Show Search Form

Search Results

registered interest	true false
date	exactly: or between: and
answering body
answering dept id
answering dept short name
answering dept sort name
hansard heading
house id
legislature	pref label
question text
tabling member constituency
tabling member printed
uin
answer	is ministerial correction true false date of answer exactly: or between: and answer text answering member constituency answering member printed grouped question UIN question first answered answering member label
tabling member	label

Search

1718404

registered interest
date	15/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, with reference to the Answer of 16 May 2023 to Question 184569 on Ministry of Defence: Data Protection, how many personal data breaches among suppliers contracted by his Department were reported to his Department in each year since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	26348
answer	answer is ministerial correction date of answer 23/05/2024 answer text <p>I refer the right hon. Member to the answer I gave on 16 May 2023 to Question 184569. As an update to this information I can confirm that 12 incidents were reported to the Defence Industry Warning Advisory and Reporting Point in 2023. The data provided only includes security incidents that have been closed and are not under investigation. So far in 2024 there are no incidents that have been reported, investigated and closed.</p><p> </p><p>Information on incidents between 2010 and 2020 is not held centrally and could be provided only at disproportionate cost.</p><p> </p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison question first answered 23/05/2024 08:50:52 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1718405

registered interest
date	15/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, with reference to the Answer of 16 May 2023 to Question 184569 on Ministry of Defence: Data Protection, if he will make an estimate of the number of people affected by personal data incidents.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	26349
answer	answer is ministerial correction date of answer 24/05/2024 answer text <p>This information is not held in the format requested.</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison question first answered 24/05/2024 08:07:37 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716888

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many personal data incidents have affected suppliers to his Department in each year since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25416
answer	answer is ministerial correction date of answer 14/05/2024 answer text <p>The information is not held centrally and could be provided only at disproportionate cost.</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25417 25418 25422 question first answered 14/05/2024 16:37:46 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716889

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many personal data incidents related to the recruitment for the (a) Army, (b) Royal Navy, (c) RAF and (d) Royal Marines there have been since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25417
answer	answer is ministerial correction date of answer 14/05/2024 answer text <p>The information is not held centrally and could be provided only at disproportionate cost.</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25416 25418 25422 question first answered 14/05/2024 16:37:46 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716890

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many potential recruits to the (a) Army, (b) Royal Navy, (c) RAF and (d) Royal Marines have been affected by personal data incidents related to recruitment systems since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25418
answer	answer is ministerial correction date of answer 14/05/2024 answer text <p>The information is not held centrally and could be provided only at disproportionate cost.</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25416 25417 25422 question first answered 14/05/2024 16:37:46 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716893

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many personal data incidents affecting suppliers to his Department have been reported to the Information Commissioner’s Office in each year since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25421
answer	answer is ministerial correction date of answer 17/05/2024 answer text <p>The requirement to record personal data incidents reported to the Information Commissioner’s Office within 72 hours came into force in May 2018 under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018. The figures requested per year are as follows:</p><p> </p><p>2018 1</p><p>2019 2</p><p>2020 2</p><p>2021 1</p><p>2022 1</p><p>2023 0</p><p>2024 1</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison question first answered 17/05/2024 08:24:37 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716894

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many (a) armed forces personnel, (b) civil servants in his Department and (c) veterans have been affected by personal data incidents affecting MOD suppliers in each year since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25422
answer	answer is ministerial correction date of answer 14/05/2024 answer text <p>The information is not held centrally and could be provided only at disproportionate cost.</p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25416 25417 25418 question first answered 14/05/2024 16:37:46 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716896

