Linked Data API

Filter

These are the filters currently being used to limit the search results. Click on the remove filter icon to remove the filter.

min answer › date of answer	2018-11-12
legislature › pref label	House of Commons
hansard heading	Government Departments: Data Protection

Sort by

This list shows the properties that you can sort by. Click on to sort in ascending order and to sort in descending order. The properties that you're currently sorting by are shown at the top of the list. Click on remove this sort to remove a sort and or to reverse the current sort order. Click on the remove all sorting icon to remove all the sorting. Note that sorting can significantly slow down the loading of the page.

View

Choose what information you want to view about each item. There are some pre-defined views, but starred properties are always present no matter what the view. You can star properties by clicking on the icon. The currently starred icons have a icon; clicking on it will unstar the property.

Items per page

Choose how many items to view on each page. The more items you view, the longer the page will take to load.

Show Search Form

Search Results

registered interest

date

exactly:

or between:
and

answering body

answering dept id

answering dept short name

answering dept sort name

hansard heading

house id

legislature


pref label

question text

tabling member constituency

tabling member printed

uin

answer

is ministerial correction

date of answer

exactly:

or between:
and

answer text

answering member constituency

answering member printed

grouped question UIN

question first answered

answering member


label

tabling member


label

1000229

registered interest

date

02/11/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, how many data breaches were reported by each Government department to the Government Security Group in each of the last four years.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

187361

answer

is ministerial correction

date of answer

12/11/2018

answer text

Cabinet Office does not require central reporting of data breaches by government departments. The <a href="https://www.gov.uk/government/publications/the-minimum-cyber-security-standard" target="_blank">minimum cyber security standard</a> outlines the communications required by a department when there is a security incident that impacts on sensitive information or key operational services. The Government Security Group would be involved in the response to a category one or twocyber security incident impacting a central government department(s), however to date an incident of this type has not occurred. The <a href="https://www.ncsc.gov.uk/news/annual-review-2018" target="_blank">National Cyber Security Centre’s Annual Report (2018)</a> provides the total number of incidents it has dealt with over the past year.

answering member constituency

Aylesbury

answering member printed

Mr David Lidington

question first answered

12/11/2018 09:37:31

answering member

15

	label	Biography information for Sir David Lidington

tabling member

4673

	label	Biography information for Jo Platt

1015347

registered interest

date

27/11/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, what factors are taken into consideration when decisions are taken on storing government data by contracted private sector cloud companies.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

196203

answer

is ministerial correction

date of answer

03/12/2018

answer text

In order to establish the merits of storing government data with a contracted private sector cloud company, departments should use the <a href="https://www.gov.uk/government/publications/technology-code-of-practice/technology-code-of-practice" target="_blank">Technology Code of Practice </a>principles and follow the government <a href="https://www.gov.uk/guidance/government-cloud-first-policy" target="_blank">Cloud First policy</a>. Both of these policies provide clear guidelines of the things a department should consider, recognising that there is not one single solution for all departments. It is the responsibility of each government department to take risk-based decisions about their use of cloud providers for the storage of government data up to “OFFICIAL” level. When considering a commercial provider, departments should take into account the cloud security principles developed by the National Cyber Security Centre (<a href="https://www.ncsc.gov.uk/guidance/implementing-cloud-security-principles" target="_blank">https://www.ncsc.gov.uk/guidance/implementing-cloud-security-principles</a>). Finally, the solution must provide the best value for the taxpayer.

answering member constituency

Hertsmere

answering member printed

Oliver Dowden

question first answered

03/12/2018 16:36:01

answering member

4441

	label	Biography information for Oliver Dowden

tabling member

4673

	label	Biography information for Jo Platt

1024009

registered interest

date

12/12/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, pursuant to the Answer of 27 November 2018 to Question 196203 and with reference to the Government's Technology Code of Practice principles Cloud First policy, whether it is Government policy to prevent any government department or service from storing cloud-based data hosted in any specific nation states.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

