Update on our work to raise data protection standards in the public sector

John Edwards, the UK Information Commissioner said:

This summer, I wrote to the Cabinet Office, insisting that the government must go further and faster to ensure Whitehall, and the wider public sector put their practices in order.

We’ve been working with government to improve the protection of people’s data for the past three years, and further progress was a key action my office undertook following the Ministry of Defence data breach that disclosed details of Afghan citizens. 

I’m pleased to update that the government has now set out the measures they will take to raise information security and data protection standards. The commitments include creating a central, coordinated approach for managing cross-government data protection accountability and compliance; establishing a dedicated team who will set consistent standards and respond swiftly to risks; rolling out new information management training for all civil servants.

Alongside this, we are working on a joint commitment, in the form of a memorandum of understanding, that will explain how we will collaborate with government so its ambitions to use new technologies to transform public services, create a modern digital government, and drive economic growth are done so with the appropriate safeguards in place. We will agree with government on how my office can receive assurance on the delivery and impact of this work. 

This is a single step forward, but it is a crucial one. Government must now carry through on these commitments, to ensure the public can trust and be confident when sharing their personal information with government, knowing that it will be handled responsibly and safely.

I will continue to update you on how that work progresses.