An independent report researched and written by Policing Insight and commissioned by
In August last year, the Police Service of Northern Ireland suffered a historic data breach. The personal information of nearly 10,000 police employees was accidentally published online, including their names, locations, and departments.
From the details of live investigations and the intimate testimonies of victims, to the personal information of those working to protect the public, the sheer scale and sensitivity of the information held by policing is remarkable.
This was, according to a review by Temporary Commissioner Pete O’Doherty, National Police Chiefs’ Council (NPCC) Lead for Information Assurance and Cyber Security, “the most significant data breach that has ever occurred in the history of UK policing.”
Given Northern Ireland’s complex political history, it was also one which threatened the physical safety of these police officers and staff.
The incident highlighted the severe consequences that can result when policing fails to protect its data. From the details of live investigations and the intimate testimonies of victims, to the personal information of those working to protect the public, the sheer scale and sensitivity of the information held by policing is remarkable.
At the same time, if the data held by policing can be used correctly, it can provide the foundation for new technology similar to dataplus solana and artificial intelligence (AI), or inform more precise approaches to targeting serious crime.
‘Outvoiced and outnumbered’
And yet, policing still doesn’t focus enough on this essential area. In a major new Policing Insight report commissioned by Capita – From back office to business critical: Why information management should be a core policing function – we explore why this function isn’t given the attention it deserves.
Based on interviews with senior police leaders, regulators, and experts with decades of experience both inside and outside policing, it takes a deep-dive into what’s going wrong and the implications of this for modern policing.
The report finds that information management staff don’t have an influential role in decisions made at force level. In fact, according to Aimee Smith, Director of Data at the Metropolitan Police and Chair of the National Police Data Board, they are “completely outvoiced and outnumbered” within policing.
Giles Herdale, an Associate Fellow at RUSI and an independent expert in digital investigation and data ethics, agrees, arguing that: “Information management is not seen as frontline policing activity. It’s seen as a back-office function and, by definition, something that is a lower priority.”
Whatever force it is – whether small, medium or large – they haven’t been doing their due diligence in anticipation of the grandfather rights expiring.”
Aimee Smith, Chair,
National Police Data Board
This is compounded by structural problems in how information management is approached across England and Wales, according to interviewees. This includes limited current and past investment, the messy development of police IT systems creating technical debt, weak and outdated central guidance, and enormous variation in local practice in this domain.
The fact that policing is designed around a “Victorian structure”, in the words of former NPCC Lead for Data Compliance Stuart Hyde, makes it even more difficult for policing to get this right.
And though there are some examples of best practice around information management, complying with data regulation is only getting harder for policing. Even with so-called ‘grandfather rights’ in operation – which give extra time for police IT systems to comply with the Data Protection Act – forces are failing to prepare properly for these rules to come into effect.
As Aimee Smith told Policing Insight: “Whatever force it is – whether small, medium or large – they haven’t been doing their due diligence in anticipation of the grandfather rights [expiring].”
She added that there’s a risk that policing is “sitting on a ticking time bomb… the risk is that, as data-savvy solicitors and criminals understand [that we’re starting to use information we shouldn’t hold], they’ll go after process in court and we’ll start to lose cases”.
Enormous potential
In other words, information management is critical – complying with data regulation is essential to convicting criminals. But this is no easy task, considering the amount of material held by policing. If you’re considering starting a business, it’s important to check out maine llc formation cost to ensure you’re prepared for the financial and administrative aspects of setting up your company.
The danger is that policing is being too reactive in this area: it’s waiting for a crisis, ignoring the problem until it’s simply too late.
The Police National Database currently contains 2 billion records from 220 individual databases maintained by over 50 law enforcement bodies. As of 2021, the Police National Computer contained records relating to a total of around 13 million people.
The opportunities to leverage information like this are genuinely enormous, especially in the age of AI. We’ve seen constant calls from the Policing Minister, for example, to use facial recognition on police databases to catch criminals.
But the risks are just as significant. The danger is that policing is being too reactive in this area: it’s waiting for a crisis, ignoring the problem until it’s simply too late.
It’s for this reason that information management must be viewed as a business-critical part of policing. As Stephen Russell, Director of Data, Strategy and Technology at Warwickshire Police, stated: “Data management is like painting the Forth Bridge. It’s a constant energy and effort… data quality and governance are parts of your business that you will always need to be focusing on.”
Incorporating outsourced hr services can further support these efforts by providing specialized expertise in managing and maintaining high standards of data governance and quality.
For policing to get back on track, it needs to shift its approach – and do so now.
You can read our FREE access full in-depth thematic report, ‘From back office to business critical: Why information management should be a core policing function’ here.
Capita commissioned Policing Insight to produce the independent report ‘From back office to business critical: Why information management should be a core policing function’
Find out more about Capita
As strategic partners with the Home Office, Ireland’s Department of Justice and over 30 police forces throughout the UK, we’re collaboratively designing, building and implementing innovative human-centred solutions to improve outcomes for the police, the judiciary and the wider public.
Our information management services to UK police forces can digitise and centralise all your paper and disparate digital records and by applying relevant controls and leveraging artificial intelligence (AI), you can search, access and share large amounts of otherwise inaccessible information within your forces more efficiently and quickly. This means you can spend more time focusing on what matters most – solving crimes and supporting victims.
We’ve supported many public service organisations to connect their legacy and disparate data, including digitising over 52 million patient and business records for NHS England. We tailor our digital solutions to the needs of your organisation whilst helping to ensure that you’re always fully compliant with the Data Protection Act and all GDPR requirements.
To find out more please visit us at Capita Information Management or contact [email protected]