Pension benefit statements of hundreds of Scots NHS workers were finally recovered yesterday after a major search found they had arrived at their intended destination.
The alarm was raised on Friday after it emerged that the package containing names and national insurance numbers had not been seen since it was dispatched to Stobhill Hospital in Glasgow by the Scottish Public Pensions Agency (SPPA) on October 26.
And the government response:
Last night, John Swinney, the Scottish Finance Secretary, said he was pleased that the correct procedures had been followed to allow the pension details to be recovered at the hospital.
He said: "We were always confident that the single missing package out of 162 would be found safely, as the correct procedures were followed at all stages, enabling traceability checks to be successfully conducted.
"Even though the data contained no addresses or bank account details, we were right to take the issue seriously.
"The review under way around data-handling issues in the Scottish Government will proceed, as we are very clear that the government will deal with these important matters competently and effectively."
The UK government has had a continuing problem with unencrypted data being mailed via ordinary public courier. IT failures occur when poor policies are combined with bad judgment, and these data breaches are no exception. If there's any bright side, it's the fact that senior UK government attention is now focused on this important problem, which perhaps will lead to more stringent public regulation and more intelligent IT data handling policies.