Protection of personal data held by Woking Borough Council
At last night’s meeting of Full Council I asked a question to the Executive seeking assurances on the protection of personal information held about residents by Woking Borough Council. My question was motivated by recent high profile cases involving computer hacking or data leaks, as well as a report by the civil liberties think-tank Big Brother Watch which shows that local authorities in the UK have reported 4,236 data breaches over the last three years. I asked the council how many data breaches had been reported in Woking over a three year period, and what measures were in place to ensure that residents’ records are kept secure and only accessed by those authorised to do so.
I received a response from the portfolio holder, Cllr Gary Elson, who confirmed that there had been no reported breaches of data or personal information by the council over the last three years. Cllr Elson went on to explain that there were stringent controls in place to protect the data held digitally, and that these are assessed annually for compliance with the requirements of the Public Services Network. Safeguards include the use of complex passwords and two factor authentication for remote access; use of security software; the ability to remotely wipe devices; and restrictions on the use of removable storage devices. The council also uses security pass access control within the secure areas of the civic offices, provides training for new staff and also has policies in place providing guidance to staff dealing with sensitive information in order to protect the security of data held in a physical format.
I hope residents will be reassured by Cllr Elson’s answer that the council takes the protection of sensitive and personal information seriously, and hope it will keep this under constant review and continue its good record.