Probe into HMRC data leak to report in three weeks

The review of the data loss fiasco at HM Revenue and Customs will report within three weeks on the “exact circumstances” that led to 25 million people’s personal and bank details being lost in transit to the National Audit Office, the Treasury has promised.

Share

The review of the data loss fiasco at HM Revenue and Customs will report within three weeks on the “exact circumstances” that led to 25 million people’s personal and bank details being lost in transit to the National Audit Office, the Treasury has promised.

Chancellor Alistair Darling announced the review in a statement to the Commons earlier this week. It will be carried out by a team from PricewaterhouseCoopers, led by the firm’s chair, Kieran Poynter.

The Treasury’s announcement of terms of reference for the review follows publication by the NAO of email correspondence showing that HMRC had been reluctant to filter out bank details and other confidential information from the information it sent to the audit body because this would have cost it extra.

The Poynter review will be carried out in co-operation with the Independent Police Complaints Commission and the information commissioner and will “take into account” the current investigation by the Metropolitan Police.

It is set to examine not only the loss of the data sent to the NAO, but also the department’s earlier losses of confidential information on CDs and a laptop computer.

The review will probe HMRC’s practices and procedures for handling and transferring confidential data on taxpayers and benefit recipients, the way these procedures are communicated to staff and the safeguards in place to ensure they are adhered to, the Treasury said,

Poynter’s team will also look into why HMRC’s procedures failed to prevent the loss of confidential data.

The review will report by 14 December and make interim recommendations on any further urgent measures that HMRC should put in place to safeguard its data.

A fuller report in the spring will consider the wider implications of the HMRC debacle and how the department’s procedures can be strengthened in future.

Now read:

ICO targets organisations and individuals in push to criminalise data leaks

Probe into HMRC data leak to report in three weeks

Emails confirm HMRC kept bank details on lost discs to save money

Government stands by security of ID cards data plans

HMRC crisis puts spotlight on ID cards

HMRC kept bank data on lost discs to save money, Tories claim

Government CIO warns against more giant databases

Security experts savage HMRC over data regime

Information commissioner demands more power after HMRC data breach

Security experts savage HMRC over data regime

Consumers distrusted government data security before HMRC scandal

Chancellor squirms, revenue and customs chief quits over 25 million lost records

HMRC data loss was theft, claims Abagnale

Chancellor faces up to UK's worst-ever data breach

Gartner: UK banks could be forced to close accounts after HMRC data loss scandal

HMRC taking 'precautionary measures' after loss of 15,000 records

Lose an unencrypted laptop 'and face criminal action'

Editor's blog: Sack the chancellor

Find your next job with computerworld UK jobs