§ Mrs. MayTo ask the Secretary of State for the Home Department how many of the police forces in England and Wales have an IT security strategy; and what action his Department is taking to encourage the development of such strategies. [40360]
§ Mr. MichaelIt is the responsibility of individual chief officers to ensure that their forces maintain appropriate Information Technology (IT) security measures.
368WInformation is not held centrally to show whether all police forces in England and Wales have an IT security strategy. However, all forces have been issued with the Association of Chief Police Officers (ACPO) Code of Practice for Data Protection and the ACPO Data Protection Audit Manual. These establish procedures and safeguards to promote the maintenance of good practice and compliance with data protection legislation. A copy of the Code of Practice is already in the Library; I am also placing there a copy of the Audit Manual.
The Police Information Technology Organisation (a Home Office Non-Departmental Public Body since 1 April of this year) has separately issued to forces the Police National Computer (PNC) System Security Policy, Code of Connection. Police Information Technology Organisation is also working with the ACPO IT Committee to develop an overarching security policy to reflect the increasing need to exchange data between the police and other criminal justice agencies.
Finally, Her Majesty's Inspectorate of Constabulary reviews data protection management in forces as part of its regular inspections.