Children’s database delayed to review security
- 28 November 2007
The government has announced that the £224m children’s database, ContactPoint, will be delayed for five months, so that a full security review can take place, following last week’s HM Revenue and Customs child benefit data loss scandal.
The new system, originally due to go live in spring 2008, has been postponed and is now due to begin operation by no earlier than September 2008.
In a statement to MPs in the Commons yesterday, children’s minister, Kevin Brennan announced: “Delaying the implementation of ContactPoint will enable the independent assessment of security procedures to take place, as well as address the changes to ContactPoint that potential system users have told us they need.”
ContactPoint, conceived after the Victoria Climbie enquiry, is intended to hold records of all children in England from birth until 18 and will extract data from national and local sources – including NHS Connecting for Health.
Information about every child’s name, address, their parents or guardians as well as contact details for each government service they use, including which GP they go to, will be held on the system. This has raised concerns about the extent of access to such sensitive information about individual children.
ContactPoint will not, however, hold assessment or case information, or subjective observations about a child or their parents, or any other detailed personal information about a child or their family.
The eight month delay means that the database, being built by Capgemini for the Department for Children, Schools and Families (DCSF) will now not go-live until next September at the earliest.
The security review follows the news last week of a security failure by HM Revenue and Customs (HRMC) on child benefit data, resulting in the loss of two discs containing the personal details of 25m UK citizens, including bank details and addresses.
A DCSF spokesperson told E-Health Insider: “Security is of paramount importance in the development of ContactPoint, and will be reflected in the statutory guidance and staff training that will govern the operation of ContactPoint. A number of stringent measures will be in place to ensure security.
“Access will be restricted to authorised users who need it as part of their work. Users will be trained in the safe and secure use of ContactPoint, information sharing practice and the importance of compliance with the Data Protection Act and Human Rights Act. Robust procedures and mechanisms will be in place to guard against access by unauthorised users, and the inappropriate use of ContactPoint by authorised users.”
No assurances were made that the data would be completely encrypted, although Ed Balls, the minister responsible for children, is reported to be under pressure to make this change.
The database will be available to almost 330,000 vetted users, and is designed to be the quickest way for a practitioner to find out who else is working with the same child or young person, making it easier to deliver coordinated support.
ContactPoint was devised in response to a recommendation from the inquiry into the death of Victoria Climbie, in order to make it easier to co-ordinate the efforts of different agencies involved in child protection.
However, parents’ groups have protested against putting their children on the database, fearing it could be dangerous.
Mary MacLeod, chief executive of the National Family and Parenting Institute said: “Parents and their children are already worried about how secure ContactPoint will be, especially because of the number of people who will have access to details about their children. In the light of recent events the Government should reconsider whether a database with all the children’s names in the country is the best way to ensure that information about children at risk is properly shared, so they can be protected.”
The news comes as it was revealed last night that apology letters being sent in the name of Dave Hartnett, acting chairman of HMRC, contained personal data relating to strangers, including each claimants’ name, address, national insurance and child benefit numbers.
Liberal Democrat children’s spokesperson, Annette Brooke said: “There could be more than financial costs if the addresses of vulnerable children from a family separated because of domestic violence, for example, are not kept secure.
"The government has proven itself not be trusted with large databases containing personal details. The failure of security procedures by HMRC has left millions of parents extremely worried and raises questions about the safety of other records stored by the government.”
According to the Press Association, the children’s rights director for England, Roger Morgan, warned that youngsters had serious concerns about the safety of the database. He said children “thought that paedophiles would spend a lot of time and effort trying to break into ContactPoint.”
Links
Joe Fernandez