Outsourcing firm Capita has refused to say when it first became aware of a computer bug that risks corrupting pupil data across the country.
The company quietly announced the error with its school information management system (SIMS) on July 12, the same day it was awarded a £109 million contract to manage primary school tests by the DfE’s Standards and Testing Agency.
The problem is thought to originate from an update that was installed on the system in December 2017, which could affect up to 23,000 schools, and may have incorrectly linked contact details to the wrong pupils.
A spokesperson for the DfE would not comment on when it was first made aware of the problem with Capita SIMS, or whether the testing contract was handed to the company despite this, but said the government would “ensure that the contract is managed rigorously and effectively”.
Schools Week asked a Capita spokesperson four times when they first became aware of the bug, but did not receive a response.
Instead, the spokesperson said the contract awarded by the DfE “will be delivered by a completely separate part of Capita” and that it would be “incorrect to make a link between the two”.
Capita said that it took “immediate steps” to fix the problem after the company “identified isolated instances where the contact details of new applicants to a school have merged with those of existing pupils.
“This has only happened on rare occasions where the first name and surname of the pupils’ listed contact are an exact match.”
Jen Persson, director of data privacy advocates Defend Digital Me, warned that although schools may be able to identify which files have been corrupted, any organisations they have already shared the data with – including the government, local authority and social services – will have no way to tell what is correct and incorrect.
“The question is whether Capita really didn’t know any sooner, in which case it’s shocking that they would let such a significant error continue for so long without proper checks. Or did they know sooner but chose not to tell people?
“They aren’t being very transparent.”
Persson said one school had identified 100 records that had been affected and, although Capita have released patches for schools to install to stop the problem happening again and to identify which files have been corrupted, it seems that all infected files will have to be fixed manually.
Malcolm Trobe, deputy general secretary of the Association of School and College Leaders, said data errors of this kind are “extremely problematic”.
“It’s absolutely vital that all companies – not just Capita – that deliver management information systems have them thoroughly tested so these types of errors don’t happen.
“Sharing anything confidential or sensitive with the wrong parents could be a real data breach.
“Capita can’t absolve themselves of responsibility.”
The government’s last attempt to outsource SATs to a single company was made in 2007, when American firm ETS Europe took over. The contract was terminated the following year, as a result of problems with the administration and marking of the tests. The debacle eventually triggered the scrapping of SATs for 14-year-olds.