You looking at my tax data?

It seems that some local authority employees have been using the Department for Work and Pensions’ Customer Information System to carry out their own private research. Not that it appears to be a big deal – the following security notice is tucked away in a regular DWP bulletin:

Security notice – CIS access to HMRC and DWP data

LAs access customer information through DWP’s CIS. From July 2008 this has included access to Her Majesty’s Revenue and Customs’ (HMRC) tax credit data. Desktop access to CIS has helped to significantly improve service delivery to customers. However, DWP and HMRC customer information is shared with LAs on the understanding that only authorised access is permitted.

DWP’s Local Authority Support Team (LAST) carries out checks on a sample of system-generated Test Checks, which LAs have conducted. In addition, DWP and HMRC interrogate CIS to carry out independent data matches and checks of accesses made by both LA and DWP staff.

These checks are carried out to provide assurance to DWP and HMRC that accesses to CIS are appropriate and that information obtained is used correctly.

Regrettably checks have identified some LA staff are committing serious security breaches.

To be absolutely clear, and by way of reminder to all LA users accessing CIS, users should not

• access their own records or the records of friends, relatives, partners, or acquaintances
• make enquiries on behalf of colleagues in respect of their friends, relatives, partners, or acquaintances
• share their system, Government Gateway or other identity password with their colleagues
• access CIS for any unauthorised purpose

Not very reassuring at all, is it?

Advertisements

2 Responses to You looking at my tax data?

  1. Pete Darby says:

    So the solution is to… ask people not to be bad?

    How come that’s okay for about half a million people accessing highly confidential information, but unacceptable for a much smaller number of home educators?

  2. […] ARCHrights spotted this item on a recent Department for Work and Pensions bulletin: Regrettably checks have identified some LA staff are committing serious security breaches. […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: