Government accused of lacking basic data policies

Despite a slew of high profile UK government data breaches over the past year, new research has discovered that a lack of formal data protection and management policy still remains.

Online identity protection vendor Garlik submitted 30 Freedom of Information (FoI) requests between September and November last year to all major government departments and offices.

According to the Data Protection Act (DPA), an organisation must act if someone informs it that the information it holds on them is inaccurate. Yet only three out of the 30 Government departments contacted confirmed they had written correction policies and procedures in place.

And only the Driver and Vehicle Licensing Agency (DVLA) and Department for Transport (DfT) said they had carried out independent audits to demonstrate DPA compliance.

The responses also revealed that the biggest culprits of data breaches in recent times - HM Revenue and Customs, Ministry of Justice, Department of Health, and the Ministry of Defence - all reported a lack of basic systems for managing personal data effectively.

Of the 29 departments that responded to Garlik's FoI requests, all admitted that they either had no funds allocated for correcting erroneous data, no statistical data regarding erroneous data correction, or had never been subject to an independent audit in order to prove DPA compliance.

Tom Ilube, Garlik chief executive, said: "The Government's complacent attitude towards managing and correcting our personal data is all the more shocking in light of the 176 public data losses the Information Commissioner reported to have occurred last year alone."

Ilube added that a typical public database could have error rates approaching 10 per cent, meaning that a single large government database could possess erroneous data on several million individuals, despite being used everyday to make critical decisions about our lives, taxes, healthcare, and so on.

"As we head towards even larger government databases it is crucial that government deals more effectively with error rates and handles data in a way that maximises accuracy and prevents future breaches," he urged.

Miya Knights

A 25-year veteran enterprise technology expert, Miya Knights applies her deep understanding of technology gained through her journalism career to both her role as a consultant and as director at Retail Technology Magazine, which she helped shape over the past 17 years. Miya was educated at Oxford University, earning a master’s degree in English.

Her role as a journalist has seen her write for many of the leading technology publishers in the UK such as ITPro, TechWeekEurope, CIO UK, Computer Weekly, and also a number of national newspapers including The Times, Independent, and Financial Times.