HMRC kept bank data on lost discs to save money, say Tories

UK tax authorities kept citizens' bank data on lost discs because "desensitising" the data would have cost more money, opposition politicians say

HM Revenue and Customs failed to "desensitise" the data on 25 million people that it lost in transit to the National Audit Office because removing bank details and other sensitive information would have required an extra payment to data management contractor EDS, the Conservative Party has claimed.

Prime minister Gordon Brown and his chancellor, Alistair Darling, have been under fire over the scale of HMRC's data loss. Records of 25 million child benefit claimants and their children -- including bank details and other confidential information -- were on two computer disks lost in transit to the National Audit Office, the government's financial watchdog.

The government has blamed an unnamed junior official for sending the data out insecurely, in breach of HMRC's procedures.

But the Conservatives claim a briefing paper by Sir John Bourn, the head of the NAO, says senior HMRC officials allowed sensitive data to be given to the NAO. The briefing document was sent to the chancellor and also provided to Edward Leigh, the Conservative MP who chairs the Commons Public Accounts Committee.

In the Commons yesterday, Leigh told MPs that Sir John Bourn, the NAO's comptroller and auditor general, had requested only National Insurance numbers relating to child benefit claims. "It is clear that the [auditor general] specifically asked that all personal details, bank account details and all that sort of information should be removed before this was sent. That is the most important thing," he said.

The Conservatives claim the briefing document confirms that a senior business manager at HMRC emailed the audit body in March to say the data would not be stripped down before being dispatched to the NAO.

Sir John Bourn's briefing adds that the reason given in the email -- which was copied to an HMRC official at assistant director level - was that desensitising the data would require an extra payment to EDS as it fell outside the scope of EDS's data management contract.

Shadow chancellor George Osborne said: "These startling revelations from the NAO call into question the entire defence mounted by the prime minister of this catastrophic failure in his government. This was systemic failure not individual error by a junior official."

He added "Gordon Brown needs to tell us the whole truth of why the security of all families in the country has been put at risk."

An NAO spokesperson confirmed that the audit body only requested NI numbers, child benefit numbers and children's names in order to select a risk-based sample of cases to audit as part of anti-fraud work.

"We did not want bank account details, parents' details or addresses," he said.

The spokesperson would not confirm the contents of the briefing.

More about EDS AustraliaHISNational Audit OfficeOffice of the Auditor GeneralSIR

Comments

Comments are now closed

Queensland Police arrest man for allegedly hacking US gaming developer site

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]