The Home Office has today terminated a £1.5m contract with PA Consulting after it lost the personal details of the entire UK prison population. In August the firm admitted to officials that it had downloaded the prisons database to an unencrypted memory stick, against the security terms of its contract to manage the JTrack …
Prepare to meet thy doom...
It was a cock-up under PA Consulting, so now the Home Office are taking it in-house.
Why am I not overwhelmed with feelings of confidence?
Prepare for the mother of all cock-ups...
Paris - very experienced if there's a cock-up in the offing...
So I take it the government will be auditing the return of all data held by PA related to this contract to ensure none of it goes straight in the bin?
The real reason PA Consulting have been fired is more to do with embarrassing dear Jacqui than actually losing the data.
The government has proven that they can't be trusted with data and now that they can't be trusted to manage anyone else looking after the data either.
It seems the "robust" terms of the contract have done nothing to prevent the data loss.
can we please...
..stop pretending like this is a new phenomenon - the data loss bandwagon is barely moving it's so full.
A search for data loss on guardian.co.uk (uk news) brings up 48 results - 1 from 99 (relating to the millennium bug), 22 from 2007 and 25 from 2008. Surely nobody can believe that there were were no data losses in 2006, 2005, 2004....1997 and back through the Tory years - they'll have just gone unreported.
I'm not saying it's right that they went unreported, but it certainly gave the Tories one less thing to be smug about (oh I forgot - they'll never make a single mistake if they are elected [the day I expatriate]).
Turn your cannon on your own Government departments, please.
Good. EDS next
would be nice. Even if unlikely.
I know the likes of the DWP have sometimes renegotiated or invoked penalties, but has EDS ever actually lost a ukgov contract due to buggering things up ?
Probably the 1st personal data loss that actually wouldn't be worth anything on the black market. Who wants to rip off a crim, who probably has nothing to rip off if they've just done time at her majesty's pleasure.
It is of course quite right to penalise a contractor for breaking the terms of their contract.
That said, when the government cocks up with our data, then they have to say "there lessons to be learned" three times in public and they award themselves pay rises all round due to their now increased experience. Nobody, of course, gets the chop.
Why wasn't PA Consulting allowed to learn its lesson? It's yet another flagrant case of one rule for business and another for the public sector.
PS I have nothing to do with PA Consulting. Just thoroughly pissed of with this corrupt, thieving and amoral government.
i despair, i really do!
PA Consulting consulting: 1 cockup & UK gov: countless...
i wonder if we can remove the gov mps from their position for losing many many items of data? can we cancel their contract yet? oh shit - if we do we just get the tory boys back in so its lose:lose :(
wonder if i'll have the balls to vote liberal this time (then cross my fingers for few years)
we now know why people become MPs (apart from magalomania). they are simply too useless to work in industry!
its like the old addage 'those who can, do. those who cant, teach. (what about adding) and those that can do fuck all, govern'
The home office is taking loads of work in house...
If you look at the adverts, you can see this.
After all, at the end of the day...
1. It's going to be the same Techies doing the work.
2. They'll be working for the Home Office directly, so they won't be told by some jumped up little Nigel in their "Management Consultancy" team, "Don't mention that this bit here isn't finished yet, because we're after more business." So they'll know much, much, much earlier on that things are wrong.
3. They won't have to pay for another company's secretaries, cleaners or shareholders.
4. They won't have the problem of their middle management's inability to cope with the sly, or indeed just FUD that precedes a consultancy's attempts to talk up the job to the point of failure, after much profit taking.
Not that I'm saying consultancies are all more bent than a particularly bent banana tree, in a hurricane, viewed with an astigmatism, through a convex mirror, because they're all as honest as day, and make their living through successful delivery of working products.
@Anonymous Coward regarding Tories
Actually, you'll probably find that the number of time the Tories lost shit loads of data was pretty low. Not because they were better and keeping track of things, it's just that removable media wasn't so cheap.
I doubt anybody was willing to lose a tape / Jazz disk etc. by sending it in the Royal Mail because they were a tad more expensive than a DVD-R.
Basically it's not Nu-Lab (and their friendly consultancies) to blame, it's the fact that media & IT equipment is so cheap
C'mon Reg readers, be fair...
If Wacky Jacqui's department hadn't of terminated the contract, us lot would have been in uproar / cursing our tits off.
I think they've done the right thing. Outsourcing is seldom useful, and when they phuck up - they should lose the contract.
Now that's out of the way, lets continue with EDS, Accenture, Cap Gemini....
On a seperate note: if anyone at HMG loses any (more) data, then the Operator and his manager(s) should all go. Same Ministry / Department twice, and the Secretary of State goes too...!
Umm - does that mean the ID Cards are canned too?
AFAIK this was the same club that was doing the ID Card scam, sorry, scheme. So, does sacking that club mean the government is seeking to find a blameless exit from that too, or is that too much to hope for?
I assume the latter, it'll just be another bottom feeder picking up this idea. After all, you *can* trust the *government* to hold your data, right?