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many personal data incidents have affected Defence Children Services schools and settings since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25423
answer	answer is ministerial correction date of answer 24/05/2024 answer text <p>The number of personal data incidents that have been correctly reported to the Army Warning Advice and Reporting Point (WARP) that have affected Defence Children Services schools and settings since 2010 and the number of affected individuals that have been affected by personal data incidents related to Defence Children Services schools and settings in each year since 2010 is as below:</p><p> </p><table><tbody><tr><td><p><strong>Incidents</strong></p></td><td><p><strong>Affected Individuals</strong></p></td></tr><tr><td><p>2010</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2011</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2012</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2013</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2014</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2015</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2016</p></td><td><p>1</p></td><td><p>61</p></td></tr><tr><td><p>2017</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2018</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2019</p></td><td><p>2</p></td><td><p>270</p></td></tr><tr><td><p>2020</p></td><td><p>1</p></td><td><p>1</p></td></tr><tr><td><p>2021</p></td><td><p>3</p></td><td><p>4184</p></td></tr><tr><td><p>2022</p></td><td><p>6</p></td><td><p>21</p></td></tr><tr><td><p>2023</p></td><td><p>9</p></td><td><p>459</p></td></tr><tr><td><p>2024</p></td><td><p>2</p></td><td><p>29</p></td></tr><tr><td><p><strong>Totals</strong></p></td><td><p><strong>24</strong></p></td><td><p><strong>5025</strong></p></td></tr></tbody></table><p> </p><p> </p><p>This data has been taken from Blackthorn Defence Incident Management Database (BT DIMDb) (which is directly fed by the Security Incident Reporting Forms (SIRFs) used across Defence) and the Army WARP Security Incident Database (SID).</p><p> </p><p>It is not possible to split the affected individuals down into the categories stipulated in this question as that distinction is not made during reporting or investigation. It should also be noted that the number of people impacted is determined during the course of the investigation.</p><p> </p><p>The 2021 figures include a major investigation into a cyber incident at a single school, which resulted in the potential compromise of 1110 internal (Ministry of Defence) email addresses and 3070 external (personal) email addresses.</p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25424 question first answered 24/05/2024 12:28:15 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716897

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many (a) armed forces (i) personnel and (ii) families and (b) civil servants in his Department have been affected by personal data incidents related to Defence Children Services schools and settings in each year since 2010.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25424
answer	answer is ministerial correction date of answer 24/05/2024 answer text <p>The number of personal data incidents that have been correctly reported to the Army Warning Advice and Reporting Point (WARP) that have affected Defence Children Services schools and settings since 2010 and the number of affected individuals that have been affected by personal data incidents related to Defence Children Services schools and settings in each year since 2010 is as below:</p><p> </p><table><tbody><tr><td><p><strong>Incidents</strong></p></td><td><p><strong>Affected Individuals</strong></p></td></tr><tr><td><p>2010</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2011</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2012</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2013</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2014</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2015</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2016</p></td><td><p>1</p></td><td><p>61</p></td></tr><tr><td><p>2017</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2018</p></td><td><p>0</p></td><td><p>0</p></td></tr><tr><td><p>2019</p></td><td><p>2</p></td><td><p>270</p></td></tr><tr><td><p>2020</p></td><td><p>1</p></td><td><p>1</p></td></tr><tr><td><p>2021</p></td><td><p>3</p></td><td><p>4184</p></td></tr><tr><td><p>2022</p></td><td><p>6</p></td><td><p>21</p></td></tr><tr><td><p>2023</p></td><td><p>9</p></td><td><p>459</p></td></tr><tr><td><p>2024</p></td><td><p>2</p></td><td><p>29</p></td></tr><tr><td><p><strong>Totals</strong></p></td><td><p><strong>24</strong></p></td><td><p><strong>5025</strong></p></td></tr></tbody></table><p> </p><p> </p><p>This data has been taken from Blackthorn Defence Incident Management Database (BT DIMDb) (which is directly fed by the Security Incident Reporting Forms (SIRFs) used across Defence) and the Army WARP Security Incident Database (SID).</p><p> </p><p>It is not possible to split the affected individuals down into the categories stipulated in this question as that distinction is not made during reporting or investigation. It should also be noted that the number of people impacted is determined during the course of the investigation.</p><p> </p><p>The 2021 figures include a major investigation into a cyber incident at a single school, which resulted in the potential compromise of 1110 internal (Ministry of Defence) email addresses and 3070 external (personal) email addresses.</p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25423 question first answered 24/05/2024 12:28:15 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey

