Information Commissioner Richard Thomas is to take action against HMRC and MOD over data breaches highlighted by...
independent investigations published today.
The enquiries into HMRC's loss of discs containing the personal details of 25 million people and the MOD's loss of laptops containing the details of 600,000 potential recruits, exposed serious failures in both organisations.
Thomas said in statement that the reports show deplorable failures at both HMRC and MOD.
He said he would serve enforcement notices to require HMRC and the MOD to implement the recommendations in the reports.
Thomas said the breaches highlighted in the reports were not isolated and it was deeply worrying that many other incidents have been reported.
"Information security and other aspects of data protection must be taken a great deal more seriously by those in charge of organisations. No chief executive can now say that data protection does not matter," he said.
The departments will have to give feedback on their progress every 12 months for the next three years.
Failure to comply with the enforcement notices is a criminal offence. The Information Commissioner's Office (ICO) will be able to impose fines when recent changes to the Criminal Justice and Immigration Act come into force.