Featured Research

from universities, journals, and other organizations

How Safe Are Your Personal Records In The Hands Of Government Officials?

Date:
February 11, 2008
Source:
University of Leeds
Summary:
Safeguarding sensitive information -- no matter how sophisticated the IT system -- can never be foolproof, according to new research. The loss of a CD by HM Revenue & Customs in the UK in November 2007 containing personal and financial details of over 7 million families claiming child benefit was swiftly followed by assurances that such a mistake would never happen again. Then in February, an agency of the Department for Health admitted that over 4,000 NHS smartcards, giving potential computer access to patient records, had been lost or stolen - and nearly a third of these in the last year alone.

Safeguarding sensitive information - no matter how sophisticated the IT system - can never be foolproof, according to research by Leeds University Business School.

Related Articles


The loss of a CD by HM Revenue & Customs in November 2007 containing personal and financial details of over 7 million families claiming child benefit was swiftly followed by assurances that such a mistake would never happen again. Then in February, an agency of the Department for Health* admitted that over 4,000 NHS smartcards (UK cards providing access to an individual's health records), giving potential computer access to patient records, had been lost or stolen - and nearly a third of these in the last year alone.

But no matter what steps an organisation takes, they will always run the risk of being compromised by human psychology and the way we perceive risk on a day-to-day basis, says Professor Gerard Hodgkinson, Director of the Centre for Organisational Strategy, Learning and Change (COSLAC).

Survey participants, all of whom regularly used IT systems in the course of their work, were asked to list examples of possible data security risks, either imagined or from their own personal experiences. A further group were asked to comment on the probability, underlying causes and likely consequences and impacts of the most commonly described scenarios.

Despite the survey data being collected over a period of two years, many of the risk examples envisaged by the study participants ironically matched – with surprising accuracy - some of the recent security lapses relating to information technology.

These scenarios, which were subdivided into deviant/criminal acts and accidental/negligent acts included:

  1. No backup of data files is made and information is lost;
  2. A computer disk or tape is lost or stolen containing secret/strategic information;
  3. Credit card numbers are stolen by a hacker
  4. Personal data is mistakenly disclosed causing a breach of the Data Protection Act and a breach of Trust
  5. Critical information is entered incorrectly into a computer system

“Our research shows that organisations will never be able to remove all latent risks in the protection and security of data held on IT systems, because our brains are wired to work on automatic pilot in everyday life,” he says.

“People tend to conceptualise the world around them in a simplified way. If we considered and analysed the risks involved in every permutation of every situation, we’d never get anything done! If I make a cup of tea, I don’t stop to weigh up the probability of spilling boiling water on myself or choking on the drink.”

Says co-author Dr Robert Coles, “The results showed that when asked to focus on potential problems, employees seemingly exhibit a highly sophisticated perception and categorisation of risk, and insight as to the consequences of risky scenarios. However, this perception isn’t always translated into practice and elementary errors are still happening - and will continue to happen.”

The authors say that the results are useful for highlighting blind spots in what workers perceive as risk and probability, which will enable organisations to improve their induction and training processes.

The research also highlights the need to pay closer attention to the design of information security processes themselves. “Perhaps organisations should consider involving the potential users when developing crucial business processes,” says Dr Coles. “A well designed system should not allow these mistakes to be made. We need more triggers and mechanisms in the workplace that make us stop and think before we act.”

Journal reference: The paper, A Psychometric Study of Information Technology Risks in the Workplace, by Robert Coles and Gerard P Hodgkinson, is published in the February issue of Risk Analysis (Vol 28, No 1, 2008).

The research was funded through Prof Hodgkinson’s tenure as a Senior Fellow of the ESRC/EPSRC Advanced Institute of Management programme (AIM).

*The data was released by Connecting for Health, an agency of the Department for Health charged with overseeing the Government's NHS IT upgrade. NHS staff use smartcards to access confidential patient records by keying in a six digit pin code. A total of 4,147 smartcards have been reported lost or stolen, with 1,240 since January 2007. As of 01 January 2008, a total of 429,691 smartcards have been issued to NHS staff, with the number of users eventually expected to top 1.2 million.


Story Source:

The above story is based on materials provided by University of Leeds. Note: Materials may be edited for content and length.


Cite This Page:

University of Leeds. "How Safe Are Your Personal Records In The Hands Of Government Officials?." ScienceDaily. ScienceDaily, 11 February 2008. <www.sciencedaily.com/releases/2008/02/080208133900.htm>.
University of Leeds. (2008, February 11). How Safe Are Your Personal Records In The Hands Of Government Officials?. ScienceDaily. Retrieved November 23, 2014 from www.sciencedaily.com/releases/2008/02/080208133900.htm
University of Leeds. "How Safe Are Your Personal Records In The Hands Of Government Officials?." ScienceDaily. www.sciencedaily.com/releases/2008/02/080208133900.htm (accessed November 23, 2014).

Share This


More From ScienceDaily



More Computers & Math News

Sunday, November 23, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

European Parliament Might Call For Google's Break-Up

European Parliament Might Call For Google's Break-Up

Newsy (Nov. 22, 2014) This is the latest development in an antitrust investigation accusing Google of unfairly prioritizing own products and services in search results. Video provided by Newsy
Powered by NewsLook.com
Google Announces Improvements To Balloon-Borne Wi-Fi Project

Google Announces Improvements To Balloon-Borne Wi-Fi Project

Newsy (Nov. 21, 2014) In a blog post, Google said its balloons have traveled 3 million kilometers since the start of Project Loon. Video provided by Newsy
Powered by NewsLook.com
Is Nintendo Making A Comeback With 'Super Smash Bros.'?

Is Nintendo Making A Comeback With 'Super Smash Bros.'?

Newsy (Nov. 21, 2014) Nintendo released new "Super Smash Bros." Friday, and it's getting great reviews. Could this mean a comeback for the gaming company? Video provided by Newsy
Powered by NewsLook.com
NSA Director: China Can Damage US Power Grid

NSA Director: China Can Damage US Power Grid

AP (Nov. 20, 2014) China and "one or two" other countries are capable of mounting cyberattacks that would shut down the electric grid and other critical systems in parts of the United States, according to Adm. Michael Rogers, director of the National Security Agency and hea Video provided by AP
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Space & Time

Matter & Energy

Computers & Math

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins