84, 000 personal details lost, by the Government (again).
As the government data losses just keep piling up – NHS, HMRC, MoD, NHS (again), MoD (lots), the lastest farce is due to the Home Office.
In their infinite wisdom the Home Office subcontracted the handling of the personal details for 84,000 prisoners to PA Consulting. As the name, PA Consulting, implies, they are a consulting company who are a general consulting/HR/PR/kind of company, who the Government just love, its all very vague.
PA Consulting were in possession of the 84,000 details which were “stored securely”, however the data was copied onto a USB drive, which has since been lost. Two obvious points here: Firstly – its not secure if you can just copy off data. Secondly if data need to be copied off, why was it not put on an encrypted media? Stopping this sort of data loss is not rocket science.
Also, how many other times has data been copied off and stolen, rather than lost? Could somebody have produced a previous copy and then duplicated that, therefore leaving no evidence of there being multiple copies of data? Do PA Consulting have records for logging/preventing people copying data to USB drives, almost certainly not (as most companies don’t).
There are well documented methods to secure servers, secure removeable media, and prevent people from losing/stealing data, but despite this the government fails, time and time again, to solve the problem. The question of “What data loss is too much?” needs to be asked again, its unlikely to be this, with just 84,000 records of criminals lost – compared with previous loss of 25 million records of families which had no real effect on the governments data security either
To quote PA Consulting, “Clients call us when they want….counter-intuitive thinking and groundbreaking solutions”.
Well its pretty counter intuitive thinking to allow 84,000 records to be stored unecnrypted, unsecured and not logged.