Previous Section Index Home Page

The following day, Thursday 26 April, it became apparent that junior doctor applicants, who have secure access to MTAS, could randomly access another candidate’s messages on the messaging facility—used, for instance, to inform candidates about interview appointments—by varying the digits of their own message reference. It appears that, although the content of the message could be accessed, details of the sender and recipient could not be accessed. The Department of Health was advised of this second
1 May 2007 : Column 1368
problem at 3.45 pm on Thursday and informed the contractor, which closed the messaging facility. The whole site was then suspended just after 5 pm and remains suspended.

In view of the two lapses, the IT contractor, Methods, immediately appointed an approved security company, MWR InfoSecurity, to carry out a full security review and penetration testing. Some weaknesses were identified and MWR InfoSecurity has been working with the contractor to rectify them. However, to provide further reassurance, the national technical authority for information assurance, Communications Electronic Security Group, is also advising the Department, and the MTAS site will be re-opened as soon as we have the necessary security assurances.

Those two security breaches were utterly deplorable. They should not have happened and appropriate steps are now being taken. However, there is no evidence that members of the public or other unauthorised people, apart from ITN and “Channel 4 News”— [Laughter.] I am very sorry that the Opposition regard this as a matter of such enormous levity. There is— [Interruption]

Mr. Deputy Speaker (Sir Alan Haselhurst): Order. The Secretary of State must be allowed to proceed with her statement so that all Members of the House can hear what she is saying.

Ms Hewitt: Thank you, Mr. Deputy Speaker. There is no evidence that members of the public or other unauthorised people have in fact accessed personal information on MTAS. Furthermore, no applicant for the foundation programme or specialist training will be disadvantaged because of the two security breaches.

Already, following the recommendations of the review group chaired by Professor Neil Douglas, junior doctors have been offered the opportunity to change their training preferences. Following successful testing by junior doctors from the British Medical Association and the Academy of Medical Royal Colleges, nearly 26,000 specialist training applicants have reviewed their initial preferences and either revised or confirmed them. That process took place between 20 and 23 April, using MTAS, without security or technical problems. Where issues arose about a candidate’s ineligibility, they will be resolved by the relevant deanery, which determines eligibility.

As a result of the changes made to application preferences by junior doctors, around 15,500 additional interviews will be offered in England during the extended round 1. Although some interviews will be delayed because of the security problems, we still expect them to be completed by early June.

There is no doubt that confidence in the applications system, MTAS, has been further damaged by these deplorable security breaches. That is why the Department and I are taking them extremely seriously and taking appropriate action. I apologise again to junior doctors or foundation programme applicants who have been caused anxiety or, in some cases, inconvenience as a result. I will, of course, continue to keep the House informed of further developments.

1 May 2007 : Column 1369

Mr. Andrew Lansley (South Cambridgeshire) (Con): Once again, the Secretary of State has had to make a statement to the House about the appalling shambles that has become the Government’s system of selecting training for junior doctors. I am sorry that the Secretary of State could not bring herself to say sorry. [Interruption.] It is interesting that in the copy of the statement that she sent to me beforehand, the word “sorry” does not appear at all.

The right hon. Lady must understand that the most outrageous security breach has occurred. It is astonishing that in her statement she did not tell the House what kind of data we are talking about—not only the application, but personal details, address details, references, the religious denomination of the applicants, their sexual orientation and full details of their criminal records check, including previous police records. It is astonishing that such an outrageous security breach could have happened.

The Secretary of State has not yet told us on what basis the breach occurred and what the consequences are. She said in her statement that the information was accessed from 21 internet addresses, mostly belonging to postgraduate deaneries—mostly. We do not know precisely who they were. Does she know who all those 21 internet addresses belong to?

The Secretary of State has said that there is no evidence that members of the public or commercial interests accessed the site. She may not have the evidence, but can she say that it is her certain knowledge that members of the public or commercial interests did not access the site? As it turned out, there was not only one, but two security breaches.

The Secretary of State must have known about the problems, because of, for example, the following letter to her from the British Orthopaedic Trainees Association on 5 March:

She knew that there were problems with security on the site, and her Department did not take the necessary action to prevent that gross security breach.

Will the Secretary of State explain why on the morning after the breach her Minister, Lord Hunt, went on to the “Today” programme, where, having being asked by Jim Naughtie why it had happened, he said:

Jim Naughtie asked:

Lord Hunt replied:

What was the justification for the Department putting out that information to the public and junior doctors on the day after the breach occurred? If the Secretary of State cannot guarantee security—she has failed lamentably in this case—what possible guarantee can there be for the patient record data, which will be loaded on to the electronic patient record? We need much greater assurance.

