To ask the Secretary of State for Health what percentage of the IT systems in (a) his Department and (b) its agencies are fully accredited to the Government's security standards.

All the Department's information technology (IT) systems meet the requirements set out in the Security Policy Framework (SPF), the "Data Handling Report" (DHR) and related "Cross Government Actions: Minimum Mandatory Measures". They also comply with ISO27001, the standard for Information Security Management.

Of its agencies, the NHS Purchasing and Supply Agency's IT systems are fully certified to ISO27001 and they are required to comply with the requirements of the SPF and the DHR.

The Medicines and Healthcare Regulatory products Agency and all its suppliers are compliant with the Government's security standards and the data handling procedures.