Central government should look to local government for
ideas about best practice in data security, according to the
Parliamentary IT Committee (Pitcom).
The information commissioner should have "sharper teeth",
permanent and contract staff should be vetted, and new laws,
regulations, officials and agencies are needed to focus on data
fraud, the committee said in its latest briefing
"Who Can Access My Data?"
Pitcom uses Birmingham City Council as an example for the
government to follow, saying "Data security is factored into
corporate audit processes every year."
The briefing quotes Glyn Evans, transformation policy leader at
Birmingham, saying, "We have internal and external auditors, and
there is a strong focus on security of and access to personal
data.
"After all, it is linked to the financial well-being of the
authority. This practice is commonplace in the larger local
authorities."
Gillian Merron, cabinet office minister, told Pitcom the
government would have to respond to the current crisis in public
confidence by consulting with citizens on what data needs to be
shared to improve services.
But the briefing also quotes Toby Stevens, director of the
Enterprise Privacy Group, saying it is "very difficult to build
public trust in an environment where the perception is that no
action will be taken against breaches of that trust".
The committee said the government has so far been slow to act on
the issue of
data security.
"The UK government has been idle in issuing guidance in this
vital policy area - the biggest problems have been in
implementation."