Psst. Hey you. Yes, you. Over here. How about sending me a heap of personal information?

I'm not choosy - in fact, the more the merrier I say. Feel free to start with the basic stuff: full name, DoB, place of birth, marital status, nationality, current address, home phone, mobile, e-mail address, previous addresses . . . national insurance number.

(National insurance number? Whoa, wait one cottoning-picking minute. That's not on.)

Come on, come on, give me some more: I'd like to know about your education (dates, subjects, grades), some references (include address and telephone), complete job history (position, start/finish, contacts and reason for leaving) and any local convictions (exclude traffic unless you were banned from driving). Oh, and don't forget to indicate any civil proceedings, arbitration or ligation, including proceedings that have led, or may lead, to a County Court Judgement or other judgement debts - anywhere in the world.

(Bloody hell! This is way past cheeky.)

Okay, okay hold on. Don't get your knickers in a knot. You don't have to send it to me because there's a chance someone else will. Yep, about a month or so ago, I received all the above information about an individual. I also know what job he was applying for, the screening level, and, because he had to confirm the information and give permission for verification, I have a copy of his signature.

I'm pretty sure I wasn't supposed to receive the questionnaire because the first page clearly stated that the information would be "treated in the strictest confidence".

The unsuspecting gentleman would have completed the questionnaire for a company I'll call ABC Pty Ltd for the sake of discretion. The form did have the caveat that it might be "given to an external organization working on our behalf to verify the information", which is exactly what ABC Pty Ltd did. (But remember it would be treated in the strictest confidence.) It was sent to an international background screening company I'll call Checks 'R Us, which while headquartered in the same country as ABC Pty Ltd, offshores at least some of its work.

What happened was that this individual had indicated that he had at one point been a member of the CIO Executive Council (a program run by CIO magazine) and verification was needed. A lovely, but somewhat incomprehensible lady from the offshore arm of Checks 'R Us rang me and asked if I would sign a form confirming membership. If I could give her my e-mail address, she'd e-mail me the form, which I did and she did.

But when her e-mail arrived there were two attachments: one the simple one-page form I needed to sign, the other an eight-page document with all the aforementioned personal and professional details.

Oops.

We write and talk at length about security issues regarding personal information. The stories of data breaches and data gone missing are rife. Organizations have a tough enough time making sure data is secure locally. At the same time organizations are hiving off parts of their business - and much more than IT jobs - to offshore destinations. The question needs to be asked if issues such as privacy are really being addressed in these situations.

I, for one, am no longer sure I have complete confidence in the strictest confidence.