In the 12 months to 31 May 2009, eight individuals (including four contractor’s staff acting on MOD’s behalf) have been disciplined for breaches of data protection requirements. A number of other cases remain subject to investigation. Figures for inappropriate use of personal or sensitive data are not held centrally and could be provided only at disproportionate cost.
Information is a key asset to Government and its correct handling is vital to the delivery of public services and to the integrity of HMG. The Security Policy Framework and the Data Handling Report produced by the Cabinet Office provide a strategic framework for protecting information that Government handle and put in place a set of mandatory measures which Departments must adhere to.
MOD has issued internal guidance to remind staff that if they are found to have been responsible for a serious breach of data security procedures, dependent upon the circumstances, a range of sanctions are available including disciplinary or administrative action, and in extreme or persistent cases, termination of employment/services and, if appropriate, criminal proceedings.