My Department is a major user of Information Technology for the provision of customer services. The MyWelfare platform provides customers with easy access to a range of social welfare services including applying for benefits such as family payments and out-of-work payments, updating personal details, viewing payment and contribution history, and checking eligibility for schemes such as dental and optical benefits. In 2021 there have been over 2.7 million customer transactions on MyWelfare.
MyWelfare uses the highest levels of industry standard security and has been built from the ground up with security in mind. This includes the design and build of MyWelfare and a defence-in-depth approach to cybersecurity. My Department has an extensive Information Security Management System (ISMS) in place and is certified to ISO 27001 international standard. Technical staff operate and monitor all systems to the highest levels and work closely with the Office of the Government Chief Information Officer (OGCIO) and the National Cyber Security Centre (NCSC) to ensure cybersecurity best practice. For operational and security reasons, I cannot disclose further specific details of my Department’s operational cybersecurity arrangements.
Customers can access MyWelfare services with the utmost confidence using their MyGovID account, which provides a very high level of security for customers involving the use of a username and password, and a one-time code to their mobile phone. MyGovID is built on the strong SAFE/PSC identity management framework and this month reached a very significant milestone with over 3 million accounts now set up. Customers are advised to keep their MyGovID password secret, and to be wary of fake emails and text messages. Information is provided on the MyWelfare and MyGovID websites about how to stay safe online and protect personal data.
My Department will continue to modernise service delivery through even greater use of online and digital channels. The threat landscape is constantly evolving, and I am satisfied that my Department follows best practice regarding cybersecurity and will continue to invest in ensuring online services are safe and secure for our customers.