It would have cost less than £50,000 to strip confidential data from the records of 25 million people lost in transit between HM Revenue and Customs and the National Audit Office, HMRC’s acting chair Dave Hartnett has said.
Hartnett – acting up in place of Paul Gray, the former HMRC chair who resigned as the data loss scandal broke – made the admission to MPs on the Commons Treasury committee.
The acting HMRC chief also admitted that the child benefit data on the two CDs was the latest in a string of data security breaches, acknowledging that there had been seven breaches “of some significance” since the merger between Inland Revenue and HM Customs and Excise in April 2005.
The data held on the two CDs lost in Britain’s biggest data security breach included bank details, NI numbers, and children’s names, addresses and dates of birth.
Emails released by the National Audit Office last month confirmed that HMRC officials did not want to remove the sensitive information from the child benefit data sent to the NAO because this would cost extra, bearing out a claim made earlier by the Conservative Party.
The released email text revealed that queries were raised by an NAO official, who wrote: “I do not need address, bank or parent details in the download – are these removable to make the file smaller?”
But an HMRC official replied: “I must stress we must make use of the data we hold and not over burden the business by asking them to run additional scans/filters that may incur a cost to the department,” it says.
Quizzed by the Treasury committee on the cost of desensitising the information, Hartnett initially said: “I don’t know the answer to that,” noting that the “key issue is that the data should not have left our premises anyway”.
But when pressed, he added: “I’d have thought it would be less than £50,000 but I haven’t got the precise figure.”
Hartnett later told the MPs that HMRC had subsequently established how easy it was to ensure data management contractor EDS stripped out the confidential details when it passed information to UK payments association Apacs as part of measures to protect bank accounts in the wake of the data loss scandal.
“When we needed to pass data to Apacs... we were able to segregate the data in the way you [the committee member] describe with our IT supplier – and quickly – and it is therefore a matter of huge regret that we did not do that before,” he said.
In a statement that suggests HMRC believes the NAO is partly to blame for the data loss, Hartnett added: “But I think the important issue is that those who asked for and provided that data had stepped outside the procedures we had established.”
Hartnett said he did not know how much the filtering of data for despatch to Apacs would have cost, but said no-one had alerted him that it was going to be a significant amount.