Skip to main content

FCO Services: Data Protection

Volume 472: debated on Tuesday 26 February 2008

To ask the Secretary of State for Foreign and Commonwealth Affairs what measures he has put in place to ensure that personal data held by the FCO Services Trading Fund are kept securely. (188024)

Data security in Foreign and Commonwealth Office (FCO) Services receives the closest attention and care. The FCO and FCO Services have implemented the latest Cabinet Office guidance on storing personal data. FCO Services makes a unique selling point of its secure services, so security is at the heart of everything it does.

The organisation holds and processes personal data for a number of reasons and strong measures are in place to protect all data. Systems are only deployed after Government security accreditation has been completed.

Security measures and accreditation include, but are not limited to, the following:

All sensitive data are held in secure conditions.

Systems are managed according to Government protective data marking.

Data transmission is minimised to essential levels and takes place across encrypted and protected networks.

In limited circumstances, data are transported by disk, but only when passwords or data encryption techniques are applied. Carriage is consistent with FCO policy.

Legitimate access to systems is restricted to authorised users by electronic and physical assurance processes.

Audit processes are in place to oversee the effectiveness of the information security policy and data access is monitored by an independent security function.

Laptops and hand held devices used for confidential data are installed with especially accredited and encrypted disks and secure communications facilities. Other laptops with unencrypted discs are used only for less sensitive material.