New data procedures at HMRC

30 Nov 2007

Comments: 2

A Computing logo
Picture of HMRC
Shutting the stable door...

HM Revenue and Customs staff have been ordered not to transfer taxpayer data outside their offices unless it is " absolutely unavoidable".

The emergency security procedures following the lost disks scandal affecting 25 million personal records were detailed by Treasury Financial Secretary Jane Kennedy at the end of a heated Commons debate on the security breach.

Further reading

According to Kennedy, HMRC "has established a central team to handle encryption on behalf of the organisation and to ensure the proper level of encryption is used at the proper level".

"All bulk transfers of sensitive data using CDs are being encrypted and password protected where necessary.

"HMRC has removed the facility for staff to use CDs and other removable media, and only in exceptional circumstances and on approval at director level are staff given access," she said.

"HMRC is also investigating the electronic transmission of data. It is consulting with the British Bankers Association and currently undertaking further talks to agree standards for and methods of deploying electronic transfers."

Acting Lib Dem leader Vince Cable warned the House that, based on a single identity valued at £60 on the black market, the lost disks contained data valued at £1.5 billion, "which makes the Brinks Mat robbery the equivalent of stealing the church collection".

Cable questioned ministers about why the data was not transmitted electronically, warned that the move to huge government data bases now threatens "massive data loss and security", and called for a change in the law to apply criminal penalties to officials guilty of negligence or while handling sensitive personal data.

Tory shadow chancellor George Osborne derided the government's claim that the breach was the fault of a junior clerk in Newcastle and claimed there is " growing public concern" about the government's "insatiable appetite for more personal data on their citizens".

"Now is the time to scrap the flawed plans for ID cards and a national Identify Register," said Osborne.

But chancellor Alistair Darling accused Osborne of "political knockabout", claiming that ID cards will "strengthen security so that we can be confident that information that is held on us, whether in the public or private sector, is not released to third parties without our consent."

Reader comments

alistair darling comments

information is only of use if one has the intelligence to use it. There is little evidence that the majority of government departments has the intelligence to use the data it has let alone any more

Posted by: Jeff Harvey  02 Dec 2007

Encryption

Being notified by them that I was on the list; I would expect noting less than military grade encryption on stuff like that, I mean; civilians use higher security than what they used on a daily basis to protect nothing as sensitive as that. Ever heard of the IronKey; For starters if it was a couple of CD's they could have fit that info onto one of these extreme encryption flash drives. Idiots. - I'm just curious as to why they had to copy 25 million peoples info.

Posted by: Kris  01 Dec 2007

Have your say on this article

All fields required. Your email address will not be displayed on the site.

By submitting a comment you agree to abide by our Terms & Conditions

  • Digg
  • Tweet

Newsletters

Sign up for our FREE newsletters

Technology Patent Wars

Large companies such as Microsoft, Facebook and Google have been hoovering up technology patents recently. Is this stifling innovation?

88 %

5 %

7 %