Data losses breaching the Data Protection Act

Frank made this Freedom of Information request to HM Revenue and Customs

The request was refused by HM Revenue and Customs.

From: Frank

20 October 2009

Dear Sir or Madam,

FOI Request

I have been aware of serious breaches of the Data Protection Act by
the HMRC and other government bodies within the last 5 years.
Please could you tell me how many breaches of the Data Protection
Act have happened and been logged within the last 5 years?
What was the data that was subject to the breaches ( brief
description will suffice as I realise you may not be able to go
into detail )?
Have there been an investigations by the Information Commissioner's
Office in relation to the breaches of the Data Protection Act and
what were the findings of the investigations?
Have there been any fines or penalties imposed on the HMRC in
relation to these breaches?
Has the HMRC signed any type of formal undertaking to guarantee
compliance with the Data Protection Act?
Has there been any reviews of the inadequate risk assessment and
security procedures that were in place at the time of these
breaches?
Has there been any reviews on due diligence procedures in relation
to data management and protection?
Has there been any reviews of data protection policy and have any
new systems of administration and monitoring been established to
combat breaches in the Data Protection Act?

Yours faithfully,

Frank Mustill

Link to this

From: Request, FOI (Security Cen Pol FOI )
HM Revenue and Customs

21 October 2009

Attachment image001.png
2K Download

Attachment image002.jpg
2K Download

Attachment image003.gif
0K Download

Attachment image004.gif
0K Download

Attachment oledata.mso
4K Download

+------------------------------------------------------------------------+
| | |
| | |
| | |
| | |
| | |
| |-------------------------|
| |Freedom of Information & |
| | |
| |Data Protection Act Team |
| | |
| |Room 1C/25 |
| | |
| |100 Parliament Street |
| | |
| |London |
| | |
| |SW1A 2BQ |
|----------------------------------------------+-------------------------|
| | | |
| | |-------------------------|
| |Mr F Mustill |Tel 020 7147 0406 |
| | | |
| |By E-mail |Fax 020 7147 0666 |
| | | |
| |[FOI #21466 email] | |
| | | |
| | | |
| | |-------------------------|
| | | |
| | | |
| | |www.hmrc.gov.uk |
|---+------------------------------------------+-------------------------|
| | | |
|---+------------------------------------------+-------------------------|
| | Date |21 October 2009 | |
|---+-----------------+------------------------+-------------------------|
| |Our Ref |FOI 2316 /09 | |
|---+-----------------+------------------------+-------------------------|
| |Your Ref | | |
|----------------------------------------------+-------------------------|
| | |
+------------------------------------------------------------------------+

Dear Mr Mustill

Freedom of Information Act 2000

Thank you for your letter of 21 October 2009 regarding HMRC data
security. Your request was received at HMRC on 21 October 2009 and I am
dealing with it under the terms of the Freedom of Information Act 2000.

HMRC will provide information in response to a request free of
charge. However, HMRC may ask you to pay our costs where there is lot of
information involved, for example replies in excess of 250 sheets of
photocopying. Whenever we contemplate charging we will provide full
details of the charges and payment will be required before we send the
response.

If you have any queries about this letter, please contact me. Please
remember to quote the reference number above in any future communications.

Yours sincerely

Tony High

Freedom of Information Act Team

The information in this e-mail and any attachments is confidential and may
be subject to legal professional privilege. Unless you are the intended
recipient or his/her representative you are not authorised to, and must
not, read, copy, distribute, use or retain this message or any part of it.
If you are not the intended recipient, please notify the sender
immediately.

HM Revenue & Customs computer systems will be monitored and communications
carried on them recorded, to secure the effective operation of the system
and for lawful purposes.

The Commissioners for HM Revenue and Customs are not liable for any
personal views of the sender.

This e-mail may have been intercepted and its information altered.

show quoted sections

Communications via the GSi may be automatically logged, monitored and/or
recorded for legal purposes.

Link to this

From: Sharpe, John (CenPOL)
HM Revenue and Customs

18 November 2009

Attachment 2316 09 mustill.pdf
48K Download View as HTML

Dear Mr Mustill,

I attach HMRC's reply to your recent request for information.

<<2316 09 mustill.pdf>>

Yours sincerely

John Sharpe

Central Policy

Freedom of Information Team

HM Revenue & Customs

Room 4/52

100 Parliament Street

London

SW1A 2BG

Tel 020 7147 2412

Fax 020 7147 0666

[1][email address]

The information in this e-mail and any attachments is confidential and may
be subject to legal professional privilege. Unless you are the intended
recipient or his/her representative you are not authorised to, and must
not, read, copy, distribute, use or retain this message or any part of it.
If you are not the intended recipient, please notify the sender
immediately.

HM Revenue & Customs computer systems will be monitored and communications
carried on them recorded, to secure the effective operation of the system
and for lawful purposes.

The Commissioners for HM Revenue and Customs are not liable for any
personal views of the sender.

This e-mail may have been intercepted and its information altered.

show quoted sections

Communications via the GSi may be automatically logged, monitored and/or
recorded for legal purposes.

References

Visible links
1. mailto:[email address]

Link to this

Things to do with this request

Anyone:
HM Revenue and Customs only: