DMBM510250 - Customer contact and data security: confidentiality: recording bank details

Some content of this manual is being considered for archiving. If there is content you use regularly, please email hmrcmanualsteam@hmrc.gov.uk to let us know as soon as possible.

Electronic recording

You should never manually record bank account details in free format notes on any of our systems.

When data is stored in this way it can be manipulated. It would also have to be made available if a request was made under the Data Protection Act which may raise concerns from our customers. For more information on the act, see DMBM513170.

Therefore, make sure you do not manually record bank account or debit/credit card details on the notes screen of any of our computer systems. This includes the IDMS Action History.

If, on further investigation, you discover there has been a breach of security, you should report it as a security incident to the Security & Information Directorate (S&ID).

(This content has been withheld because of exemptions in the Freedom of Information Act 2000)