Central government should look to local government for ideas about best practice in data security, according to the Parliamentary IT Committee (Pitcom).
The information commissioner should have "sharper teeth", permanent and contract staff should be vetted, and new laws, regulations, officials and agencies are needed to focus on data fraud, the committee said in its latest briefing "Who Can Access My Data?"
Pitcom uses Birmingham City Council as an example for the government to follow, saying "Data security is factored into corporate audit processes every year."
The briefing quotes Glyn Evans, transformation policy leader at Birmingham, saying, "We have internal and external auditors, and there is a strong focus on security of and access to personal data.
"After all, it is linked to the financial well-being of the authority. This practice is commonplace in the larger local authorities."
Gillian Merron, cabinet office minister, told Pitcom the government would have to respond to the current crisis in public confidence by consulting with citizens on what data needs to be shared to improve services.
But the briefing also quotes Toby Stevens, director of the Enterprise Privacy Group, saying it is "very difficult to build public trust in an environment where the perception is that no action will be taken against breaches of that trust".
The committee said the government has so far been slow to act on the issue of data security.
"The UK government has been idle in issuing guidance in this vital policy area - the biggest problems have been in implementation."