The Department's seven Executive agencies and its Shared Service Centre have not found records of any instances of staff members being suspended or dismissed in relation to the loss of memory sticks, laptop computers, desktop computers or mobile telephones. To fully search the historical disciplinary data for the central Department would incur disproportionate costs.
Departments have taken urgent and decisive action across Government to improve data handing including minimising the amount of data put on removable media, encryption programmes for data and mobile devices that carry personal protected data and the introduction of training and education programmes to improve staff awareness of information risks.
The Government take data security very seriously which is why a report into data handling procedures across Government was commissioned and new measures to improve and strengthen controls in the protection of personal data were introduced.
Under Para 2.8 of the Data Handling Report published in June 2008, all Departments are required to:
“amend HR processes where necessary to make clear that failing to apply controls in handling personal data could amount to gross misconduct.”
The Department and its agencies are in the process of reviewing HR processes to ensure that they meet the requirements of paragraph 2.8 of the Data Handling Report.