Departmental Data Protection

Defence written question – answered on 8th April 2010.

Alert me about debates like this

Photo of Angus Robertson Angus Robertson Shadow SNP Spokesperson (Defence), Shadow SNP Spokesperson (Foreign and Commonwealth Office), Shadow SNP Westminster Group Leader

To ask the Secretary of State for Defence how many incidents of the loss of confidential data held by his Department have been reported (a) in each of the last five years and (b) in each of the last 12 months.

Photo of Bill Rammell Bill Rammell Minister of State (Armed Forces), Ministry of Defence

The Ministry of Defence (MOD) takes any attacks on, or misuse of, its information, networks and associated media storage devices very seriously and has robust procedures in place to mitigate against and investigate such occurrences. Furthermore, new processes, instructions and technological aids are continually being implemented to mitigate human errors and raise the awareness of every individual in the Department with regards to cyber security.

The following tables provide details of the number of reported losses of confidential and personal data centrally reported within the Department from 2005 to 2010. Figures will continue to be adjusted to incorporate subsequent recoveries of items, the reporting of additional losses and subsequent clarification of historic incidents. The following figures reflect the latest data held as of 10 March 2010.

In a number of these cases the documents were historical and so the original protective marking would have been eligible to be considered for downgrading. This would certainly reduce any risk of compromise. A number of these incidents came to light as a consequence of thorough housekeeping activities and revised MOD data management practices. It is likely that a large number of instances relate to records of the destruction of documents not being accurately maintained, rather than documents actually having gone missing.

Reported incidents of the loss of confidential data in each of the last five years
Total
2005 77
2006 130
2007 52
2008 1099
2009 347

The surge in reported incidents from 2008 is largely attributable to two factors. Firstly, there is an increased awareness of the need to report data loss across the Department. Secondly, since the publication of the Data Handling Review and Burton Report, the MOD is now auditing its holdings of both personal data and removable media. This has identified a number of instances where the location of data could not be verified and has therefore been reported as a possible loss-even though in many cases they may have merely been unaccounted for or incorrectly disposed of.

Reported incidents of the loss of confidential data in each of the last 12 months
Month Total
2009
March 10
April 34
May 24
June 19
July 20
August 32
September 94
October 25
November 21
December 65
2010
January 23
February 48

Does this answer the above question?

Yes1 person thinks so

No1 person thinks not

Would you like to ask a question like this yourself? Use our Freedom of Information site.