Yesterday's fiasco over the missing Child Benefit data raises an awful lot of questions. One of the most obvious in my mind is if one junior official had the authority to download the entire Child Benefit data and send it in the post, how many other people had access to that data? More worryingly, if this is true in HMRC with Child Benefit, what is going to happen when all our medical histories are on a single NHS computer that can be accessed by tens of thousands of people up and down the country? Of if a national ID database is set up which gradually acquires more and more personal data of every single person in the country?
Don't get me wrong - I'm a great fan of technology! But surely where government is going to be run on the basis of huge databases of this sort, the security processes involved must be absolutely watertight, and given how difficult that is, we should be wary of any unnecessary accumulation of all our personal data in one place.
As for sending the data in the internal post on a couple of unencrypted CDs......
Wednesday, 21 November 2007
Data going missing
Subscribe to:
Post Comments (Atom)
5 comments:
You think that the decimation of civil service staff numbers may have something to do with it? If one person is now doing the work of three then perhaps errors are more likely...
Can we take the government to the Small Claims Court ?
Steve, I am so angry about this.
This is the worst mistake an organisation could make let alone a government department.
The government simply must not be allowed to brush this one under the carpet or spin their way out of it.
This one must not be forgotten and I feel the no to ID cards campaign may have just received exactly the avidence it needed.
*evidence
We don't know that the person who made the CD and put it in the internal mail was the same person who made the image on the CD. It's quite possible that making the image needed a fairly high level of authorization, and that the person who did it thought burning the CD was infra dig, and anyway the image was protected by password now so it was all right to give it to somebody less important to do the menial stuff. (This sort of reasoning occurs more often when there are staff shortages as the self-important or genuinely busy are more conscious of how they spend their time.) Or maybe somebody clueless but senior told one person to make the image and then gave it to another person to burn.
Though, as Ross Anderson said on PM last night, the auditors should in any case have worked under a non-disclosure agreement on-site on the live system.
The person who put the disks in the post is a long way from the guilty party, especially as many organizations don't like junior people who ask questions.
Post a Comment