Myreader.co.uk  
uk news, chat and community
   home   |   control panel login   |   archive   |  
 
misc
announce
answers
consultants
d-i-y
environment
environment.conservation
gov.agency.csa
gov.local
gov.social-security
gov.social-work
misc
philosophy.atheism
philosophy.humanism
philosophy.misc
radio.amateur
railway
sci.astronomy
sci.med.nursing
sci.med.pharmacy
sci.misc
sci.weather
singles
telecom
telecom.broadband
telecom.mobile
telecom.voip
test
transport
transport.air
transport.buses
transport.ferry
transport.london
transport.ride-sharing
  
 
date: Wed, 21 Nov 2007 11:15:51 -0800 (PST),    group: uk.gov.social-security        back       
Re: The Department for Work and Pensions' record on protecting your personal information    
On 21 Nov, 18:42, Robbie  wrote:
> Mike wrote:
> > On 21 Nov, 15:30, Robbie  wrote:
> >> Syberian wrote:
>
> >>> "Phil O'Sofa"  wrote in message
> >>>news:alm7k3ps4s0f1v2fmh9unfai298sul9gkg@4ax.com...
> >>>> On 22 May 2006 17:48:20 -0700, New Deal Veteran wrote in
> >>>> uk.politics.id-cards :
> >>>>> In the early weeks of this year I discovered that the private details
> >>>>> of over 5800 people had been left on an unprotected computer desktop
> >>>>> for two weeks.  The computer was one of ten PCs in the internet access
> >>>>> room of a company called 'Instant Muscle Ltd', on Powis Street in
> >>>>> Woolwich London.
> >>>>> These computers were available & intended for use by dozens of
> >>>>> unemployed people on the government's New Deal IAP scheme. None of
> >>>>> these people had individual user accounts, no passwords were required
> >>>>> to view or copy any data left on the desktop by other users.
> >>>>> The trouble was that some of those other users were Instant Muscle
> >>>>> staff themselves.  One member of staff left behind a couple of files
> >>>>> they had been using to generate junk mail for the company...
> >>>>> How were they generating this junk mail?  They were extracting people's
> >>>>> names and addresses from an Excel spreadsheet.
> >>>> So we've been here before then?
> >>> Don't think the latest incident was the DWP's fault, think the loss of
> >>> information came from HMRC this time.
> >> well, parts of the HMRC perform functions that used to be part of the
> >> DWP / DSS. Child Benefit used to be administered by social security and
> >> a lot of the working practices are much the same as they were under the
> >> previous government department. Though in this case it was (seemingly)
> >> an error on the part of someone who appeared either not to know the
> >> procedure of how this data should be sent or wasn't being supervised
> >> adequately enough when performing their tasks.
>
> >> --
> >> Robbie- Hide quoted text -
>
> >> - Show quoted text -
>
> > Extracting this kind data held on the DWP systems is simply not
> > possible by rank and file processors.  It requires a specific scan of
> > an offline copy of the database (GMS).  When I have requested scan
> > data I've had to sign a request which was authorised by the office
> > manager and given an undertaking regarding access, keeping it secure
> > and retention.  I was under no illusion what my responsibilities were
> > and this was a scan of only a few thousand cases.
> > I would expect the HMRC to have similar in place. What I want to know
> > is WTF the NAO needed my bank details - they were not making payments
> > nor checking they'd gone in, the NAO is a high level audit.
> > As many of these customers won't be on any other benefits or credits I
> > suspect that if the info gets into the hands of criminals they will
> > use it to make false claims en-mass.
> > Attempts to use stolen ID details do occur already, I've come accross
> > a few and it's only because there were existing claims they were
> > picked up.  Had they been taxpayers with no benefits they could have
> > gone undiscovered for many many years.
>
> > Mike
>
> According to what I've read, the same data was send to the NAO months
> earlier and returned as it wasn't needed. I want to know why the data
> was being obtained (by a junior official - what do they mean by a junior
> official?) and if it wasn't needed why on earth was someone obtaining
> it, and how?
>
> I'm intrigued how every single piece of data about every recipient could
> be captured with such ease - there's more to this than meets the eye.
>
> To have data on 25% to 30% of the UK population disappear like this is a
> worrying development - the Government owe it to us all to do a little
> bit more than just apologise and send in the police.
>
> --
> Robbie- Hide quoted text -
>
> - Show quoted text -

The DWP and HMRC exchamnge data via offline data comparisons
regularly.  The data is copied from the live recorda and can then be
scanned or a variety of cross matching purposes.  The DWP requires
authorisation before the scan takes place I assume the HMRC do as
well.
I'd have to provide a very good reason to get the bank acc details
onto the scan and additional assurances re th use, security and
retention of the details is then req'd.

Mike
date: Wed, 21 Nov 2007 11:15:51 -0800 (PST)   author:   Mike

Google
 
Web myreader.co.uk


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us