Original URL: http://www.theregister.co.uk/2010/08/13/dwp_database_breaches/

Council staff breach DWP database

26 employees dismissed

By Kable

Posted in Government, 13th August 2010 13:34 GMT

The Department for Work and Pensions has disclosed that 124 council employees illicitly viewed personal data on its Customer Information System last year.

A Freedom of Information request by GC News revealed that local authorities dismissed 26 employees during 2009-10 for breaching data security.

The department's response showed that 99 of the breaches occurred when council staff accessed their own account or that of family, friends and neighbours. Other reasons for breaches included incorrect access to the Customer Information System (CIS) and staff accessing sensitive or celebrity accounts.

According to the DWP, in 43 of the 124 breaches reported during 2009-10, no action was taken. But it said that 33 council staff had received either a final written or verbal warning, eight resigned during the disciplinary notice, while two were banned from using the CIS.

Councils are the second largest user of the DWP's CIS after the department itself, with more than 200,000 local authority employees routinely accessing the system. In 2005 the department opened access to the CIS, which contains millions of personal records, to other government agencies.

It also disclosed that no private companies, other than its own IT service providers and those contracted by councils to deliver services, such as BT, are able to access the CIS. It stressed that private sector companies are only able to do so on a restricted basis.

This article was originally published at Kable.

Kable's GC weekly is a free email newsletter covering the latest news and analysis of public sector technology. To register click here.