To ask the Secretary of State for Scotland what percentage of contractors and suppliers to his Department have reported that they are compliant with the Government’s security standards following publication of the report, Data Handling Procedures in Government, and the accompanying document, Cross-departmental Actions: Mandatory Minimum Action, on 25 June 2008. (245307)

The Scotland Office does not directly use external suppliers or contractors to carry out its responsibilities. As an associated office, the Scotland Office is provided with a range of corporate and support services by the Ministry of Justice, who place an obligation on all of their contractors to provide IT and data management systems that meet Government security standards.

To ask the Secretary of State for Scotland how many contracts his Department has which allow contractors to store personal data of UK citizens overseas; for which contracts this applies; in which countries the data for each contract is held; and how many people have their data stored overseas in the case of each such contract. (245335)

The Scotland Office has no such contracts in place.

To ask the Secretary of State for Scotland when his Department appointed a senior information risk owner in accordance with the report, Data Handling Procedures in Government and the accompanying document Cross-departmental Actions: Mandatory Minimum Action; when the appointment was made; and what grade the person holds within the Department. (245369)

The Scotland Office is part of the Ministry of Justice (MoJ). The Ministry of Justice’s Senior Information Risk Owner (SIRO) is the Director General of the Democracy, Constitution and Law Group who took over this responsibility in spring 2008, in advance of the Data Handling Review’s publication.