TechTarget

Government failed to check data was secure, politicians admit

Government failed to ensure departments protected sensitive personal data, politicians admit. The government's biggest mistake in the run up to HMRC's...

Government failed to ensure departments protected sensitive personal data, politicians admit.

The government's biggest mistake in the run up to HMRC's loss of the personal details of 25 million people, was the failure to scrutinise data practices in government departments, politicians admitted this week.

Cabinet Secretary Gus O'Donnell, and Ed Miliband, Cabinet Office minister, said the Cabinet Office sent out reams of data-handling guidance to departments, but failed to ensure government departments were complying with it.

O'Donnell said, "If there is a mistake we made, it was relying too much on guidance and not enough on testing compliance.

"There was an issue that guidance is too complex, or in some cases it was not being followed at the front line. There was no way of testing if guidance was being followed."

Ed Miliband added, "It is not about issuing documents, it is about changing the culture."

They were answering questions from MPs on the Public Accounts Committee, which is holding an enquiry into data handling in government.

O'Donnell said his report, which gave recommendations on how government can better handle data, aims to address the problem.

Its recommendations included measures to improve data handling by giving the Information Commissioner the power to make spot checks on departments' data policies.

Departments - including HMRC, whose loss of two discs with 25 million personal details focused attention on the issue of data security - must train all their staff in the importance of keeping data secure. "Staff should treat personal data in the same way they treat cash," O'Donnell said.

Miliband did not agree there should be criminal penalties for civil servants who knowingly allow data to be compromised. He said, "It does not strike me as a way to achieve the ends that we want. It is easy to say, let us throw some civil servants in jail, but I do not think it will achieve very much."

O'Donnell said much of HMRC's £155m investment in data security will be spent on measures improving IT, such as encrypting all mobile devices.




CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close