The Home Office has survived with a ‘lucky escape' following a rap on the knuckles by the Information Commissioner.
Following the PA Consulting incident, where the contractor lost an unencrypted memory stick containing the sensitive personal information of thousands of people last year, the Home Office has been forced to sign a formal undertaking to protect citizens' data by the Commissioner.
Jon Rolls, vice president of product management at ScriptLogic, claimed that the Home Office had a lucky escape in this instance.
He said: “What is clear is that all organisations need to investigate the numerous methods and solutions available that prevent such confidential data being lost. Whether by malicious intent or accidental loss, private sector businesses and government departments alike have few excuses when this happens.
“This is a lesson in ensuring that the right policies and permissions are in place, together with the right software, to permit only a select few to download data onto USB memory sticks and other removable storage devices.”
The Home Office has promised that from now on, all mobile or portable machines that carry personal data will be encrypted, and that any contractor will also use encryption. The Home Office has avoided an enforcement notice against it, a breach of which would be a criminal offence carrying a fine of up to £5,000, by agreeing to the undertaking ‘in consideration of the Commissioner not exercising his powers to serve an enforcement notice'.