Myreader.co.uk  
uk news, chat and community
   home   |   control panel login   |   archive   |  
 
misc
announce
answers
consultants
d-i-y
environment
environment.conservation
gov.agency.csa
gov.local
gov.social-security
gov.social-work
misc
philosophy.atheism
philosophy.humanism
philosophy.misc
radio.amateur
railway
sci.astronomy
sci.med.nursing
sci.med.pharmacy
sci.misc
sci.weather
singles
telecom
telecom.broadband
telecom.mobile
telecom.voip
test
transport
transport.air
transport.buses
transport.ferry
transport.london
transport.ride-sharing
  
 
date: Sat, 24 Nov 2007 22:15:56 +0000,    group: uk.gov.social-security        back       
What the DWP is doing to protect your personal details    
On Thursday the DWP mailed us this circular (below) which tells us to
"suspend" sending them your unprotected personal info by courier company
(in this case not TNT).  It includes their internal memo at the end.
On Friday "a junior official"  rang us to make sure we'd got the
circular.
We told him we'd had it, shared it and put it on our joke board.


"Temporary suspension of data flows between DWP and local authorities
From: Paul Howarth, DWP, Head of Housing Benefit Strategy Division

1       I am writing to you urgently about data flows between DWP and
local authorities (LAs).
2       Although we have no reason to believe that there is cause for
concern about DWP data transfers, in light of yesterday’s announcement
by the Chancellor about HMRC, DWP have initiated a review of current
processes as part of good practice. As part of this review, DWP have
decided to temporarily suspend all data flows between DWP and local
authorities.
3       During this period, LAs should not transfer the Single Housing
Benefit Extract (SHBE) nor the Housing Benefit Matching Service (HBMS)
scan. However, these data should continue to be extracted as normal
without being dispatched. At the end of this period, the data will be
collected and processed as normal.
4       For data flows from DWP, LAs should not expect to receive fraud
and error referral data, risk score review lists or scan data during
this period. Again, we will dispatch this information once this
temporary suspension period has concluded.
5       I appreciate you will be concerned that this temporary
suspension of data-matches may interrupt your regular flow of work in
addressing fraud error, and that this could make it more difficult to
meet your targets, particularly PM10.
6       First, can I assure you that we will be doing all we can to
ensure that we can resume the data-matching service as soon as possible,
so hopefully any impact will be minimal.  Second, we will take this into
consideration in our forthcoming review of the 2007/8 targets, which
have already promised to undertake as part of our normal business.  We
will send another bulletin out as soon as possible and meanwhile I would
be grateful if you could hold off making further enquiries until we can
provide you with more information.

7       In the meantime you might also be interested to read the
following note sent to all DWP staff:
                In the light of yesterday’s news about data lost by
HMRC, you will not be surprised that we are undertaking a review of our
own procedures.
                We have no reason to believe that any DWP security
processes have not been followed, but as good practice we believe we
should take stock.
                While we do so, we are introducing a brief, temporary
suspension of any movement of data by disc, tape or memory stick through
the courier or postal system. This will allow us to check compliance
with our processes and policies. This applies to any customer, or staff
data.
                We will tell you when this temporary suspension is
lifted. Until then, data of this kind should not be sent physically
through the courier or postal system without the explicit, written
consent of Mike Truran, CIT Service Delivery Director. In the first
instance any questions on this can be directed to your line manager who
will speak directly to your business continuity manager.

Paul Howarth, DWP, Head of Housing Benefit Strategy Division"
-- 
Sue @ Darkside Borough Council

Local government: whenever we look like making ends meet, Blair moves the ends
date: Sat, 24 Nov 2007 22:15:56 +0000   author:   Sue lid

Re: What the DWP is doing to protect your personal details    
Sue wrote:
> On Thursday the DWP mailed us this circular (below) which tells us to
> "suspend" sending them your unprotected personal info by courier company
> (in this case not TNT).  It includes their internal memo at the end.
> On Friday "a junior official"  rang us to make sure we'd got the
> circular.
> We told him we'd had it, shared it and put it on our joke board.
> 
<snip>
Look - they have published it online:

http://www.dwp.gov.uk/housingbenefit/news/newsletter/bulletins/2007/u3-2007.pdf

I am mildly surprised, as I would have expected them to want to keep 
this one quiet.

The question I would like to see asked of HMRC, and which no newspaper 
seems to be asking is, 'what policy did this junior offical actually 
break?'.

As far as I am aware, it is quite routine for unencrypted discs 
containing sensitive data to be couriered around the country.

Consider the HBMS extract, -which for other readers of the group- is a 
monthly dump of just about all the identifying information on every HB 
and CTB claimant for each local authority. This is either unencrypted or 
encrypted so lightly that I am confident I could crack it in 5 days.
I somehow doubt that the courier riders are all vetted before carrying 
these discs off to the DWP office where they are used.

Perhaps the type of internal post he used wasn't recorded, even though 
operated by TNT. That doesn't sound like such a huge error on the junior 
official's fault. The security risk was there, regardless.

I am also somewhat surprised that the missing discs were noticed. I 
would have expected new ones to be burned and sent, and for the others 
to be 'forgotten'. I expect there was a lot of tactically poor 
ass-covering by email, and so the errant dept then couldn't feign a more 
harmless admin cock-up.

Oh, one more thing! This week I was handling the HBMS discs in my local 
authority, and for some reason we had an extra one, which had 'CHB 
national scan' written on it. It turned out not to be what it sounded 
like - just mismatches from our caseload against the national database, 
but it was a heady few minutes while I checked!
date: Sun, 25 Nov 2007 00:45:24 +0000   author:   anthonyberet lid

Re: What the DWP is doing to protect your personal details    
On Sun, 25 Nov 2007 00:45:24 +0000, anthonyberet <nospam@me.invalid>
wrote:


>Oh, one more thing! This week I was handling the HBMS discs in my local 
>authority, and for some reason we had an extra one, which had 'CHB 
>national scan' written on it. It turned out not to be what it sounded 
>like - just mismatches from our caseload against the national database, 
>but it was a heady few minutes while I checked!

Ian Hislop on HIGNFY amused the audience by waving a cd briefly to
camera before returning it to his jacket pocket. :)
-- 
http://www.orderonlinepickupinstore.co.uk
Ah fetch it yourself if you can't wait for delivery
http://www.freedeliveryuk.co.uk
Or get it delivered for free
date: Mon, 26 Nov 2007 22:05:18 +0000   author:   Mogga

Google
 
Web myreader.co.uk


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us