I said I would blog about my own progress in obtaining answers and info on the improvements with the initial incident with HMRC when they lost the Standard Life CD with my data on it on 8th November, two weeks prior to the 25 Million record breach. I wrote several letters at that time to the powers that be and I have received several replies so far.
I had a reply from my local Member of Parliament, David Borrow, who said "I am looking into the points you have raised and I will contact you again as soon as I have more information.
I had a letter receipt acknowledgement from Michael Wills MP, the government minister for Data Protection.
I've also had an interesting response from The Information Commissioner’s Office (ICO)...
"Thank you for your correspondence dated 8th November 2007 regarding the security breach by HM Revenue and Customs which involved the loss of a computer disc containing Standard Life customer details.
The Information Commissioner’s Office (ICO) is responsible for administering the Data Protection Act 1998 (the Act), which is concerned with the processing of personal data. The Act requires, amongst other things, that organisations which process personal data employ appropriate safeguards in order to ensure the security of that data. If an organisation fails to take appropriate steps to ensure the security of the data they hold then it is likely that that organisation will have breached the requirements of the Act.
HM Revenue and Customs has reported this serious breach to the ICO, and as you may be aware, as a result of a further security breach the Chancellor has announced an independent review of HM Revenue and Customs. The Chancellor has agreed that the full report will be made available to the ICO and we will then decide what further action is appropriate. The ICO will release a statement as soon as he has considered the findings of the independent review.
As we have already been made aware of the breach, and as we will be provided with the full report following the independent review of HM Revenue and Customs, we do not require details of individual complaints. However we will keep a copy of the information you have provided on file as evidence should it be required in the future.
The Information Commissioner's Office is aware that you may have concerns about the security of the lost data; If you would like some practical guidance about avoiding identity theft you may wish to view pages 30 - 33 of our Personal information toolkit.
I hope this information is useful. If we can be of any further assistance please contact our Helpline on 08456 30 60 60, or 01625 545745 if you would prefer to call a national rate number, quoting your case reference number. You may also find some useful information on our website at www.ico.gov.uk
Yours sincerely
Sharon Boot
Senior Customer Service Officer"
No comments:
Post a Comment