ICO Criticises Home Office For Mishandling Prisoners' Data

The Information Commissioner's Office has severely criticised the Home Office and one of its contractor, PA consulting, for losing an unencrypted memory stick which contained the personal details of tens of thousands of prisoners.

Under the Data Protection Act, the Home Office is ultimately accountable for the grave data mishandling as mentioned by the Assistant Information Commissioner, Mick Gorrill.

He added that "This case was serious because it involved thousands of individual records, which contained sensitive information on people serving custodial sentences and others previously convicted of criminal offences."

The USB flash drive was left in an unlocked drawer at PA Consulting's Offices in Central London back in August 2008 and contained the names, addresses and expected release dates of 84,000 prisoners in England and Wales.

The Home Office was under the duty to sign a document which stipulates that it will formally take steps to improve its data protection procedures. This document was signed by Sir David Normington.

Following the data loss, the Home Office ended the £1.5 million contract of PA Consulting although the firm is still involved in the controversial ID Card project (ed: if they managed to lose a USB key, guess what might happen with the ID card project).

The ICO has also reprimanded the Abertawe Bro Morgannwg University NHS Trust and Tees, Esk and Wear Valleys NHS Foundation Trust following the loss of a laptop and a USB drive respectively, both containing unencrypted data.

Go To Page 2 for our comments and more related links