11 September 2009
An independent review of data security by the Comptroller and Auditor General has made a number of recommendations to improve the security of data held by States departments. The review confirms there are areas of good practice within the States, and acknowledges the work already done by staff to secure data held on the citizens of Jersey. However, it says a consistent approach is needed throughout the organisation.
The States of Jersey recognises it has a clear responsibility to safeguard the data it holds on islanders, and Deputy Chief Executive, John Richardson, says the existing arrangements for data security have been under consideration for some time. Mr Richardson said: “We accept the Comptroller and Auditor General’s recommendations and steps have already been taken to implement them. We are working with Mr Swinson to address the problems he has identified and to embed best practice across the organisation.
“In future, the maintenance of data security will be the responsibility of the Director of Information Services. He will have a States-wide remit to ensure the right procedures are in place to secure all the data held on islanders.
“A security officer will also be appointed to monitor the work of departments and to manage a training and development plan for staff. This will establish better security awareness across the organisation, and will ensure that anyone employed by the States in any capacity understands States’ policies and the importance of complying with them.”
Mr Richardson accepts that all reasonable steps should be taken to eliminate security failures, and says the recommendations of this review will help to ensure that any breaches do not result from inaction or inconsistency on the part of the States.
More information
Report on data security
gov.je