The guy who lost the stick should be jailed. Direct, PERSONAL consequences without escape route, and ditto for government. That way you target the goons who do it, but there should also be consequences for those not building a solid data protection policy.
You see, the gov demands (rightfully) that contractors handle the data with care, and most actually do (and in that I include PA - any List X company gets an annual audit from someone who knows what to look for). But AFAIK there isn't a desktop crypto like in the US inside UK government, thus no procedures to follow for encryption, thus nobody to jail/sack/whip/ream when it goes wrong. As a matter of fact, the only option is to PROMOTE them out of the way (and call it a demotion), of course) - I recall a new Cabinet Office joiner a while back with such a history.
The entertaining question is WHY that doesn't exist. I don't know, but if I were to take a stab at the reason I would say there is a fear they'd have another spy and they can't detect it. You see, there is a department that would really like to continue snooping on all the others and they're probably the ones in the way.
So expect a lot more. A lot.
Oh, and a "consultancy delivering a successful product"? Excuse me, and miss the opportunity to sell upgrades and maintenance and fixes?
You haven't been around much, have you?
Is "screwed" really the right term?
It was breach of contract, after all.
I realize that it is a major case of the pot and the kettle, but I'm guessing "careless data handling" is a "you are gone" condition of the contract.
it is a start, I suppose
glass half-empty or half-full?
Full to overflowing with breaches both direct (civil SERVANTS) and indirect, but you can only really get accountability from STAFF, not from contracted-out services
A cautious welcome to this start of what may become a wind-change in HM Gumment practice
We can disband the British Army
Britain is protected by robust terms already after all.
So that's where they lost them.
They were dropped in the showers.
What will happen when HMG runs out of consultancies?
Fine, PA have blotted their copybook. So have EDS. And Fujitsu-ICL.
So when all your bidders have previously screwed up, to whom do you turn?
H M Customs & Revenue next for the chop?
Didn't H M C & R lose a little data recently?
@AC - Is "screwed" really the right term?
I think the phrase 'screwed' is a play on words, as the term 'screw' is a colloquial term for a prison officer.
See what they did there?
other contract worth blah blah blah
So, they've lost a bit of data and "PA Consulting" will be stripped of other work totaling X million pounds.
10-1 they hand the work to another external team, "PA-2-1 media Consulting" for example
Let's face it, most of these consulting companies could easily tweak their name and everyone wins. UKGov looks like it cares, the company carries on and everyone's unware of what's actually happened.
Besides, 8 million for government work sounds like very small projects...
Oy Mate ! Giz a job
I could do that.
If there is a future ! Some folks will be pissing their sides while wondering how we ever survived as a species when they look back on this period of His Story. They will see, hopefully, that some folks can't pay their fuel bills while science is playing hide and seek with Higgs Bosuns, IT wizards are professing that they can systemise the whole of life and the politicians believe the wizards can actually do it. The politicians spend months in a big house argueing over how they can fit it all in one bag and who's it is. They then incant spells to protect us, with mumbo f***ing jumbo, scribed onto tiny slices of tree via the majik lantern thingy, so that later these sacred offerings can be strewn to the gods or dumped in holes called "landfill". Or left on trains if burned to CD.
Such a simple folk.
Lets note our progress from the Neaderthals,
Neolithic Age, Bronze Age, Iron Age, Industrial Age, Information Age, Waste Age.
I don't get it.
IT techie puts data on an unencrypted stick, on the premises.
Then loses it.
How likely does that read to you?
Finding the lost data
I'm not sure PA Consulting have actually looked hard enough for the data - maybe they should calm down a little, reflect, and consider what my mother always says "well where did you last have it?". I'd start by looking under the bed........
On the rain-slick precipice of darkness
This is why you don't consult a web comic company on IT.
that this should be the data loss that gets punished - since justice is supposed to be seen to be done this data should be in the public domain anyway!
p.s. I bet this is the last time any external consultants ever admit to a data loss
I'm lead to believe that PA have several contracts with the government.
I suspect the loss of one will be nothing more than a blip on the balance sheet and an exercise in appearing to be taking charge of the matter on the part of the govt rather than a real attempt to rationalize IT policy.
Spineless Govt in double standards shock firing.....
Setting aside my laughing Gene for a minute.....I'm hugely impressed that the first "casualty" in the governments war on piss-poor-lax-public-sector-data-mismanagement was to wade into the giant of public sector BPO, PA Consulting.
Jacqui nailed PA for a few simple reasons. 1st, they are a small UK company, with a good reputation (well, for the last 60 years anyway) and little or no influence in the lobby (aka no large donations to a certain politcal party). 2nd. They can't afford to lawyer up like EDS, Accenture or Siemens. 3rd They are fairly ethical, so they won't do Jacqui's dirty laundry in the public press by way of revenge.
She knows this. It's sickening - like picking a fight with the smallest kid because you know you can thrash him with no comeback.
So, When's EDS, siemens and the others gonna lose their shirt for the stuff they lost? Or, like all politicians, is she only gonna pick a fight she can win?