Over at the Yorkshire Post, Jack Blanchard brings news of the "dozens of police officers, nurses, social workers, council staff and other public servants caught snooping in the private files of people living in Yorkshire".
Among the examples offered in his article "include numerous police officers caught running criminal record checks against ex-partners and family members, a council finance officer in Rotherham found looking up the private details of 72 friends and neighbours, and a doctor in Doncaster caught looking at a colleague's medical records".
It is scandalous to think that people in positions of trust have abused their access to sensitive personal information in this way.
It should not have been possible for this gross invasion of privacy to take place., yet is perhaps unsurprising given the sheer number of (often-unvetted) individuals who have access to our sensitive personal information.
It is clear that an urgent public sector review is needed in order to ensure that access to private data is restricted to only a small number of trusted staff, rather than applying the 'scatter-gun' approach to database access that many bodies currently employ.
Let's be clear here: access to information such as one's medical records, criminal record status or financial records is common theft. Any staff member working for a public or private sector organisation who is found guilty of misusing private records must face immediate dismissal. No excuses.
This access to personal data is appalling. Aren't the authorities telling us all the time how safe their 'storage' is? It appears it is nigh on impossible to remove data put on public data systems now.
Posted by: tolpuddlemartyr | 04/01/2011 at 05:26 PM
Unless abuse of access is criminalised, it will only increase.
Sacking is not a sufficient deterrent.
Posted by: Martin Keegan | 04/01/2011 at 06:16 PM
These cases are of course just the tip of the iceberg, as they represent only those where the management of the organisations took formal disciplinary action. They do not include the undiscovered cases, or those covered up because they are far too embarrassing.
I know from personal experience that junior technicians in government organisations and external contractors often have untrammelled access to very sensitive information about individuals on government databases.
Posted by: David C | 04/01/2011 at 06:46 PM
The question is how would anyone know or find out if their information was being accessed.
Suppose someone takes battle to their local council is there a temptation to 'dig the dirt' to use as leverage?
Posted by: Tinks | 04/01/2011 at 11:54 PM
This should be a criminal offence and once it is then it should be rigorously policed - oh how silly of me - it is happening in the police as well as everywhere else.
This is not acceptable and there should be a tracking system for every single access that is made or attempted. This information should be sent regularly to every individual so that they are fully aware what is going on - it just does not make sense that as individuals we are the least likely to know what data is held and how it is being processed. I have spent well over a year trying to find out where certain data is held concerning me so that I can made a data subject access but I am still trying to find out and those processing the data are clueless as to who is responsible for it - not good, not good.
Posted by: ohno | 05/01/2011 at 08:18 AM
apologies my post above should read 'data subject access request'
Posted by: ohno | 05/01/2011 at 08:20 AM
It's interesting to note that in Bellarus (or it could be one of the other countries around that area) that they have a national identity style/medical record database but what they do is send individuals regular updates of how their their record has been accessed so they can check that it has been done properly and with their authorisation. Still not perfect but way better than the UK system.
Posted by: SadButMadLad | 05/01/2011 at 09:11 PM
Good article. The state really needs to wean itself off its addiction to surveillance and databases.
Posted by: Richard Craven | 09/01/2011 at 05:52 PM