ICO to take action against HMRC, MoD for breaches
Information Commissioner to take 'formal action' against HMRC and MoD following reports detailing breaches at the government departments.
The Information Commissioner's Office will be taking "formal enforcement action" against both HM Revenue and Customs (HMRC) and the Ministry of Defence (MoD).
Major reports released today detailed the institutional failures which lead to the loss of 25 million records by HMRC last year, while the MoD was caught out on lost laptops.
Information Commissioner Richard Thomas said: "I will be taking formal enforcement action against HMRC and MOD following the serious data breaches that have occurred."
He said that both departments clearly broke data protection requirements and that the ICO will be serving formal enforcement notices requiring them to meet the recommendations made in the reports. HMRC has already started doing so for one of the reports.
Thomas said the watchdog would monitor the situation closely and require progress reports each year for the next three. He stressed that failure to comply with an enforcement notice is a criminal offence.
He called on all chief executives to learn from the mistakes at HMRC and MoD. "It is of fundamental importance that lessons are learned from these breaches. Information security and other aspects of data protection must be taken a great deal more seriously by those in charge of organisations. No chief executive can now say that data protection doesn't matter."
He continued: "Whilst these breaches have been highly publicised and involve big numbers, sadly they are not isolated cases. It is deeply worrying that many other incidents have been reported, some involving even more sensitive data.
Earlier this year, the ICO said that 94 major data breaches had occurred in the six months following the HMRC debacle.
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download