Government departments cannot prove they comply with Data Protection Act, says identity specialist

Government departments have failed to put in place basic data protection policies, despite recent major information breaches and the impending introduction of ID cards.

Government departments have failed to put in place basic data protection policies, despite recent major information breaches and the impending introduction of ID cards.

A series of 14 Freedom of Information (FoI) requests supplied to online identity specialist Garlik reveal that government departments, including HM Revenue and Customs (HMRC), Department for Work and Pensions (DWP), Department of Health, Ministry of Defence (MoD) and the Independent Police Complaints Commission, lack basic systems for proving compliance with the Data Protection Act (DPA).

The responses received to date demonstrate worrying gaps in the government's handling of Britons' personal information, said Garlik.

Of the 14 government departments responding to FoI requests, most admitted to all of the following:

- No written data correction policy or protocol in place

- No allocated funds for correcting erroneous data

- No statistical data regarding erroneous data correction

- Never having been subject to an independent audit in order to prove compliance with the Data Protection Act

Tom Ilube, CEO at Garlik, said, "With HMRC and DWP data breaches fresh in people's minds, these admissions reflect a surprising disregard by government for the value of our personal information.

"These gaps and the absence of independent audits point to the root causes of the recent data breaches - a lack of robust accountability."

Add to this that ID cards, a national identity register and huge NHS databases are on the horizon, people's main concern should be that data held about them by government is correct, and that important decisions about them are not based on errors, said Ilube.




Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close