A month ago the UK’s tax and customs department HMRC lost the records of 25 million citizens containing names, addresses, and bank account data among other things when a junior official sent the data on CDs through unregistered mail to the National Audit Office (who had requested de-sensitised data). Now that’s it’s come to light, there’s a huge furore, quite understandably. Heads are already rolling, and more may follow - the government’s response is that it’s the fault of officials for not following procedures.
But there’s a deeper story. HMRC has been building up a steady track record of data loss over the past few months. Where systemic failures appear repeatedly within an organisation, there’s something endemic to the culture and the knowledge infrastructure that’s causing it - I document some of these in my book including the Victoria Climbie case, Nick Leeson and Barings Bank, and the Australian immigration department’s mistaken deportation of its citizens.
So political fingers are also pointing at Gordon Brown, who was responsible for merging the HM Customs and Excise with Inland Revenue, two years ago. Large scale merger of organisations with different experience sets, different processes, different mechanisms for moving information around and deplying knowledge, is difficult enough. But when it’s followed by mechanistic analysis of the work and driven by “lean processing” what seems to have happened (according to testimony by ex-officials) is that:
- the work at HMRC has been compartmentalised so nobody has an overview of (or commitment to) the whole process
- many of the more experienced managers have left
- many of the front line jobs have been automated or merged with other roles
- many managers have been moved to new roles
- a constant pressure to cut costs has hit morale (people don’t care)
In addition, outsourcing of processes has meant that some things don’t get done because they are charged by the item. Case in point, when the National Audit Office requested the data they asked for desensitised data (eg without bank details) but HMRC apparently refused because they’d have to pay their vendor EDS for the desensitisisation.
All of these factors are classic knowledge articulation problems, where the human systems for moving and using information and knowledge are not aligned to the technical information infrastructure (processes and platforms) (more in my book). So sacking the junior official and enforcing greater compliance to rules will not help in the long run. Just as it hasn’t really helped in child protection or in Australia’s immigration department. They need knowledge management.
Thanks to Colin Mooney for the tip on the BBC’s excellent background investigations.
1 Comment so far
Page 1 of 1 pages
Comment Guidelines: Basic XHTML is allowed (<strong>, <em>, <a>) Line breaks and paragraphs are automatically generated. URLs are automatically converted into links.