Press room: Wed, 21 Nov 2007
Child Benefit data loss demonstrates 'Stone Age' information integration processes, claims Quicksilva
The loss of Government CDs sent by unregistered internal post containing the records of 25 million people receiving child benefit demonstrates not only a failure of information governance standards, but also a 'Stone Age' approach to secure information transfer. This is the view of integration specialists Quicksilva, who work with healthcare organisations, including 75 per cent of the UK's chemists, to deliver secure connections to the NHS' Spine database.
The records were downloaded by a junior official at Her Majesty’s Revenue and Customs (HMRC) in Washington, Tyne and Wear, onto password protected CDs and then sent unregistered through internal post to the Audit Office in London. They have not arrived and no record of them has yet been found. The records contain the names, addresses, dates of birth and National Insurance numbers of the entire HMRC child benefit database, which also includes the bank account details of more than seven million parents, guardians and carers.
“In the 21st century to be sending confidential information through the post is inexcusable and completely unnecessary given the technology available,” commented Gayna Hart, managing director, Quicksilva. “These practices are prehistoric when compared to the connected, joined-up government that citizens are coming to expect.
Given that this information is stored in data centres across the country all that is needed is to either provide secure access to those that need it, such as the Audit Office or if data needs to be transferred use secure messaging to integrate with the correct systems electronically.
This type of approach is working well in the NHS with secure access to the Spine database containing patient records for thousands of healthcare organisations and workers and there is no reason the model cannot be copied across Government. This delivers role-based security, audit trails and a straightforward way of enforcing information governance standards rather than relying on the vagaries of the internal post.
I know there is a trend toward CfH-bashing but there are valuable lessons to be learned from the NHS which can be applied across the whole of Government IT.”
