§ Mr. George HowarthTo ask the Parliamentary Secretary, Lord Chancellor's Department how many staff employed on data protection are employed outside London; and in which locations. [32573]
§ Mr. WillsIn respect of the Lord Chancellor's Department, none. Responsibility for administering and enforcing the Data Protection Act 1998 lies with the Information Commissioner, who carries out these responsibilities independently of Government, but is sponsored by the Lord Chancellor's Department. I understand that the Commissioner currently employs 169 staff on data protection matters at her offices in Wilmslow, Cheshire.
§ Mr. WoodTo ask the Parliamentary Secretary, Lord Chancellor's Department what is being done to protect businesses from companies which use threatening and confusing letters to demand excessive amounts of money in return for data protection registration. [32474]
§ Mr. WillsThe Information Commissioner, who carries out her responsibilities independently of Government, has a duty under the Data Protection Act 1998 to disseminate information about the operation of the Act. The commissioner launched a public information campaign on 17 January 2002 to alert organisations to the fact that while they may need to be on the register of data controllers, they should not he misled by businesses who have no statutory powers to maintain the register. Notices were placed in a number of national newspapers and the commissioner has set up a dedicated website at www.doineedtonotify.co.uk to help organisations establish whether they need to notify. She has also made available a self-assessment guide which can be obtained by phoning 0870 9027 522.
I understand that the commissioner is prepared to take legal action against the companies concerned wherever possible and appropriate and that she is liaising closely with the Office of Fair Trading, trading standards authorities and the police on the matter.
§ Mr. George HowarthTo ask the Parliamentary Secretary, Lord Chancellor's Department what representations he has received about the regulatory burdens imposed by data protection legislation. [32076]
§ Mr. WillsSince the Lord Chancellor's Department assumed responsibility for data protection issues in June 2001, I have received representations about the level of fees chargeable for subject access under the Data Protection Act 1998, in particular with regard to manually held health records. The issue here is to strike a balance between ensuring that cost is not a barrier to individuals requesting access to their health records and allowing the NHS to recoup costs incurred in servicing requests, so that essential resources are not diverted from patient care.
903WThe Government are committed to continuing discussion with key interest groups and to working closely with the information commissioner with the aim of achieving a long-term solution.
I have also received representations about the effect upon small businesses of the Act's notification requirements, including the annual fee of £35, and of the commissioner's forthcoming employment practices data protection code. We do not consider the level of fee to be an undue regulatory burden, although it will be kept under review. We are carefully considering the other representations in consultation with the commissioner.