Information needed Response
Title and link to statistical output General Medical and Registration Services
Quarterly Series – Provisional Information to Q3
Name of producer organisation Health and Social Care Business Services
Organisation, Northern Ireland (BSO)
Name and contact details of person
dealing with report
Nigel Wilson
Tel: - 028 95363137
Name and contact details of Head of
Profession for Statistics or Lead
Martin Mayock
Link to published statement about the
breach (if relevant)
Date of breach report 11 February 2021

Information needed Response
Relevant principle(s) and practice(s) Orderly release (Principle T3, Practice T3.6 –
Statistics should be released to all users at 9.30am on a weekday)
Date of occurrence of breach 11 February 2021

At 9.00am the statistician responsible for uploading the publication to the web logged into the Health & Social Care Northern Ireland (HSCNI) website. No issues were apparent and the same statistician had uploaded a publication to the same site on the previous day without any problem.

At 9.30am she attempted to upload the publication, but encountered an error message. She received the same error message when she made a second attempt to upload the publication and phoned her line manager to alert him to the issue at 9.33am. The statistician also emailed the relevant IT Services systems analyst (at 9.36am), providing details of the error message, noting the requirement to publish at 9.30am, and eventually raised an urgent request with IT services (at 9.41am).

At 9.40am, the line manager contacted the relevant member of staff with access to upload the publication directly on to GOV.UK (where it is also published as a link to the HSCNI website) and provided them with the file to begin the upload at 9.43am. The requirement to supply a preregistered email address as a contact for alternative formats when uploading directly to GOV.UK meant the upload was delayed slightly, and the report wasn’t published on GOV.UK until 9.48am. At 9.49am, the IT Services systems analyst asked for the statistician to attempt to upload the report again on the HSCNI website, which was successful.

The issue arose as a result of a firewall upgrade performed by the security team with IT Services in the early hours of 11th February. This caused a number of IT issues across the organisation. While the internet site was working, network connections between the Content Management servers (where the content is edited) and the Web Servers (where the live content is published) were not working, resulting in the update not going live on time. By amending the configuration of settings on the firewall, IT Services resolved the problem.

This is considered only a very minor breach. These were quarterly tabular updates to the main annual publications, without pre-release access, and not considered high profile. The impact of the short delay was further mitigated slightly by the direct publication of the official statistics on GOV.UK at 9.48am, so the publication was available to users from this point and the GOV.UK pages usually appear first on a web search. No complaints from users have been received and none are expected.


  • IT Services (ITS) were notified at the earliest opportunity, including early efforts made to contact the relevant ITS specialist.
  • The publication was released on GOV.UK and available to users within 18 minutes of the scheduled release time.
  • A statement was issued beside the publication on the website, notifying users of the minor breach.


  • Although the existing website failure protocol was followed, this incident has exposed a gap in the website checking procedure leading to a delay in its implementation. BSO will amend their website check procedure to include a test upload to the website (e.g. a minor amendment to existing text or upload of blank document) at 9.00 on the morning of publication to confirm upload is possible. If this step failed, it would enable the issue to be alerted to ITS at an earlier point and protocol steps relating to alternative publishing on GOV.UK to be implemented sooner.
  • Steps will be taken to register an appropriate BSO email address with GOV.UK to enable a more immediate upload if this contingency arrangement is required. BSO will also provide feedback to NISRA on suggested improvements to the existing protocol, e.g. implement test upload, move to contingency measures more quickly, so this can be considered for incorporation in central guidance.
  • BSO will provide regular reminders of publication dates to appropriate ITS Systems Analyst, to try to avoid scheduled updates around the time of publications and reduce risk of immediate support not being available.