Disaster recovery Toolkit

Story: Darling blames officials for data loss

Posted by: James B (Wednesday 21 November 2007, 11:25 AM)

Shocking inadequacy of system protocol...

The fact that there were no controls on access and duplication rights to this information was already startling - if the NAO had a requirement for provision of this information by the HMRC there should have been a channel and procedure in place for assessing how this need should be met. I am astounded that there is no evidence of any of the lauded 'joined up government' systems working in this instance. Even the concept that access should be provided via 2 x CDs is extraordinary. I am no tech-expert, but surely the HMRC should have been able to provide strictly controlled, direct access to the relevant databases rather than even considering copying of the files. With appropriate access priviliges and user rights the HMRC could provide a secure link and would be able to identify what information had been accessed and by whom.

Although I agree about not blaming junior officials - the fact that this individual tried sending the CDs on 3 occasions is both negligent and incompetent at an personal level - it then appears that he did not tell anyone for 3 weeks..... shameful.

Would this information management be better handled by the private sector?

View complete profile

Send private message

View all posts