Cabinet Office floats £2m short-term contract to address ‘weaknesses’ in data-handling

Written by Sam Trendall on 19 August 2020 in News
News

Department seeks commercial support in meeting targets set out in independent review

Credit: Gerd Altmann/Pixabay

The Cabinet Office is seeking a commercial partner to fulfil a short-term £2m programme of work to address “weaknesses” in its handling of personal data.

The department underwent an independent review of its data-storage and -processing procedures in light of an incident in December 2019 in which personal details of those featured on the New Year’s honours list were leaked. 

That review, led by technology executive and former Home Office non-executive director Adrian Joseph, concluded in April. It identified some “concerning lapses” amid what was generally characterised as an inconsistent approach to data protection.

Six core recommendations were set out: improve accountability and governance; reward expertise and skills; establish a new data strategy; be transparent on progress; update guidance and training; and implement consistent standards and controls for technology and data.


Related content


The Cabinet Office intends to make good on these recommendations by the end of 2020 and is seeking a supplier to support its work to do so.

The chosen bidder, with which the department will sign a contract worth up to £2.25m, will start work by 14 September.

“Delivering the Cabinet Office business strategy places a critical reliance on enhancing the capture, storage, management and use of personal and non-personal data. Recent events, however, have identified weaknesses in the Cabinet Office capabilities for managing personal data privacy,” the Cabinet Office said. “An independent review… identified systemic inconsistencies in data processes, controls and culture across Cabinet Office and that there is a significant risk that further and more impactful breaches will occur as the amount of personal data being handled by the department increases.”

The department added: “The independent review of the Cabinet Office’s personal data handling practices proposed recommendations to enhance the overall risk management of data privacy across the department. The Cabinet Office needs to implement this work prior to end December 2020.”

For the technical aspects of the programme, the Cabinet Office indicated that it would prefer to use cloud storage from Amazon Web Services or Microsoft Azure, rather than on-premises technology. 

Suppliers wishing to bid for the work have until 27 August to do so. 

 

About the author

Sam Trendall is editor of PublicTechnology

Tags

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Government urged to commit to devolution to drive innovation and levelling-up
29 June 2022

Think tank report identifies benefits of city mayors, but finds many local officials are frustrated with current interactions with Whitehall

10 Downing St offers over £100k for data science whizz
23 June 2022

Prime minister’s in-house data science unit seeks senior manager to deliver ‘high-impact’ initiatives 

GDS spent £5m on ‘data and user insights’ last year
23 June 2022

Minister reveals organisation undertook a range of work to gain insights into performance of services

‘This lack of transparency could undermine trust’ – DWP scolded over failure to publish research data
21 June 2022

Parliamentary committee writes to department urging greater openness