201721

answer

is ministerial correction

date of answer

07/01/2019

answer text

Neither the Technology Code of Practice nor the Cloud First Policy directly prevent government departments or services from storing cloud based data in any specific nation state. It is the responsibility of each government department to take risk-based decisions about their use of cloud providers for the storage of government data.

answering member constituency

Aylesbury

answering member printed

Mr David Lidington

question first answered

07/01/2019 17:16:11

answering member

15

	label	Biography information for Sir David Lidington

tabling member

4673

	label	Biography information for Jo Platt

1027224

registered interest

date

17/12/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, how many Government Departments use (a) a domain message authentication reporting and conformance cybersecurity system (b) a system for identifying external emails to recipients and (c) a protocol for timely staff reporting of suspicious emails.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

202801

answer

is ministerial correction

date of answer

20/12/2018

answer text

Active Cyber Defence (ACD) is a collection of services implemented by the NCSC that aim to protect the UK from the high-volume commodity attacks that affect people’s everyday lives. Mail Check is one of these services which enables an organisation to authenticate the email they send so that a receiver can determine if it is genuine or fake using Domain-based Message Authentication Protocol (DMARC). The NCSC plans to implement Mail Check for all 44 Central Government departments - in December 2018 95% were actively using Mail Check and 80% had adopted a basic DMARC policy.

answering member constituency

Aylesbury

answering member printed

Mr David Lidington

question first answered

20/12/2018 15:33:07

answering member

15

	label	Biography information for Sir David Lidington

tabling member

4673

	label	Biography information for Jo Platt

1027225

registered interest

date

17/12/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, whether the Government security profession unit has a target for the number of cyber-security professionals it plans to recruit.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

202802

answer

is ministerial correction

date of answer

20/12/2018

answer text

Government departments are responsible for ensuring adequate staffing levels to meet the organisational risk it carries. Though no single target number for cyber security specialists exist, the Government Security Profession team will support departments through the delivery of centralised strategy for the recruitment and retention of cyber skills in departments.

answering member constituency

Aylesbury

answering member printed

Mr David Lidington

question first answered

20/12/2018 15:34:56

answering member

15

	label	Biography information for Sir David Lidington

tabling member

4673

	label	Biography information for Jo Platt

1029557

registered interest

date

20/12/2018

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, pursuant to the Answer of 20 December 2018 to Question 202801, for what reason no reference was made in that Answer to the number of Government Departments which use (a) a system for identifying external emails to recipients and (b) a protocol for timely staff reporting of suspicious emails.

tabling member constituency

Leigh

tabling member printed

Jo Platt

uin

204633

answer

is ministerial correction

date of answer

07/01/2019

answer text

Cabinet Office does not hold this information centrally. It is the responsibility of each government department to manage how they receive external emails and report suspicious emails based on their security requirements. Domain-based Message Authentication Protocol (DMARC) is the system in which Departments identify external email.The NCSC provides guidance and support to government departments on how to implement good cyber hygiene for staff, including the reporting of suspicious emails of which Cabinet Office have no central record of these figures.

answering member constituency

Aylesbury

answering member printed

Mr David Lidington

question first answered

07/01/2019 17:25:19

answering member

15

	label	Biography information for Sir David Lidington

tabling member

4673

	label	Biography information for Jo Platt

1149071

registered interest

date

14/10/2019

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office, with reference to the Government's no deal planning preparations, how many Government Departments have (a) reviewed their reliance on personal data flows from the EU and (b) developed contingency plans to mitigate risks to public sector service provision of that reliance.

tabling member constituency

Vale of Clwyd

tabling member printed

Chris Ruane

uin

answer

is ministerial correction

date of answer

17/10/2019

answer text

All government departments have reviewed their reliance on personal data flows from the EU and developed suitable contingency plans to mitigate risks to the public sector service provision of that reliance. Chapter three of the <a href="https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/837632/No_deal_readiness_paper.PDF" target="_blank">No Deal Readiness Report</a> provides further information.

