To ask the Chancellor of the Exchequer how many breaches of data protection security there were in (a) his Department and (b) his Department's agencies in each of the last five years; and if he will provide details of each breach.
To ask the Chancellor of the Exchequer how many security breaches relating to access to personal data occurred within his Department in each year since 1997.
HMRC records security incidents and does not record information in the form requested.
Since April 2005, HMRC has discussed 11 data security incidents involving customer information with the Information Commissioner's Office as a matter of good practice and to ensure appropriate lessons are learned from such incidents.
HMRC has introduced more stringent controls which require that transfers of bulk data on removable media only take place where there is adequate security protection. The transfer of personal data only takes place when it is essential to do so due to a business critical need or in order to meet the HMRC's legal obligations.
No such security incidents have been recorded by the Treasury, the Office of Government Commerce or the Debt Management Office.