Breach all about it!
All official statistics need to be produced and published in line with the standards outlined in the Code of Practice for Statistics. A breach occurs when one of these standards is not kept to.
If a breach or a suspected breach occurs, the first thing you should do is raise it with your Head of Profession. Reporting breaches means being open about mistakes and the actions being taken to correct them. It is important for building public trust in statistics and for producers of statistics to learn and improve.
The Good Practice Team are here to help. We can work with you to understand if a breach has occurred, work through the process with you and liaise with the Office for Statistics Regulation on your behalf. As part of our wider Best Practice and Impact offer, we can also help to ensure that similar breaches don’t happen again through our multitude of training courses and guidance. We can also visit your department to provide you with assistance on any methodological, quality, presentation or harmonisation issue.
How many breaches have there been?
Between 2009 and 2019, the UK Statistics Authority published 415 breach reports. That’s 37.7 breach reports each year on average.
Almost half of these breaches involved the sharing of unpublished statistics with individuals not on an authorised Pre-Release Access (PRA) list. This means that statistics, or the nature of the statistics, were circulated earlier than the publication date to individuals that shouldn’t have early access to them. This is usually to wider team members and those internal to the organisation.
135 of the breaches involved publishing statistics later than pre-announced. This could happen for a variety of reasons, including:
- technical or caching issues with the hosting website
- mistakes spotted in the data before publication
- lack of resource
- human error
Other reasons why breaches have occurred are data disclosure issues, statistics failing to be pre-announced or an out of date pre-release list.
Top tips based on our analysis
Clearly mark your documents and e-mails
Ensuring that it is clear from the offset that the information within a document or e-mail is only intended for the recipient and should not be shared further can head off forwarding. The Learning Platform for Government (formerly Civil Service Learning) has free online courses related to labelling and handling of documentation called responsible for information.
Determine who really needs the pre-release access
In 2017 the Office for National Statistics stopped giving pre-release access for its publications (although this has been reinstated for a few publications during the coronavirus (COVID-19) pandemic). We recognise that not all departments are able to do this, but you can make sure that only those who strictly need pre-release access are granted it. You can also regularly review it to check that those on the list still need and use their access.
Use a role-based e-mail rather than person
Some departments have found it useful to have a PRA list that is based upon role, along with role specific e-mail addresses. This means there is not a need to update the list every time someone moves role. However, the list should still be reviewed on a regular basis.
Automate where possible
Human error contributed to many breaches, whether this was a person forwarding an e-mail when they shouldn’t, pressing send too early or not pressing send at all! Many websites allow you to schedule a publication to go out at a specific time, reducing the risk of someone not publishing at the correct time. You can also schedule e-mails to be sent via some programmes, such as Outlook 2016, although it is worth noting this will only send if you are logged in at the time (otherwise it will send as soon as you next log in after the scheduled date).
Speak to us!
If you have had a breach and want some help on how to avoid it in the future get in touch with the Good Practice Team as part of the breach reporting process.
Where can I find out more?
Guidance for reporting breaches of the Code of Practice for Statistics
The Good Practice Team have just released a new update to the guidance on reporting breaches of the code. This includes a step-by-step guide how to report a breach, help on completing the breach reporting template and common examples of breaches. You can also find an updated breach reporting template in this guidance.
Online Code of Practice
The online Code of Practice is much more than a way of accessing the principles and practices or a place to find and download a PDF copy of the code. It contains a range of other information that will help you understand the code and think about how to apply and comply with the practices.
If you have any questions on the breach reporting process, the Good Practice Team are always here to help. We can also advise you on how to meet the requirements of the Code of Practice for Statistics when producing and disseminating statistics. We work closely with the Office for Statistics Regulation (OSR) to ensure that our advice, guidance and training is up to date. Just email email@example.com with your query and one of the team will get back to you.