TUV challenges Chief Constable on data breaches
General

TUV challenges Chief Constable on data breaches

Letter from TUV Leader to Chief Constable

10 August 2023


Dear Chief Constable,

Re: Recent catastrophic data breach

I would like some clear answers arising from the above.

Is there an internal audit trail of everyone concerned in processing this request within the PSNI? (These people must be held to account.)

What supervision, and at what level, was there of those who put the information together?

At what level was the intended FOI response checked? I note references to a junior member of staff compiling the information, but is there no threshold of seniority as to who has access to such information? How, if correct, did a junior member of staff come to be handling this information?

Was the compiler a civilian member of staff, a full employee, an agency worker or a police officer?

What level of security clearance did the compiler hold?

What were the supervision arrangements in place and were they fully followed? Supervision, or lack of it, seems to me a key consideration, with scapegoating of junior staff not acceptable.

What was the status of the person(s) who signed off on the release?

What is/was the function and responsibility of a) ACC Todd and b) yourself in oversight of data handling?

Is mishandling/disclosure of sensitive/classified information regarded as gross misconduct with dismissal consequences?

As Chief Constable how far do you take responsibility for this disaster, or where does the buck stop?

I suspect you will seek to brush aside my questions under the guise of an ongoing investigation, but you should realise that public confidence in you and your staff is in play here and you should not compound the situation by prevaricating and seeking refuge from answering.

Yours sincerely,

 

Jim Allister