UK People Search Blog


Investigation Blogs:
September 2008

Valid XHTML 1.0!

Home » Archives » September 2008 » UK Private Investigator Blog - "Justice data missing"

[Previous entry: "UK Private Investigator Blog - "Madeline P.I. Search costs £500K""] [Next entry: "UK Private Investigator Blog - "Forensic computing""]

09/07/2008: "UK Private Investigator Blog - "Justice data missing""


The ministry of justice has lost the data of thousands of itís staff members. It was posted from the justice office at Mitcheldean, Gloucestershire during July 2007 for testing at a data centre in Washington, Tyne and Wear. It was then moved to an EDS facility in Telford, Shropshire, where in July 2008 an employee went to use the data and found it to be missing.

The missing disc contained the names, DOBs, national insurance numbers and employee codes of 5,000 staff members. The government were quick to point out that the disc is not thought to be in ďthe wrong handsĒ. Obviously, this statement suggests the disc wasnít thought to be removed from the data centre itís just missing somewhere inside the facility.

The Justice secretary Jack Straw has ordered an enquiry into the data loss. A spokesperson from the Ministry of Justice said: "We believe nearly all of this data related to financial information - for example, invoices from Prison Service suppliers. However, we believe there is also a limited amount of personal information on around 5,000 NOMS employees including their names, dates of birth, National Insurance numbers and employee numbers."

Personal data losses are becoming more common as the availability of our personal data increases, and the devices storing them become smaller. In recent months the government has owned up to several missing data files, for which I think they should be commended. I doubt commercial businesses are as forthcoming and Iíd bet the personal data loss in the commercial sector is higher than in the government sector.

Half the problem is that the persons holding and using the data arenít properly trained in the laws and procedures governing their usage. A 2-hour course in data protection and management is not sufficient and constant refresher courses should be available in my opinion to all staff members in all sectors.