Civil Service in the news
Government data handling procedures scrutinised
The Public Administration Select Committee has questioned Ed Miliband, Minister for the Cabinet Office, and Sir Gus O’Donnell, Cabinet Secretary, on data handling issues after recent government data losses.
On Tuesday 15 July, The Public Administration Select Committee (PASC) held a one-off session on data handling in government, prompted by the series of recent data losses and breaches in government, including the loss of two discs containing the Child Benefit records of 25 million people in October 2007.
The session explored the issues raised by the data losses for how Government conducts its business and looked at the Government's proposals for improving how information is used and kept secure. It is relevant to the Committee's current inquiry into good government.
The select committee questioned Ed Miliband, Minister for the Cabinet Office, Sir Gus O'Donnell, Cabinet Secretary, and John Fiennes, a senior civil servant.
Ed Miliband said,
‘across government and across the whole of our society, there is a need to raise our game to do better in terms of the culture of protecting personal data and security.’
Gus O'Donnell said that he recognised that this is particularly important in the public sector, as the public give a lot of information about themselves. He said,
‘it is really important for the public that we are able to give them better public services by earning their trust by protecting the data so that we can use it to improve the public services we offer.’
He said that the report on data handling just published by the Cabinet Office outlined what departments must do to improve their data handling procedures. However, he said that he didn't wait for publication to ban the use of unencrypted laptops containing large amounts of personal data.
‘We have given the Information Commissioner the power to conduct spot checks in departments and, basically, the review set out a framework to allow us to improve matters - through training, through sensitising people to the fact that data are as important as personal wealth.’
He said that online filing at HMRC had continued to go up, despite the data-loss last year, and so people are trusting departments ‘in increasing numbers’.
Gus said that he takes data security incredibly seriously.
‘We are training the whole of HMRC on this. No matter how senior, how junior, it is important that we train them all. For every individual case…it will then be clear who the information asset owner for that area is.’
Changing technology is also vital, he said.
‘I think that the most secure system is if we can encrypt the data at origin, send it to an encrypted receiver, and then it does not ever go through the post. It is just a purely electronic transfer of encrypted data.’
‘If there is a mistake we made it was in relying too much on guidance…and not enough on testing the compliance with that guidance. Certainly my report really concentrates on making sure that not only have we got the right guidance but that everybody implements it, and that we have methods of scrutinising whether they are doing that.’
More information:
