Data Protection

Treasury written question – answered on 30th April 2008.

Alert me about debates like this

Photo of Philip Hammond Philip Hammond Shadow Chief Secretary to the Treasury

To ask the Chancellor of the Exchequer how many employees of each grade in his Department (a) have access to confidential or sensitive data and (b) are authorised to download such data to disc; how many of his Department's employees have undergone data protection training in the last 12 months; what the average length of time is that each employee of (i) his Department and (ii) his Department's agencies has spent on data protection training; how many investigations of employees of his Department for improperly accessing confidential information have taken place in the last 12 months; how many such investigations resulted in cases of disciplinary action; and what the circumstances of each of those cases were.

Photo of Jane Kennedy Jane Kennedy Financial Secretary, HM Treasury

HMRC provides its staff with controlled access to customer information to facilitate the delivery and maintenance of service to customers.

Access to HMRC systems is assigned according to user-roles within the organisation, and not grade. Information on users according to grade is not available and could be collated only at a disproportionate cost.

HMRC and its agency the Valuation Office Agency have in place a range of measures and procedures in relation to training and guidance on data protection and data security and transfer. Information on number of staff who have undergone training, the length of time spent by each and the cost of training is not available and could be collated only at a disproportionate cost.

HMRC has a strict policy forbidding staff to access customer records, unless they have a legitimate business need. Breaches of this policy are taken seriously and any breach will result in the commencement of disciplinary proceedings. Each case is treated on its merits but in many cases, the disciplinary penalty for breach is dismissal.

During the year ended 31 December 2007, 192 HMRC staff—from a headcount of just over 90,000—were disciplined or dismissed for inappropriate access to personal or sensitive data, reflecting the strength of HMRC's internal disciplinary procedure. However, this represents less than 1 per cent. of total staff for each of the three years in question.

No other information is available on the breakdowns requested in this question.

Does this answer the above question?

Yes0 people think so

No2 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.