Home Office to review data-protection set-up

Written by Beckie Smith on 15 April 2019 in News
News

After two breaches inside a week, department commissions independent assessment of compliance

Credit: Karl-Josef Hildenbrand/DPA/Press Association Images

The Home Office has launched an independent review of its compliance with data protection rules, following two recent data breaches, it has announced.

The department has appointed non-executive director Sue Langley to lead the review, immigration minister Caroline Nokes said in a written statement to parliament.

The statement came after the Home Office said it had voluntarily reported itself to the Information Commissioner’s Office for a data breach in which it revealed the email addresses of hundreds of people seeking help with the EU settlement scheme.

The department apologised after an official failed to mask 240 email addresses in a message to some applicants to the scheme, set up to enable EU nationals to live and work in the UK after Brexit, over the weekend. It was also conducting an internal review to determine how the error happened and lessons to be learned from it, Nokes said.


Related content


The incident was the second to come to light in the space of a week, after email addresses were shared in a message to people enquiring about the Windrush compensation scheme.

In her statement, Nokes said her department “takes its data protection responsibilities very seriously”.

“As a department we have been taking steps to ensure we have the culture, processes and systems in place to treat the public’s personal data appropriately,” she said. "As a further immediate step, we have put in place strict controls on the use of bulk emails when communicating with members of the public to ensure this does not happen again as lessons are learned. An independent review of the department’s compliance with its data protection obligations has also been commissioned, which will be led by non-executive director Sue Langley and will report in due course.”

Langley, chair of the insurance firm Arthur J Gallagher UK and a non-executive director at financial services holding company UKAR, has been a NED at the department since 2013.

Previously she was chief executive of the Financial Services Organisation for UK Trade and Investment.

A Home Office spokesperson said the scope for the review had not yet been set and declined to comment further.

 

About the author

Beckie Smith is a reporter for PublicTechnology sister publication Civil Service World, where this story first appeared. She tweets as @Beckie__Smith.

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Huawei and 5G – the five big questions
23 May 2019

A month on from the revelations about the Chinese vendor’s potential involvement in the UK’s 5G network, PublicTechnology examines the key issues

What happens during a cyberattack on critical infrastructure?
16 May 2019

Leaders at the National Cyber Security Centre lift the lid on the impact of and lessons learned from the Triton malware assault

Government to ‘consider options’ for biometrics regulation
9 May 2019

Immigration minister indicates that various courses of action will be examined before any legislation is passed

‘The prospect of a category-one cyberattack is not receding’
26 April 2019

The UK remains to be hit by a cyberattack of the highest level of severity, but NCSC chief reiterates that we should ‘expect it at some point’