Last week the British Civil Service was revealed to have mislaid a disk in the internal post with personal information (regarding Child Benefit) belonging to 15 million British subjects.

Fortunately, they were able to send another copy and all was well, until the lost disk was widely reported which has been very embarrassing for a government which is racking up an impressive array of IT national disasters.

For a more detailed account of what exactly happened, see Computer Weekly.

The points I would like to draw from the story are as follows.

• the people involved understood the risk they were taking
• resources were too short remove the sensitive bits of data
• the data was sent unencrypted
• the reason they weren't doing online data transfers probably comes down to lack of investment in information infrastructure, such as secure networks, staff training, tunnels etc.

In fact it sounds like the Platonic ideal of a humanitarian information management situation, and also like every other environment I've ever worked in.

So I guess these sorts of mistakes happen to humanitarians all the time, but with real consequences.

HM Government was obliged to tell Parliament, and now there can be lessons learned. But what happens when humanitarians make mistakes, and are we learning the lessons?