Umm - does that mean the ID Cards are canned too?
AFAIK this was the same club that was doing the ID Card scam, sorry, scheme. So, does sacking that club mean the government is seeking to find a blameless exit from that too, or is that too much to hope for?
I assume the latter, it'll just be another bottom feeder picking up this idea. After all, you *can* trust the *government* to hold your data, right?
The guy who lost the stick should be jailed. Direct, PERSONAL consequences without escape route, and ditto for government. That way you target the goons who do it, but there should also be consequences for those not building a solid data protection policy.
You see, the gov demands (rightfully) that contractors handle the data with care, and most actually do (and in that I include PA - any List X company gets an annual audit from someone who knows what to look for). But AFAIK there isn't a desktop crypto like in the US inside UK government, thus no procedures to follow for encryption, thus nobody to jail/sack/whip/ream when it goes wrong. As a matter of fact, the only option is to PROMOTE them out of the way (and call it a demotion), of course) - I recall a new Cabinet Office joiner a while back with such a history.
The entertaining question is WHY that doesn't exist. I don't know, but if I were to take a stab at the reason I would say there is a fear they'd have another spy and they can't detect it. You see, there is a department that would really like to continue snooping on all the others and they're probably the ones in the way.
So expect a lot more. A lot.
Oh, and a "consultancy delivering a successful product"? Excuse me, and miss the opportunity to sell upgrades and maintenance and fixes?
You haven't been around much, have you?