(2) how many employees of each grade in her Office (a) have access to confidential or sensitive data and (b) are authorised to download such data to disc; how many of her Office’s employees have undergone data protection training in the last 12 months; what the average length of time is that each employee of her Office has spent on data protection training; how many investigations of employees of her Office for improperly accessing confidential information have taken place in the last 12 months; how many such investigations resulted in cases of disciplinary action; and what the circumstances of each of those cases was;

(3) how many occasions in her Office confidential data have been downloaded onto compact discs (a) without and (b) with encryption in the last 12 month period for which figures are available; how many of those discs have been posted without using recorded or registered delivery; what procedures are in place for the (i) transport, (ii) exchange and (iii) delivery of confidential or sensitive data; what records are held by her Office of information being sent outside the Office; on how many occasions her Office’s procedures and rules on data protection have been breached in the last five years; what those breaches were; and what procedures her Office has in place on downloading confidential data onto computer disks before transfer.