Main navigation

Review of Data Handling procedures in Government

23 November 2007

The Prime Minister has asked the Cabinet Secretary to establish a review into data handling procedures in Government.

The Review will be led by Robert Hannigan, Head of Intelligence, Security and Resilience in the Cabinet Office, working closely with heads of departments.

The Cabinet Secretary wrote to all Heads of Departments on Thursday 22 November setting out the terms of the Review.

The terms of Reference of the Review will be:

To Examine:

• the procedures in Departments and agencies for the protection of data;
• their consistency with current Government wide policies and standards;
• the arrangements for ensuring that procedures are being fully and properly implemented;

and to make recommendations on improvements that should be made.

The process will be carried out in two stages:

• first, to ask urgently for an analysis of Departmental and agency systems and procedures to identify compliance with policies and standards, and recommendations for practical improvements and better management of risk that can be identified. Each Department is asked to complete this, covering their agencies as well, by 10 December so that the Prime Minister can be advised by the end of the year.
• Second, to then look collectively at improved standards and procedures, including the role of the centre and governance mechanisms as well as the introduction of better compliance and audit arrangements. A plan to deliver any changes will also be produced. The aim is to complete this early in the New Year.

This Review will also take into account the work being done by Kieran Poynter of Pricewaterhouse Coopers into HM Revenue and Customs data handling procedures and the work being done by the Information Commissioner and Mark Walport of the Wellcome Trust on the security of personal data across society as a whole.