The government has lost the personal information of up to four million citizens in one year alone.
The astonishing figures, calculated by the BBC, added up as Whitehall departments slowly released their annual reports for the year to April.
And the trend has not stopped - in the latest revelation, HM Revenue & Customs, which infamously lost the details of 25 million child benefits claimants last November on two unencrypted discs, experienced 1,993 data breaches between 1 October last year and 24 June.
Treasury minister Jane Kennedy told MPs the newly-announced HMRC breaches did not necessarily result in data losses, adding that they reflect "potential weaknesses reported by staff and not actual thefts or losses”, and indicate that staff are more aware of security and reporting more incidents. HMRC said it takes data loss and security breaches “very seriously” and thoroughly investigates any breach.
Earlier this week, the Ministry of Justice admitted it had lost 45,000 people’s details throughout the year, on laptops, external security devices and paper, and that 30,000 of them had not been notified. The MoJ said it had a “dedicated information assurance programme” in place to improve data security.
As the government spends £12.7 billion putting NHS patient health records onto a central computer, there have been a string of data losses from NHS hospitals. In June, two NHS trusts lost unencrypted laptops containing 31,000 patient records. In May, 38,000 patient records on tape were lost after being posted by the Isle of Wight Primary Care Trust.
Information Commissioner Richard Thomas recently served enforcement notices on HMRC and the MoD for their data losses, insisting they report regularly on their data handling. He also said he “welcomed” the Home Affairs Committee’s report that urged the government to stop creating large databases on citizens without first proving they are necessary.
The Liberal Democrats have called for 'data guardians' to be appointed to monitor the government's handling of information. The data protection minister, currently Michael Wills, should also have a stronger influence in central government, they said.
They attacked the “depressing climate of disrespect for the security of our personal information”, advocating doubling the Information Commissioner's budget and implementing stronger legislation around data protection.