1 May 2007 : Column 1370

The Secretary of State went on to discuss what is happening now to junior doctors. She said that they are continuing to go through the process without further security or technical problems. I have received 14 examples of occasions when junior doctors have gone on to the site to try to book interviews. They have seen their preferences change; they have seen interviews being booked for two weeks prior to their application; they have seen double interviews; they have seen their eligibility disappear; and they have been told that there are no vacancies, but when they have telephoned, they have been told that there are choices. The system is not working. It is probably just as well that it has been suspended, because it needs to be suspended until we are satisfied about both security and the technical problems.

How can the Secretary of State simply assume that the timetable will be met? According to the review group’s plan, junior doctors should have started booking their interviews on Saturday and completed the process by this Thursday. We are four days into the process, and the site is still suspended. In theory, junior doctors have only 48 hours in which to book their interviews in order to maintain the timetable.

We had a debate last week, from which there are still outstanding questions that the Secretary of State must answer. Her Department asked trusts across the country through strategic health authorities to provide applications for additional training posts, and the trusts were asked to send in those applications by 27 April, which was last Friday. How many applications has she received? What opportunity is there now for additional training posts to provide the flexibility for junior doctors to have greater confidence? Will she assure the House that flexibility will be given to Professor Sir John Tooke’s group for next year by adding training posts this year and next year and by ensuring that wherever possible temporary, one-year training posts are appointed this year, rather than all the posts going on run-through training posts?

Does the Secretary of State not understand that the lamentable shambles that has brought her to this House on, I think, four occasions—we have brought her here twice—has done untold damage to the confidence of the medical profession in the way in which its education and training is being managed. It is down to the profession to restore confidence, and I hope that Sir John Tooke and his colleagues will be able to do so.

Frankly, the medical profession has lost confidence in the Secretary of State. Last Saturday, the British Medical Association junior doctors committee unanimously called on her to resign. I know that she will not walk, but the next Prime Minister ought to move her, and I hope that he does so. Does she not understand that there are two words that junior doctors across this country want to hear her say when she gets up and that those two words are, “I resign”?

Ms Hewitt: The hon. Gentleman asked a series of questions; let me deal with them in turn. He asked about who exactly accessed the site after the first breach. As I indicated, our security investigators have established that access was made from 21 different addresses, the great majority of which belonged to postgraduate deaneries. I am confident, from that
1 May 2007 : Column 1371
investigation, that no members of the public or other commercial organisations accessed the site. Those investigations are continuing, and as more information is established appropriate action will be taken.

The hon. Gentleman referred to shortlisters having access to applications. It was part of the system designed at the request of the postgraduate deaneries that those assessing applications should be able to access the full range of applications because in some cases multiple assessments were being made.

On the leak, we have still not been able to establish how “Channel 4 News” came to be told of the existence of these unprotected website pages. However, since the address of the website page for each of the postgraduate deans included a randomly allocated number, it seems highly unlikely that it was by accident. That is why my noble Friend Lord Hunt made the statement that he did on the morning following this outrageous security leak.

The hon. Gentleman referred to the electronic patient record system. That is a completely separate system established under completely different security and governance arrangements and with a very well developed security compact with patients and the public. It is currently being trialled in various parts of the country, and so far patient response has been extremely good.

The hon. Gentleman referred to junior doctor candidates changing their preference for applications. It is perfectly true that in a relatively small number of cases people were told inaccurately, or rather were told that there were no vacancies or that there were question marks about their eligibility. That did not come from the MTAS site but was a matter for the deaneries. It was not a fault in the MTAS site, nor did it have anything to do with security breaches; it was a matter for the deaneries, and it is being sorted out where necessary between the individual postgraduate deaneries and individual applicants.

More than 40,000 interviews were arranged initially as part of round 1, and that part—now round 1A—has been completed. As I said, more than 15,000 new interviews are being made available in round 1B. Some of those appointments were sent to junior doctor applicants before the security breach and therefore the suspension of the site; others, of course, have not been confirmed because of the site’s suspension. However, if the hon. Gentleman looks, for instance, at the London deaneries website, he will see that applicants have been informed through that site that interviews are planned to start on 8 May and that candidates will be contacted either through MTAS, when that is restored, or through other administrative arrangements if necessary.