1716898

registered interest
date	09/05/2024
answering body	Ministry of Defence
answering dept id	11
answering dept short name	Defence
answering dept sort name	Defence
hansard heading	Ministry of Defence: Data Protection
house id	1
legislature	25259 pref label House of Commons
question text	To ask the Secretary of State for Defence, how many civilian staff in his Department received information security training in each year since 2019.
tabling member constituency	Wentworth and Dearne
tabling member printed	John Healey
uin	25425
answer	answer is ministerial correction date of answer 20/05/2024 answer text <table><tbody><tr><td><p><strong>Year</strong></p></td><td colspan="4"><p><strong>Number of Civilian Staff with a current Defence Information Management Passport (DIMP) Certificate </strong> <strong>(course includes Information Security)</strong></p></td></tr><tr><td><p>2019 (DIMP)</p></td><td colspan="4"><p>*Please note we have no records prior to Nov 2020 (prior information is held on our LRS that is being upgraded and we don’t currently have access to it).</p></td></tr><tr><td><p>2020 (DIMP)</p></td><td colspan="4"><p>30,130</p></td></tr><tr><td><p>2021 (DIMP)</p></td><td colspan="4"><p>35,162</p></td></tr><tr><td><p>2022 (DIMP)</p></td><td colspan="4"><p>38,858</p></td></tr><tr><td><p>2023 (DIMP)</p></td><td colspan="4"><p>40,853</p></td></tr><tr><td colspan="5"><p><strong>In 2022, the DIMP was split into 4 separate courses: </strong></p></td></tr><tr><td><p> </p></td><td><p><strong>Protecting Personal Data </strong><strong>(released Apr 2022)</strong></p></td><td><p><strong>Records Management Awareness </strong><strong>(released Aug 2022)</strong></p></td><td><p><strong>Information &amp; Knowledge Awareness </strong><strong>(release Feb 2023)</strong></p></td><td><p><strong>Cyber Security Awareness </strong><strong>(released Aug 2023)</strong></p></td></tr><tr><td><p>2022</p></td><td><p>13,364</p></td><td><p>11,383</p></td><td><p>N/A</p></td><td><p>N/A</p></td></tr><tr><td><p>2023</p></td><td><p>21,173</p></td><td><p>22,121</p></td><td><p>19,362</p></td><td><p>2883</p></td></tr><tr><td><p>2024 (so far)</p></td><td><p>24,691</p></td><td><p>24,379</p></td><td><p>23,574</p></td><td><p>8652</p></td></tr></tbody></table><p> </p><p>The table shows the percentage of Civilian staff (currently in date) in information security. Completion numbers from the Defence Learning Environment (DLE) versus the Civilian strength data from DBS:</p><table><tbody><tr><td><p><strong>Course</strong></p></td><td><p><strong>Civilian Completion numbers currently in date </strong><strong>(from DLE)</strong></p></td><td><p><strong>Defence Civilian Staff Strength</strong> <strong>(from DBS as of 1 May 24)</strong></p></td><td><p><strong>Percentage complete</strong></p></td></tr><tr><td><p>Protecting Personal Data</p></td><td><p>24,691</p></td><td><p>51,911</p></td><td><p><strong>48%</strong></p></td></tr><tr><td><p>Records Management Awareness</p></td><td><p>24,379</p></td><td><p>51,911</p></td><td><p><strong>47%</strong></p></td></tr><tr><td><p>Information &amp; Knowledge Awareness</p></td><td><p>23,574</p></td><td><p>51,911</p></td><td><p><strong>45%</strong></p></td></tr><tr><td><p>Cyber Security Awareness</p></td><td><p>11,535</p></td><td><p>51,911</p></td><td><p><strong>22%</strong></p></td></tr></tbody></table><p>The figures for the DIMP completion are 79% of the civil service population, the lower numbers shown against the new suite of courses is reflective of the current transition period where some staff still hold valid, in date completion of the previous DIMP course. Individuals with in-date DIMP had up to 3 years currency before needing to take the replacement courses. All new starters to Defence were mandated to take the new courses immediately. As staff come to the end of their currency in DIMP and take the new mandated courses, the latest reporting numbers will increase.</p><p> </p><p>Of the total 51,911 civilian staff, 79% have a current certificate in mandated DIMP training. All staff that work with Defence Information must take these mandated courses. The data related to the new awareness courses is not a true reflection of how many staff are in date as Defence are transitioning between mandated courses so the data for both needs to be considered holistically.</p><p> </p> answering member constituency South West Wiltshire answering member printed Dr Andrew Murrison grouped question UIN 25426 question first answered 20/05/2024 16:51:45 answering member 1466 label Biography information for Dr Andrew Murrison
tabling member	400 label Biography information for John Healey