|
UK Government: Cabinet Secretary publishes plan to improve data
security
(M2 PressWIRE Via Acquire Media NewsEdge)
RDATE:25062008
Cabinet Secretary Sir Gus O'Donnell today published a review of
information security in government, putting in place a new framework
for the future to improve the rules, culture, accountability and
scrutiny of data handling.
The review, which was commissioned by the Prime Minister, sets out the
wide range of actions that have already been put in place to improve
data security, and outlines what will be done to strengthen policies
further by building on existing momentum.
The changes announced in the report fall into four groups:
* Core measures. A series of mandatory minimum measures is being put in
place across government including encryption and compulsory testing by
independent experts of the resilience of systems.
* Cultural change. All civil servants dealing with personal data are to
undergo mandatory annual training. The Government will also introduce
Privacy Impact Assessments, recommended by the Information Commissioner;
* Stronger accountability. Data security roles within departments are
being standardised and enhanced to ensure clear lines of responsibility.
* Increased scrutiny. Departments will report on their performance, the
NAO will look at what they say, and the Information Commissioner is
already planning his first spot checks
The Cabinet Secretary said:
"To deliver the efficient, effective, joined-up services that people in
the 21st century expect, Government departments must be able to share
the information they hold - there are countless benefits in doing so,
from making everyday tasks easier to saving lives.
"But we can only do this good work if the public trust us to keep their
personal information safe and secure.
"Recent data losses and thefts have underlined the need for urgent
action to improve data protection right across government and to bring
about a fundamental change in culture among those who are entrusted
with the public's personal records.
"Since November the Civil Service has responded with urgency and vigour
to improve data security, and I am proud of all that has been achieved
so far. However, I am under no illusion that more still needs to be
done to restore public faith in the Government's ability to handle
personal information safely.
"Although no organisation, public or private, can ever guarantee that
it will never make a mistake, I believe the measures we are announcing
today will ensure that the public can be assured we are taking the
necessary measures to keep people's data secure."
Action already taken to improve security includes the Cabinet Office
issuing new, stricter guidelines on the handling of sensitive personal
data, 90,000 employees at HMRC being given additional security training
and the encryption of 20,000 laptops at the MoD.
Publication of the review does not mark the end of the process. Work
will continue to implement the review's findings and fresh guidance
will be issued as and when circumstances change
Notes to editors
1. The Cabinet Secretary's review of Data Handling Procedures in
Government was commissioned by the Prime Minister on 23 November 2007,
following the loss of two computer HMRC discs containing sensitive
personal data. An interim report was published on 20 December 2007.
2. The review's terms of reference were to examine the procedures in
departments and agencies for the protection of data, their consistency
with current Government-wide policies and standards and the
arrangements for ensuring that procedures are fully and properly
implemented. The Cabinet Secretary was also asked to make
recommendations on improvements that should be made.
3. The review took place alongside two independent inquiries - the
Poynter Review looking at the circumstances of the HMRC loss and the
Burton Review of the MoD laptop loss earlier this year. Both reviews
are also being published today.
4. The review took into account the work being done by the Information
Commissioner and Mark Walport of the Wellcome Trust on the security of
personal data across society as a whole, a study that began before the
HMRC loss. This report will be published later this year.
5. Independent consultant Nick Coleman has also been conducting a
long-term review of information assurance in the public sector,
commissioned in 2006. His final report is published today and has
helped to inform the Cabinet Secretary's report, and he will play a
continuing role in helping us monitor the implementation of the
measures announced today.
6. To complement today's report, Sir David Omand is examining the
handling of high security printed documents. The Cabinet Secretary is
studying the implementation of rules for handling documents, and will
take account of Sir David's findings.
Cabinet Office Press Office 22 Whitehall LONDON SW1A 2WH
CONTACT: Cabinet Office
WWW: http://www.cabinetoffice.gov.uk
((M2 Communications Ltd disclaims all liability for information
provided within M2 PressWIRE. Data supplied by named party/parties.
Further information on M2 PressWIRE can be obtained at
http://www.presswire.net on the world wide web. Inquiries to
info@m2.com)).
Copyright ? 2008 M2 Communications Ltd.
[ Back To TMCnet.com's Homepage ]
|
INDUSTRIES
Activate Email 
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO East, January 20-22, 2010. Miami, FL.
