Huawei P10 review
and has again resulted in a serious breach of the data protection legislation - this time by a commercial organisation employed by the government.
The person responsible for losing the memory stick should be punished and sacked. Maybe that would set an example and make the other idiots who are probably stealing these gadgets anyway, think again.
Please explain how this is a Government leak when it was a private company that lost the memory stick.
"Details of 84,000 prisoners in England and Wales were lost by private firm PA Consulting"
"employed by the government"
Think that is the line you're looking for ;)
It's called vicarious liability, and is in much the same category as ministerial responsibility, not that that seems to counts for much nowadays.
What I can't understand is what job, at normal levels, is so important that it is necessary to carry so many records around?
In a similar case, was it really necessary for one lowly lieutenant to carry around the details of every potential recruit in the country?
Or can people not be bothered to extract just the data they actually need from the relevant files?
said he was "absolutely horrified" by the loss and "government incompetence". click here
Speaking as a data consultant, I think that the problem is not so much loosing a memory stick but why the government sent out UNREDACTED data.
I have no problem with external agencies being comissioned to carry out research and, according to the first press reports, the data was sent out to them encrypted. BUT, if what we hear is true (!), why the heck weren't the personal details stripped first?
After all, it's pretty flipping easy to substitute names for arbitray numbers and I would have thought that exact addresses could also be lost without affecting any research. That way, if the data did get lost, it's impact wouldn't be nearly so great.
Why can't I get rid of this nagging feeling that, the data request was handed off to a junior clerk than someone who actually understood data security?
Makes you feel so confident about ID card data, doesn't it.....
My understanding is that PA Consulting were employed to track and analyse serious and prolific offenders. They may well have required all of the personnel details. However PA Consulting were reportedly send the details encrypted. I fail to understand why someone then put these on a memory stick unencrypted. If the memory stick was used to hold the data and then locked away when not in use then I can understand its use but otherwise I think that its use is very questionable.
Disciplinary action must be taken against the employee at PA Consulting.
The Government's role in this is surely limited to what steps they took to check that the data was being correctly handled by the consultants. They didn't lose the stick.
I could be wrong, but there are literally thousands of company homeworkers who are in daily receipt of confidential information. There is in all possibilities, some of this information is not going to regarded as a top priority security issue by some people (human nature!). This might change (slightly) if a special offences law was passed, or present laws made stronger and more enforceable regarding issues of this kind.
Is to lay down that no data leave government secure premises.
Surely it would be just as easy to contract in consulting staff to carry out such work on site, as it is to send it out.
This thread is now locked and can not be replied to.