An investigation into the theft of UK Ministry of Defence (MoD) laptops containing the personal information of thousands of potential recruits has found the ministry’s policies and procedures are adequate, although some areas could be improved upon.

In January this year, UK Defence Secretary Des Browne revealed three MoD laptops containing personal data of thousands of potential recruits had been stolen in the past two years.

The revelation followed the theft of a Royal Navy laptop containing unencrypted data including passport details, bank account numbers and family details dating back as far as 1997 from a navy officer’s car earlier this year.

At the time he said information stored on the laptops was in breach of security regulations.

Sir Edmund Burton, who is Chairman of the Information Assurance Advisory Council and supports the Cabinet Office in the implementation of the government’s information assurance strategy, was invited to conduct a full investigation into the circumstances that led to the loss of the data and to consider the broader MoD approach to data protection.

He found MoD policies and procedures are generally fit for purpose and cited examples of good practice by the department, particularly the measures introduced after the loss which were effective in preventing similar damaging losses. But he identified a number of areas where the MoD needs to do better in protecting personal data.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The MoD has accepted all of Sir Edmund’s 51 recommendations and has prepared a comprehensive action plan to implement them.

Permanent Under Secretary Bill Jeffrey said he is “absolutely determined to make sure that we learn the lessons arising from the loss of this data and that we should do everything possible to make sure that this type of thing does not happen again”.

“We deeply regret the losses of personal data. We have identified weaknesses within parts of the MoD that led to this situation and I am confident that we are taking the necessary steps to address them.”

By Elizabeth Clifford-Marsh