(2) on how many occasions in (a) her Department and (b) its agencies confidential data have been downloaded on to compact discs (i) without and (ii) with encryption in the last 12-month period for which figures are available; how many of those discs have been posted without using recorded or registered delivery; what procedures her Department has in place for the (A) transport, (B) exchange and (C) delivery of confidential or sensitive data; what records are kept of information held by her Department being sent outside the Department; what changes have been made to her Department’s rules and procedures on data protection in the last two years; on how many occasions her Department’s procedures and rules on data protection have been breached in the last five years; what those breaches were; what procedures her Department has in place on downloading confidential data on to computer discs before its transfer; what technical protections there are in her Department’s computer systems to prevent access to information held on those systems which is not in accordance with departmental procedures; and if she will place in the Library a copy of each of her Department’s rules and procedures on the protection of confidential data on individuals, businesses and other organisations;
(3) how many employees of each grade in her Department (a) have access to confidential or sensitive data and (b) are authorised to download such data to disc; how many of her Department’s employees have undergone data protection training in the last 12 months; what the average length of time is that each employee of (i) her Department and (ii) her Department’s agencies has spent on data protection training; how many investigations of employees of her Department for improperly accessing confidential information have taken place in the last 12 months; how many such investigations resulted in cases of disciplinary action; and what the circumstances of each of those cases were;
(4) what steps have been taken to protect individuals in the event of a data breach of the National Identity Register.
I refer the hon. Member to the statement made by my right hon. Friend the Prime Minister on 21 November 2007, Official Report, column 1179W. The review by the Cabinet Secretary and security experts is looking at procedures within Departments and agencies for the storage and use of data. A statement on Departments’ procedures will be made on completion of the review.
I refer my right hon. Friend to the statement made by my right hon. Friend the Prime Minister on 21 November 2007, Official Report, column 1179W. The review by the Cabinet Secretary and security experts is looking at procedures within Departments and agencies for the storage and use of data. A statement on Departments’ procedures will be made on completion of the review.
I refer the hon. Member to the statement made by my right hon. Friend the Prime Minister on 21 November 2007, Official Report, column 1179W. The review by the Cabinet Secretary and security experts is looking at procedures within Departments and agencies for the storage and use of data. A statement on Departments’ procedures will be made on completion of the review.