Child Support Agency

§ Ms Gordon

To ask the Secretary of State for Social Security (1) what plans he has to review the CSA computer system; [33827]

(2) what plans he has (a) to revise and (b) to rebuild the CSA computer system. [33814]

§ Mr. Andrew Mitchell

I refer the hon. Member to the reply given by the chief executive of the Child Support Agency to the hon. Member for Rochdale (Ms Lynne), on 20 June,Official Report, column 603.

§ Ms Lynne

To ask the Secretary of State for Social Security (1) for what period of time the Child Support Agency is authorised to keep records of cases of former clients on its computer systems; [34313]

(2) what safeguards are applied to ensure that data held about former clients by the Child Support Agency cannot be accessed; [34312]

(3) in what circumstances data relating to former clients of me Child Support Agency is held on the Child Support Agency computer system after a case is closed; [34316]

(4) how many cases of former clients of the Child Support Agency whose cases have been closed still have records on the Child Support Agency computer system; [34314]

(5) what requirements are placed on the Child Support Agency to delete the records of former clients whose cases have been closed. [34315]

§ Mr. Mitchell

The administration of the Child Support Agency is a matter for the chief executive, Miss Ann Chant. She will write to the hon. Member.

Letter from Miss Ann Chant to Ms Liz Lynne, dated 27 June 1996: In the absence of Miss Chant, the Chief Executive, I am replying to your Parliamentary Questions to the Secretary of State for Social Security about the Child Support Agency Computer System (CSCS). Under the Data Protection Act 1984 the Agency is empowered to retain information for as long as mere is a business need. There are no other requirements placed on the Child Support Agency to delete records whose cases have been closed other than the Data Protection Act. The 6th Principle of the Data Protection Act is that "Personal Data held for any purpose or purposes shall not be kept for longer than is necessary for that purpose or purposes. All accesses to the CSCS require the input of a unique Personal Identification Device (PID) which registers the access on an Audit trail which is subject to management checks. In addition all devices use password techniques which prevent unauthorised access. Standard physical security practices are in place near all Agency terminals. Users of me CSCS are also restricted by the system, to updating only those areas of the system which are relevant to their duties. Data which have been archived off the CSCS cannot be retrieved through me system, but hard copy records can be obtained by authorised users. In the case of nationally sensitive or locally sensitive cases only designate officers with a higher security profile are allowed access to that case. 229W At present all closed cases are retained on die CSCS. A programme to introduce archiving and weeding of data has begun and some redundant data which have been superseded is already being removed from all cases. There are business reasons why the Agency needs to retain data for a specified period after the case is closed ie. enquiries, appeals, monitoring of cases for Secretary of State targets. There are also circumstances where it would be necessary to retain data for a longer period. This would be applicable where "Good Cause" for not pursuing a case has been established; in such a case the Agency is not permitted under its regulations to pursue the same case in future. There are other instances where it is in the best interests of Agency clients to retain data. For example, where DNA testing has been undertaken the Agency would not wish to go over ground previously covered with a client in the event of a repeat claim. The picture is complicated by the fact that a person may be linked to more than one assessment unit or case. Thus an assessment unit may be closed but die individual personal records may still be considered active if they are also linked to another open case. Similarly a person can legitimately leave an assessment unit, for example a non qualifying child, and their record closed but the actual assessment unit remain open and active. There are currently approximately 650,000 closed cases on the CSCS which represents 38% of the 1.7 million cases on die system. There are approximately 753,000 personal records which are regarded as "inactive" on die computer system which represents approximately 20% of the total 3.8 million person records on the file. These personal records include records of children. Whilst the Agency accepts the principle of removing or archiving much data from closed cases there are nevertheless important reasons to retain some evidence of legitimate clients in the event of repeat applications. It is important mat such records are retained for a longer period. I hope this is helpful.