected not to perform a full investigation.
The privacy incidents were ultimately caused by inaccurate information being ported into the new billing system, CustomerPlace.
Greater Western Water was aware of the issues from early on.
“The source data in the two legacy systems included inactive and dummy accounts, out-of-date customer contact details, and manual workarounds,” the utility told OVIC.
The fields, data values and formats in the older systems also did not match those in the new system.
To counter this, “81 data validation rules” were applied to the data being migrated across.
But as the go-live data approached, some of the validation rules were removed, “so that accounts that would not otherwise have met the set criteria could be loaded into the new system in time for the go-live date,” OVIC found.
There was also an oversight in the rules: “A rule to validate a customer’s preferred billing method (e.g. e-billing versus postal address, BPAY vs postal address) was not included in the validation set.
“The result was that any account listed with a preference of “e-bill or BPAY” in a legacy system defaulted to postal address in the new system when it was migrated,” OVIC found.
This led to data quality and integrity issues that have had to be manually fixed, with 320,000 records fixed so far.
There were other contributing factors as well, including that data from the two older billing systems was migrated concurrently; changes were also made to other “satellite” systems that provided data; and incomplete data was available for testing.
Additionally, there was a change to water tariffs during the project.
This change was implemented in the new system only; OVIC suggested it should also have been reflected in the older billing systems, as that would have provided a rollback option when the data quality issues in the new system materialised.
OVIC cautioned against attributing blame to any one party.
“No conclusions should be drawn as to whether Greater Western Water or its vendors were primarily at fault,” the commissioner said.
OVIC said there were lessons for other organisations around project planning, data migration and validation.
“Organisations should not prioritise deadlines and timing at the cost of individuals’ privacy,” OVIC concluded.
“While it may be frustrating to miss intended dates for a system to go live, the Greater Western Water experience demonstrates that reducing the robustness of a data validation process may have more negative impacts than a project delay.”
The utility’s chair Lisa Neville wrote in a letter to OVIC that Greater Western Water had “fallen short of the standards our customers expect, and those we hold ourselves to”.
She said wide-ranging data and privacy practice improvements had been made since.
Source link
