Cabinet Secretary publishes plan to improve data security

Jenny Robins (25 June 2008  16:25)

Cabinet Secretary publishes plan to improve data security

Cabinet Secretary Sir Gus O'Donnell today published a review of information security in government, putting in place a new framework for the future to improve the rules, culture, accountability and scrutiny of data handling.

The review, which was commissioned by the Prime Minister, sets out the wide range of actions that have already been put in place to improve data security, and outlines what will be done to strengthen policies further by building on existing momentum.

The changes announced in the report fall into four groups:

* Core measures. A series of mandatory minimum measures is being put in place across government including encryption and compulsory testing by independent experts of the resilience of systems.

* Cultural change. All civil servants dealing with personal data are to undergo mandatory annual training. The Government will also introduce Privacy Impact Assessments, recommended by the Information Commissioner;

* Stronger accountability. Data security roles within departments are being standardised and enhanced to ensure clear lines of responsibility.

* Increased scrutiny. Departments will report on their performance, the NAO will look at what they say, and the Information Commissioner is already planning his first spot checks

The Cabinet Secretary said:

"To deliver the efficient, effective, joined-up services that people in the 21st century expect, Government departments must be able to share the information they hold - there are countless benefits in doing so, from making everyday tasks easier to saving lives.

"But we can only do this good work if the public trust us to keep their personal information safe and secure.

"Recent data losses and thefts have underlined the need for urgent action to improve data protection right across government and to bring about a fundamental change in culture among those who are entrusted with the public's personal records.

"Since November the Civil Service has responded with urgency and vigour to improve data security, and I am proud of all that has been achieved so far. However, I am under no illusion that more still needs to be done to restore public faith in the Government's ability to handle personal information safely.

"Although no organisation, public or private, can ever guarantee that it will never make a mistake, I believe the measures we are announcing today will ensure that the public can be assured we are taking the necessary measures to keep people's data secure."

Action already taken to improve security includes the Cabinet Office issuing new, stricter guidelines on the handling of sensitive personal data, 90,000 employees at HMRC being given additional security training and the encryption of 20,000 laptops at the MoD.

Publication of the review does not mark the end of the process. Work will continue to implement the review's findings and fresh guidance will be issued as and when circumstances change

Click here to view the report

Back to news list