Mike Simons Police auditors have found an 86% error rate on the
Police National Computer (PNC).
The findings could place the police service in breach of the
1998 Data Protection Act, which requires organisations to keep
records accurate and up-to-date.
In addition, those affected could seek financial compensation
for police use of inaccurate records.
The audit, seen by Computer Weekly, was carried out by
the Metropolitan Police's Security Inspection Unit. It validated
600 records held on the PNC against source documentation held at
police stations.
"The overall error rate for this audit was 86%, which is wholly
unacceptable," the report said. "This represents a 34% increase on
the error rate of 64% for the same divisions audited in 1997.
"Eighty five per cent of the overall error rate is composed of
major errors, for example, those that could potentially lead to
serious consequences, with the possibility of financial
compensation awards to those affected."
The research is bad news for the Government, which plans to
introduce a Criminal Records Bureau (CRB) next year. The Home
Office estimates the CRB could eventually carry out 12 million
record checks a year.
The Government has already admitted its concern about the state
of data on the PNC. Home Office minister Charles Clarke admitted,
"We recognise that there are shortcomings in the accuracy of
records, which need to be addressed, especially given that the CRB
will come into operation from July 2001."
Clarke added, "The police service is working to improve the
accuracy of criminal records and the Association of Chief Police
Officers has produced proposals for enhancing police data
handling."
Jonathan Bamford, assistant data protection commissioner, told
Computer Weekly that the police were not excluded from the Data
Protection Act.
"If a Metropolitan Police internal audit found errors, then I am
concerned," he said. "We would not take a different stance to
breaches by the police than we would to a commercial organisation.
In some cases, we would be more concerned because the consequences
of mistakes could be more severe."
Bamford also warned, "The CRB will have access to a sub-set of
data on the PNC and we are concerned that it is of high quality. It
will be in the police's best interests to make sure its house is in
order."
Explaining the findings, a Met spokesman said, "We are confident
the level of error indicated through this audit bares no relevance
whatsoever to the accuracy of the PNC records in their entirety."
He said the method used in the audit was extremely stringent, with
a 30-minute time limit on record sourcing.
However, the auditors made plain that the method they used was
specified in the Association of Chief Police Officers' Data
Protection Audit Manual and was the same at that used in the 1997
audit.