An independent reviewer will release a report next month analyzing how U.K. government agencies manage and protect information, a key issue as the U.K. government looks at ways to broaden how different agencies exchange data.
The Information Assurance review, due to be released at the end of May, is an independent look at how different organizations structure policies around information handling, said Nick Coleman, who heads the review, which falls under the Central Sponsor for Information Assurance, part of the Cabinet office.
Coleman spoke publicly for the first time about the review at InfoSecurity Europe conference in London on Wednesday, although he did not preview any details in the review.
The review will be used by the U.K. Cabinet to formulate a revised national strategy on information assurance, due for release in the coming months, as well as updating an information assurance review released in 2004. It encompasses areas such as leadership and governance, enterprise architecture and compliance issues, Coleman said.
The independent review comes as the U.K. government undertakes several massive IT projects, all of which have security and privacy concerns due to their involvement of sensitive personal information. The projects include a national ID card program, a revamp of the National Health Service’s (NHS) IT systems and a program to strengthen border controls.
The government has an ever-increasing reliance on IT systems. Coleman cited statistics: the country’s Police National Computer, a database use by law enforcement, processes 10 million requests each month; the Department for Work and Pensions handles the distribution of 13 million benefits payments every week; and it’s also expected that a large proportion of the 1.3 million NHS employees will need access to patient records as part of the agency’s IT modernization program.
“This is big scale,” Coleman said.
In January, Prime Minister Tony Blair said more sharing between government agencies could result in better services to citizens, such as reducing the number of forms. But activists have raised concerns over the risks data sharing poses to personal data.
