Chancellor Alistair Darling yesterday announced the catastrophic loss of the personal records of 25m Britons. The entire Child Benefit database was exported onto disc and sent within the internal mail from the HMRC HQ in Washington, Tyne and Wear to the National Audit Office in London on the 18th October 2007.
Almost everyone who has a child under the age of 16 is affected along with older children still in full-time education.
It amazes me as to why there was such a delay for those affected to be informed of the blunder. According to a BBC News report, “Bosses at the Revenue were not told about what had happened until the 8 November … The Officials involved waited before informing their superiors in the hope that the discs would be found.”
As a parent to a child under the age of 16, I am astonished to discover the extent of what has occurred and the implications it may pose. I cannot believe that it is possible for an error as profound as this to occur in today’s world. We are continually advised by Government of the risks posed by online threats and to ensure that our documents and information is kept secure at all times; yet the biggest threat lies within the heart of Government itself - it’s employee’s. Many of the news reports state that it was due to a junior individual failing to follow procedure. In my view it should not have been possible for such an incident to occur. This information should never have left the HQ of the HMRC.
The 1998 Data Protection Act was designed to ensure that personal information was managed appropriately, however Stewart Mitchell’s report for PC Pro indicates that “the DPA appears powerless to force government or companies to accept their responsibilities”. Organisations are continually failing to secure the information in its possession. Stewart continues “In a recent study at the University of Glamorgan, 300 used disks purchased from the UK, Australia and the US were tested and four out of ten contained sensitive data, such as salary details, financial data, bank and credit account details and visa applications”. According to a report by Sky News, information of this nature could be worth around £5 per person. This values the data in excess of £60m and doesn’t take into account the losses that could potentially be experienced by every individual involved. The information contained on the discs includes names, dates of birth, bank and address details - everything a fraudster would require to set up bank accounts, carry out transactions or create a fake identity. The Government now seriously needs its procedures and security implementations and may also need to reassess its controversial identity card scheme. After all, if the Government can’t be trusted with the information it currently holds, can the electorate trust it with more detailed information?
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Recent Comments