The Government’s track record in data handling does little to warrant trust from the British public. To date, across various departments, they have lost in excess of 29 million records consisting of information pertaining to 5,000 prison staff, 21,000 hospital patients, 600,000 members of the navy, marines and air force, and 25 million child benefit recipients. These losses are just those that have been made public and there can be no doubt that there have been countless other incidents that have yet to surface.
You would often expect the leader of a company to react to such acts of carelessness with regret. However, the leader of the party to blame for these data losses is quoted as saying (after the loss of an unencrypted memory stick in a pub car park), “I think it is important to recognise that we cannot promise that every single item of information will always be safe because mistakes are made by human beings.”
For an organisation handling the type of confidential data that the government has access to, you would think there would be systems in place to ensure human error is accounted for and protected against. Alas, in contrast the government’s cavalier and almost arrogant attitude towards data loss has become somewhat alarming – any organisation that openly admits data loss is acceptable simply cannot properly understand the value and importance of the information they have been entrusted with.
It is, however, often easy to lose sight of just how valuable data is in an age that demands access to information anywhere and anytime. It is only natural that people will lose sight of the importance of that information. The result is an inherent attitude towards data where it is not treated with the care and respect it deserves. Data is so valuable it should be treated in the same way as cash – controlling who has access to it and monitoring its use carefully.
In a recent report by KPMG UK (Data Loss Barometer – September 2008), it was stated, “Risks and errors are greatly reduced by implementing appropriate and clearly defined procedures around the use and handling of data. Staff need to understand what is expected of them with regularly implemented, tested and updated awareness training and education programmes.” The report also recommended, “Given the personal data they store and the relevance to the general public, it is essential that government organisations reduce the amount of personal data they store and ensure this is securely stored.”
Despite this simple but effective advice from a highly respected advisory body, the government is still failing to take any of it on board. It has been argued that this is because there is no clear message coming from the top – Mr. Brown. Without this clear direction and guidance from the top level of power it is difficult to see how, or even if, this government will change its ways in the near future.