The personal details of people referred to Bedford Borough Council's social services department are feared to be at risk after it emerged that the council does not log which of its staff access the data. Bedford acknowledged that it could not prove who accesses its SWIFT social care database during a recent investigation of a social worker accused of wrongly accessing records. But while admitting “the system does not record or log every search or screen that people view without changing any data”, a spokesperson for the council told SC Magazine UK that its approach “reflects industry practice.”

He emphasised that the council does take the security of its data extremely seriously, adding, “The council issues logins to all members of staff who need access to the SWIFT database. The individual members of staff complete their login every day with their own password and the council enforces a monthly change to the passwords for access to the SWIFT database. The system records when people log on to the system and it records when people create data in the system. The system also records what data is changed and records who has changed it via their login details.”