(2) on how many occasions in (a) his Department and (b) its agencies confidential data have been downloaded on to compact discs (i) without and (ii) with encryption in the last 12 month period for which figures are available; how many of those discs have been posted without using recorded or registered delivery; what procedures his Department has in place for the (A) transport, (B) exchange and (C) delivery of confidential or sensitive data; what records are kept of information held by his Department being sent outside the Department; what changes have been made to his Department's rules and procedures on data protection in the last two years; on how many occasions his Department's procedures and rules on data protection have been breached in the last five years; what those breaches were; what procedures his Department has in place on downloading confidential data on to computer discs before its transfer; what technical protections there are in his Department's computer systems to prevent access to information held on those systems which is not in accordance with departmental procedures; and if he will place in the Library a copy of each of his Department's rules and procedures on the protection of confidential data on individuals, businesses and other organisations;
(3) how many employees of each grade in his Department (a) have access to confidential or sensitive data and (b) are authorised to download such data to disc; how many of his Department's employees have undergone data protection training in the last 12 months; what the average length of time is that each employee of (i) his Department and (ii) his Department's agencies has spent on data protection training; how many investigations of employees of his Department for improperly accessing confidential information have taken place in the last 12 months; how many such investigations resulted in cases of disciplinary action; and what the circumstances of each of those cases were.
(2) how many breaches of data protection security there were in (a) his Department and (b) his Department's agencies in each of the last five years; and if he will provide details of each breach.
I refer the hon. Member to the statement made by my right hon. Friend the Prime Minister on 21 November 2007, Official Report, column 1179. The review by the Cabinet Secretary and security experts is looking at procedures within Departments and agencies for the storage and use of data. A statement on Departments' procedures will be made on completion of the review.
I refer the hon. Member to the statement made by my right hon. Friend the Prime Minister on 21 November 2007, Official Report, column 1179. The review by the Cabinet Secretary and security experts is looking at procedures within departments and agencies for the storage and use of data. A statement on departments’ procedures will be made on completion of the review.