30 Nov 2007
HM Revenue and Customs staff have been ordered not to transfer taxpayer data outside their offices unless it is " absolutely unavoidable".
The emergency security procedures following the lost disks scandal affecting 25 million personal records were detailed by Treasury Financial Secretary Jane Kennedy at the end of a heated Commons debate on the security breach.
Further reading
According to Kennedy, HMRC "has established a central team to handle encryption on behalf of the organisation and to ensure the proper level of encryption is used at the proper level".
"All bulk transfers of sensitive data using CDs are being encrypted and password protected where necessary.
"HMRC has removed the facility for staff to use CDs and other removable media, and only in exceptional circumstances and on approval at director level are staff given access," she said.
"HMRC is also investigating the electronic transmission of data. It is consulting with the British Bankers Association and currently undertaking further talks to agree standards for and methods of deploying electronic transfers."
Acting Lib Dem leader Vince Cable warned the House that, based on a single identity valued at £60 on the black market, the lost disks contained data valued at £1.5 billion, "which makes the Brinks Mat robbery the equivalent of stealing the church collection".
Cable questioned ministers about why the data was not transmitted electronically, warned that the move to huge government data bases now threatens "massive data loss and security", and called for a change in the law to apply criminal penalties to officials guilty of negligence or while handling sensitive personal data.
Tory shadow chancellor George Osborne derided the government's claim that the breach was the fault of a junior clerk in Newcastle and claimed there is " growing public concern" about the government's "insatiable appetite for more personal data on their citizens".
"Now is the time to scrap the flawed plans for ID cards and a national Identify Register," said Osborne.
But chancellor Alistair Darling accused Osborne of "political knockabout", claiming that ID cards will "strengthen security so that we can be confident that information that is held on us, whether in the public or private sector, is not released to third parties without our consent."
Being notified by them that I was on the list; I would expect noting less than military grade encryption on stuff like that, I mean; civilians use higher security than what they used on a daily basis to protect nothing as sensitive as that. Ever heard of the IronKey; For starters if it was a couple of CD's they could have fit that info onto one of these extreme encryption flash drives. Idiots. - I'm just curious as to why they had to copy 25 million peoples info.
Posted by: Kris 01 Dec 2007
Have your say on this article
Newsletters
Latest stories from Public Sector
Latest videos
You may also like
Public Sector jobs
Will Google’s new privacy policy impact how you use its services?
Garry Sidaway, director of security strategy at Integralis discusses the current threats to enterprises, and how they should protect themselves
Rubbish in... rubbish enterprise. Why proper data management is so important (video, 6 min)
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Upcoming Events
The implementation of robust, relevant digital strategies is more crucial than ever to the success of insurance businesses
Date: 01 Mar 2012
Time: 09:00am
A showcase of the latest in the information content and management
Date: 20 Mar 2012
Time: 09:00am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