answering member constituency

Torbay

answering member printed

Kevin Foster

question first answered

17/10/2019 10:31:29

answering member

4451

	label	Biography information for Kevin Foster

tabling member

534

	label	Biography information for Chris Ruane

1305113

registered interest

date

23/03/2021

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office, what steps the Government is taking to prevent data breaches when awarding contracts for cloud services to multi-national corporations.

tabling member constituency

Putney

tabling member printed

Fleur Anderson

uin

174285

answer

is ministerial correction

date of answer

13/04/2021

answer text

Regulation 32 of the Public Contracts Regulations 2015 sets out the grounds in which contracting authorities can procure goods, services and works with extreme urgency in exceptional circumstances. In our recently published Green Paper, we have set out our proposals to clarify these rules, learning from the experience in the pandemic.The process of implementing the Boardman recommendations began immediately, and the programme is being assured by the Cabinet Office Audit and Risk Committee. We committed to provide an update on implementation six months after publication.All G-Cloud suppliers must publicly show their security certifications, standards and approach to personnel security on the Digital Marketplace. Suppliers must also maintain physical and IT security that follows good industry practice to ensure there is no unauthorised access to any confidential information and data. Along with this, suppliers must inform Crown Commercial Service of any data breaches within 48 hours and Crown Commercial Service has the power to undertake security audits of suppliers.Transforming Government Procurement will make it easier to take into account issues relating to workplace rights and protections through aligning the value for money definition with that of the Green Book, and removing in certain circumstances the need for wider policy considerations to be linked to the subject matter of the contract.

answering member constituency

Hornchurch and Upminster

answering member printed

Julia Lopez

grouped question UIN

174282
174284

question first answered

13/04/2021 12:22:29

answering member

4647

	label	Biography information for Julia Lopez

tabling member

4788

	label	Biography information for Fleur Anderson

1307870

registered interest

date

12/04/2021

answering body

Department for Digital, Culture, Media and Sport

answering dept id

answering dept short name

Digital, Culture, Media and Sport

answering dept sort name

Digital, Culture, Media and Sport

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Secretary of State for Digital, Culture, Media and Sport, which of the 139 recommendations identified in the Information Commissioner's Office audit of Government departments will be included as part of the National Data Strategy.

tabling member constituency

St Albans

tabling member printed

Daisy Cooper

uin

179577

answer

is ministerial correction

date of answer

20/04/2021

answer text

The audit referred to in the question was a specific audit by the Information Commissioner’s Office (ICO) of the Department for Education (DfE). The DfE has been working closely with the ICO since the audit was undertaken in February 2020 to address all the recommendations and published its formal response in January 2021 in the House Library, paper reference DEP2021-0072. The work being done by DfE in partnership with the ICO to address the audit recommendations, particularly around data sharing policy and strategy, will support good practice across the public, private and third sectors, in line with the aims of the National Data Strategy.

answering member constituency

Maldon

answering member printed

Mr John Whittingdale

question first answered

20/04/2021 10:28:33

answering member

39

	label	Biography information for Sir John Whittingdale

tabling member

4769

	label	Biography information for Daisy Cooper

1524406

registered interest

date

19/10/2022

answering body

Cabinet Office

answering dept id

answering dept short name

Cabinet Office

answering dept sort name

Cabinet Office

hansard heading

Government Departments: Data Protection

house id

legislature

25259

	pref label	House of Commons

question text

To ask the Minister for the Cabinet Office, what steps the Government is taking to ensure all official-sensitive documents are not distributed via personal channels.

tabling member constituency

Vauxhall

tabling member printed

Florence Eshalomi

uin

67273

answer

is ministerial correction

date of answer

25/10/2022

answer text

The Government takes matters of security very seriously. Government Departments routinely provide advice and guidance, including to ministers, on the appropriate handling of Government information.

answering member constituency

Croydon South

answering member printed

Chris Philp

grouped question UIN

67274

question first answered

25/10/2022 11:34:09

answering member

4503

	label	Biography information for Chris Philp

tabling member

4870

	label	Biography information for Florence Eshalomi