Skip to main content

Departmental Data Protection

Volume 487: debated on Monday 26 January 2009

To ask the Secretary of State for Work and Pensions how many contracts (a) his Department and (b) its agencies have which allow contractors to store personal data of UK citizens overseas; for which contracts this applies; in which countries the data for each contract is held; and how many people have their data stored overseas in the case of each such contract. (245352)

There are no instances where the Department or its agencies have authorised, through any contracts, the storage of personal data overseas.

To ask the Secretary of State for Work and Pensions when his Department appointed a senior information risk owner in accordance with the report, Data Handling Procedures in Government and the accompanying document Cross-departmental Actions: Mandatory Minimum Action; and what grade the person holds within the Department. (245373)

The Department’s head of legal group was appointed senior information risk owner as from 1 September 2008. Prior to that date, the Department’s chief information officer performed the role. Both are directors general, and are members of the Department’s Executive team.

To ask the Secretary of State for Work and Pensions what percentage of the IT systems in (a) his Department and (b) its agencies are fully accredited to the Government's security standards. (245394)

All IT systems that have become operational since 1 July 2008 are formally accredited.

For systems that were operational before that date, there is no requirement under the Data Handling Review for formal accreditation. Nevertheless, all current systems are routinely assessed for compliance against the Department's Information Systems Security Standards, and are fully authorised for use. Any residual risks have been identified and are being managed.