Staff at Immigration New Zealand are being accused of using a confidential client database "like a dating site", and of looking at information on wealthy applicants.
In the past year, 10 complaints of accessing client records without authorisation have been made against agency officers.
Seven cases involving nine staff were found to be substantiated. Three are under investigation.
A former immigration staff member, who spoke to the Herald on condition of anonymity, said staff sometimes logged in to look at information on wealthy and interesting clients "just for fun".
"We would joke about which client would make a good boyfriend, and recommend in jest the rich ones to our single colleagues," she said.
"It's similar to how people would look and laugh at people and the information they put on dating websites."
It was also "common" for immigration staff who had access to client files to call colleagues over to their computer screens when they found interesting information or photographs on applications.
After the Immigration investigations, one staff member has resigned, four received final warnings and another is facing disciplinary action.
In April, a Department of Labour internal audit investigator found one officer had accessed client details on three occasions and information was passed to other parties.
But no action was taken against the woman, as she was no longer working with the agency.
"The complaint was substantiated as a breach of our code of conduct and disciplinary action would have been recommended had (the woman) still been employed by the department," the investigator told the complainant.
Agency spokesman Marc Piercey said yesterday: "Immigration takes such breaches of its code of conduct extremely seriously, and misuse of client records will not be tolerated.
"It's important to note that activity when accessing client information is recorded, and appropriate action is taken against staff members who access client records for non-work related purposes."
Mr Piercey said only some staff had access to client files, and they had been given "clear instructions and guidelines" for appropriate use of the system.
As a rule, staff were permitted to look at client information only if it was work-related.
The agency made regular checks and internal audits, Mr Piercey said.
Under Immigration's code of conduct, misusing department records or giving out details about a person to unauthorised persons could result in criminal charges, a formal warning or immediate dismissal.
Other Government departments, such as Police, Work and Income New Zealand and the Inland Revenue Department, have similar rules on use of client databases.
A survey by the Privacy Commissioner's Office has shown that New Zealanders are increasingly concerned about departmental access to their information.
Eighty-two per cent of survey respondents were worried about the Government silently sharing their personal information.
Concern about health organisations sharing information without telling them nearly doubled from 32 per cent to 60 per cent.
The commissioner said the result may have been influenced by ACC's revelation that a spreadsheet of personal information of about 6700 claimants was accidentally emailed to another claimant.
The Privacy Act provides that agencies must protect personal information from unauthorised access or disclosure.
Privacy Commission spokeswoman Annabel Fordham said the commission received complaints about inappropriate "employee browsing" from time to time, and several employees in health and government agencies had been sacked for doing so.
"Increasingly, government agencies and businesses are developing policies to reinforce to employees that browsing work databases for personal reasons is unacceptable," Ms Fordham said.
"And increasingly, tracking systems are able to identify inappropriate access and use."
May: ACC employee emails 118 clients' confidential accounts for overdue levies to other clients.
March: ACC accidently emails a spreadsheet of personal information of about 6700 clients to claimant Bronwyn Pullar.
February 2011: Investigation finds North Shore Senior Constable Terry Beatson leaked information from the National Intelligence Application (NIA) network to his wife to help her custody battle with her ex-husband.
June 2009: Crown Research Institute employee allegedly discloses information from the DNA profile databank.
June 2009: Counties Manukau police officer stood down after being accused of giving information from the NIA to help a criminal avoid arrest. A second officer is stood down for the same offence in August.