A year-long investigation into private detectives by Channel 4′s Dispatches programme has led to some startling revelations about the practices of civil servants entrusted with our personal data.
The aim of the investigation was to look into accusations that PIs sell access to private information such as health, benefit and criminal records, as well as mobile phone bills and bank accounts. In the programme it was also revealed that almost 1,000 staff from the Department of Work and Pensions (DWP) had been disciplined in a 10-month period for inappropriately or unlawfully accessing social security records.
The figures, released under the Freedom of Information laws, also showed that between April 2010 and March 2011 a total of 513 employees were disciplined for “unauthorised disclosure of official, sensitive, private and/or personal information … to anyone” from supposedly private and secure databases. The DWP database can be accessed by as many as 200,000 different people and holds the records of 98 million people.
If all other data offences – such as breaching the Data Protection Act or inappropriate browsing of personal records of people claiming benefits – are taken into account, almost 1,200 civil servants were reprimanded over the same period (Apr ’10 – Mar ’11). Across all departments there were 992 people who faced disciplining between April 2011 and January 2012, which equates to almost 5 individuals per working day.
So what can you do to make sure the government keep your data secure? Well, unfortunately not a lot. However, campaign groups are on the case, with a spokesman for the Equality and Human Rights Commission saying: “We want to work with the government to make personal information better protected by the law.”
A representative for the DWP said that there would be no hesitation in reprimanding staff if any of them had accessed data through inappropriate methods and that they are working hard to improve staff awareness of data protection. The Department of Health also said that ”the NHS takes protecting individual privacy extremely seriously and if any member of staff is discovered intentionally breaching this, they will be subject to appropriate disciplinary action.”