Because the Department handles data relating to millions of individual customers on a daily basis, small localised data incidents are dealt with as they arise. These are not recorded centrally by the Department or its agencies, and consequently the details of such incidents could be provided only at disproportionate cost.
More significant incidents which involve personal data are reported to the Information Commissioner as a matter of course. Under the mandatory requirements of the Data Handling Report published on 25 June 2008, the Department is required to provide a summary of such incidents in its annual resource accounts.
The Department has published details of incidents arising during 2007-08 in the annual resource account which was published on 13 August 2008. We will be publishing information on incidents reported to the Information Commissioner during 2008-09 in the next resource accounts. The information is currently being compiled and verified before it is laid before Parliament.