Comments on: John Redwood Speaks in Opposition Day Debate on HMRC http://www.johnredwoodsdiary.com/2007/11/29/john-redwood-speaks-in-opposition-day-debate-on-hmrc/ Conservative Party Member of Parliament for Wokingham Mon, 13 Oct 2008 18:05:44 +0000 http://wordpress.org/?v=2.6.2 By: Simon_C http://www.johnredwoodsdiary.com/2007/11/29/john-redwood-speaks-in-opposition-day-debate-on-hmrc/#comment-13672 Simon_C Fri, 30 Nov 2007 09:12:10 +0000 http://www.johnredwoodsdiary.com/2007/11/29/john-redwood-speaks-in-opposition-day-debate-on-hmrc/#comment-13672 <i>The most important error to have occurred has not received enough attention. In March, a similar volume of information was sent in a similar manner. Fortunately, the discs did not go missing, but that event should have alerted the previous Chancellor of the Exchequer to the seriousness of the possible problems that such sloppy data handling could cause. </i> If I recall, these disks were sent back to HMRC once they had been used, thereby doubling the risk. And, what happens to disks that are returned in this situation ? Are they just put in the bin ? Or, are they disposed of in a confidential manner. If they are disposed correctly, then the person sending them *did* have an understanding of the confidentiality of the data, but still sent them out without using strong encryption, or even recorded delivery. The most important error to have occurred has not received enough attention. In March, a similar volume of information was sent in a similar manner. Fortunately, the discs did not go missing, but that event should have alerted the previous Chancellor of the Exchequer to the seriousness of the possible problems that such sloppy data handling could cause.

If I recall, these disks were sent back to HMRC once they had been used, thereby doubling the risk.

And, what happens to disks that are returned in this situation ? Are they just put in the bin ?
Or, are they disposed of in a confidential manner. If they are disposed correctly, then the person sending them *did* have an understanding of the confidentiality of the data, but still sent them out without using strong encryption, or even recorded delivery.

]]>