I thank the Member for the series of questions. I believe that the figures published are accurate. They identify the—. Our understanding is that over 4,700 staff in Wales had their data stolen from the server of the private contractor—as I say, from their servers based in Oxfordshire. I’m not aware of those affected in Scotland or in England. Those are matters for colleagues in the UK Government and in the Scottish Government. Again, I’m happy to say that my understanding and expectations are that, by the end of this week, all staff who have not been informed will have been, and that should provide reassurance to people that have not been informed. But I take on board the point that there will be people who will be genuinely concerned about whether their data has been accessed and they have not been informed as of yet.

On your finishing point on whether or not there is potential liability, well, that’s what we will need to understand as the report concludes, as to what happened in this instance, how promptly action was or was not taken, and then ultimately the respective obligations of both the NHS and the contractor. This is a specialist contractor who provides healthcare services of this type, as I say, within the UK, but also on a global basis as well. It is my understanding this is not a data breach that results from a careless leaving of a disk or a pen drive in a public place, as we’ve seen, sadly, in the recent past, but that this was a cyber-attack upon the servers. So, it’s not a case of data being left carelessly, but of course we want to look at what sort of cybersecurity this particular company had at the time, and equally, I know that Members want to be reassured that there has been an appropriate response to the attack that has taken place. So, as I say, I’ll provide as much information as I can do to be helpful in my first written statement, but as I’ve said earlier, I expect to provide a second written statement once a report is available and we’re able to share that with Members and the wider public, who will understandably be concerned.