Careless data handling appears to be rife....

  Forum Editor 07:12 22 Aug 2008

and has again resulted in a serious breach of the data protection legislation - this time by a commercial organisation employed by the government.

click here

  Seth Haniel 08:21 22 Aug 2008

Government leak ;)

  Bingalau 08:28 22 Aug 2008

The person responsible for losing the memory stick should be punished and sacked. Maybe that would set an example and make the other idiots who are probably stealing these gadgets anyway, think again.

  interzone55 08:57 22 Aug 2008

Please explain how this is a Government leak when it was a private company that lost the memory stick.

"Details of 84,000 prisoners in England and Wales were lost by private firm PA Consulting"

  Seth Haniel 09:05 22 Aug 2008

"employed by the government"

Think that is the line you're looking for ;)

  laurie53 09:05 22 Aug 2008

It's called vicarious liability, and is in much the same category as ministerial responsibility, not that that seems to counts for much nowadays.

What I can't understand is what job, at normal levels, is so important that it is necessary to carry so many records around?

In a similar case, was it really necessary for one lowly lieutenant to carry around the details of every potential recruit in the country?

Or can people not be bothered to extract just the data they actually need from the relevant files?

  Seth Haniel 09:17 22 Aug 2008

said he was "absolutely horrified" by the loss and "government incompetence". click here

  SimpleSimon1 09:19 22 Aug 2008

Speaking as a data consultant, I think that the problem is not so much loosing a memory stick but why the government sent out UNREDACTED data.

I have no problem with external agencies being comissioned to carry out research and, according to the first press reports, the data was sent out to them encrypted. BUT, if what we hear is true (!), why the heck weren't the personal details stripped first?

After all, it's pretty flipping easy to substitute names for arbitray numbers and I would have thought that exact addresses could also be lost without affecting any research. That way, if the data did get lost, it's impact wouldn't be nearly so great.

Why can't I get rid of this nagging feeling that, the data request was handed off to a junior clerk than someone who actually understood data security?

Makes you feel so confident about ID card data, doesn't it.....

  Woolwell 11:32 22 Aug 2008

My understanding is that PA Consulting were employed to track and analyse serious and prolific offenders. They may well have required all of the personnel details. However PA Consulting were reportedly send the details encrypted. I fail to understand why someone then put these on a memory stick unencrypted. If the memory stick was used to hold the data and then locked away when not in use then I can understand its use but otherwise I think that its use is very questionable.
Disciplinary action must be taken against the employee at PA Consulting.

The Government's role in this is surely limited to what steps they took to check that the data was being correctly handled by the consultants. They didn't lose the stick.

  spuds 12:00 22 Aug 2008

I could be wrong, but there are literally thousands of company homeworkers who are in daily receipt of confidential information. There is in all possibilities, some of this information is not going to regarded as a top priority security issue by some people (human nature!). This might change (slightly) if a special offences law was passed, or present laws made stronger and more enforceable regarding issues of this kind.

  jack 12:11 22 Aug 2008

Is to lay down that no data leave government secure premises.
Surely it would be just as easy to contract in consulting staff to carry out such work on site, as it is to send it out.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

These brilliant Lego posters show just what children's imaginations are capable of

Mac power user tips and hidden tricks

Comment réinitialiser votre PC, ordinateur portable ou tablette Windows ?