yet another blog

And some more (re last post)…

Investors details stay in the post - Yahoo News UK
Confidential information on millions of investors is regularly being sent through the post to HM Revenue and Customs without proper security.
publicitéInvestment managers in the City are required to mail personal data on their clients to HMRC on unencrypted computer disks in spite of the recent outcry over the disappearance of two disks containing information on 25 million child benefit claimants.

HMRC said encrypting the data would be a “recipe for chaos”, as it would not be practical to decrypt information from thousands of different financial institutions using different coding programs.

But the body representing individual savings account ISA and personal equity plan PEP managers said the current situation was putting savers at risk of identity fraud.

Richard Saunders, the chief executive of the Investment Management Association IMA has written to HMRC, saying in the light of the child benefit data scandal, the sending of unsecured data could not be allowed to continue.

“We wrote to David Hartnett, the acting head of HMRC, to bring to his attention that our members were sending data in a form that we thought raised concerns about security,” IMA spokeswoman Mona Patel said.

“If they are not very careful with how they handle that data, investors are at risk of identity theft. Were asking HMRC to come up with new ways of sending the data so the individuals details are not compromised. There must be ways of doing this that are not onerous on the Revenue.”

Fund managers, who handle over 8 million accounts with a total value of billions of pounds, are required to send the HMRC the name, address, date of birth and National Insurance number of every one of their investors, along with how much each individual has saved in PEPs and ISAs.

The intention is to stop people exceeding tax allowances on their investment accounts.

A spokeswoman for HMRC said it would be impractical to ask investment managers to encrypt the data before they sent it. “Its not a question of cost, but practicality. You cant have one side having one encoding system and one having another - its a recipe for chaos.”

And we really want to trust the Government to safely and securely implement/maintain a National ID Card scheme?…

Benefit data discs held for year - Yahoo News UK
The Conservatives have branded a report that an ex-contractor at the DWP had two discs with thousands of benefit claimants details for more than a year “disturbing”.
publicitéThe News of the World reports that two discs were found at the home of a former contractor to the Department for Work and Pensions.

The worker discovered that she had inadvertently forgotten to return the discs when her work with the DWP finished - and expressed her surprise that no one had checked that she had done so.

The two new missing discs reveal what kind of benefits the people receive. The data on the discs can be accessed by any standard computer and is not encrypted or protected by a password.

The blunder comes days after the Government was forced to admit it had lost the personal details of more than 25 million people in the post.

That crisis was sparked when a junior official at HM Revenue & Customs official in Tyne and Wear sent two unencrypted CDs containing details of child benefit claimants by courier to the National Audit office in London. The discs were not recorded or registered.

Shadow work and pensions secretary Chris Grayling said of the latest blunder: “This is an exceptionally disturbing new development involving highly sensitive personal information.

“The fact that it hasnt been copy protected is further evidence of a cavalier attitude towards data protection in Government departments. Ministers need to explain urgently how they are going to put things right.”

On Saturday it emerged confidential information on millions of investors is regularly being sent through the post to HM Revenue and Customs without proper security.

Investment managers in the City are required to mail personal data on their clients to HMRC on unencrypted computer discs despite the recent outcry.