I can confirm to the House that, as I said last week, we are working with postgraduate deaneries and with the service to create new training posts that will help to meet the aspirations of junior doctors but will also meet the needs of the service. We will confirm the number and the specific specialties, where they will be available, as quickly as we can.

Mr. Kevin Barron (Rother Valley) (Lab): Can my right hon. Friend confirm that the leaks that took place on the site last week are nothing at all to do with the
1 May 2007 : Column 1372
electronic patient records that run inside the national health service, and that the words of the Opposition Front-Bench spokesman are nothing more than irresponsible scaremongering from backwoodsmen?

Ms Hewitt: My right hon. Friend makes his point with great force, and I entirely agree.

Norman Lamb (North Norfolk) (LD): This is the fourth occasion on which we have debated this scandalous sequence of events.

The Secretary of State sought to reassure us that the only web addresses that accessed information were at one of the country’s main news organisations, which is not particularly reassuring. Even so, does she accept that the situation could have been far worse and that far more accesses could have been made in other circumstances? Will the right hon. Lady also concede that the information could have been passed on by those who accessed the site?

The Secretary of State said that the overwhelming majority of internet addresses were at ITN, but that suggests that not all of them were there. Where were the others? Are they being investigated? What has been discovered so far?

Will the right hon. Lady concede that the real outrage is that the matter could and should have been avoided through adequate piloting to identify exactly that sort of risk and if the Government had listened to all the warnings that were being given? Does she accept that she knew about IT glitches? The letter from the British Orthopaedic Trainees Association has already been mentioned. What action did she take when she received it to investigate the concerns?

The website states:

whatever that means—

When is it expected to resume? Methods Consulting runs MTAS. The Secretary of State referred to a breach of contract. What action is being considered about that? Could the actions—or inaction—of Methods Consulting or others amount to a criminal offence under data protection legislation? Will that be investigated? Will a thorough, independent investigation—not by a company that Methods Consulting brings in—take place into the causes of the security lapses and to ascertain whether other breaches, about which we do not know, occurred?

How many individual medical graduates’ confidential information was accessible? We know that only a few people accessed it, but how many people’s confidential information was accessible to anyone who sought to find it? As we have heard, Remedy UK has received numerous details from junior doctors of strange glitches, such as preferences being changed without their knowledge.

The hon. Member for South Cambridgeshire (Mr. Lansley) gave other examples, but an especially serious example was that of Dr. Hua Luk, a Surrey-born doctor and a British citizen who was told that his application had been rejected because he did not have the correct immigration status. That is a scandal. Does not that evidence show that the system is discredited?

1 May 2007 : Column 1373

I have repeatedly questioned the Secretary of State about whether it is logistically possible to conduct all the extra interviews in the time scale provided. With the website down, what guidance is being given to applicants about arranging interviews? What faith should we have in NHS IT and the Government’s plans for a national spine of patient data when such a debacle occurs?

Ms Hewitt: I entirely agree with the hon. Member for North Norfolk (Norman Lamb): it was a serious, deplorable breach of security, as I have already said. It could have had far more serious consequences.

The hon. Gentleman referred to those—one or more individuals—whom we know accessed personal information without authority. It is a matter for their employers—and possibly others—to establish whether the personal information that they accessed was made available to other people.

The hon. Gentleman asked about the 21 addresses and establishing precisely who accessed information from each address. As I said, those investigations are continuing. He referred to piloting. I have no doubt that it is useful—indeed, we piloted the system for the re-preferencing exercise with the help of the BMA and academy junior doctors and it worked well. However, the security breach that occurred last Wednesday was simply due to a decision by an individual at the IT contractor. It was a case of human error, which I am afraid that piloting could not have predicted or prevented.

The hon. Gentleman asked when the website would be restored. As I said in my statement, that will happen as soon as we are satisfied about security. He asked whether investigations are continuing, who by and whether criminal offences might have been committed. It is possible that criminal offences have been committed but we will not know that until the investigations have proceeded further.

Perhaps I could stress to the hon. Gentleman that, as I said in my statement, in order to establish the enhanced level of security that I believe is now necessary—given the publicity that the site has attracted and the danger of further or additional attempts to hack into it—we have brought in the country’s leading experts on the subject: the Communications Electronics Security Group in Cheltenham, which is part of the National Technical Authority for Information Assurance, will be quality assuring the security arrangements.

Next Section Index Home Page