There have been cases of sensitive information being lost by public bodies
Compulsory data protection audits of councils and the NHS are needed to help eliminate “really stupid basic errors”, the Information Commissioner has said.
Christopher Graham told MPs taxpayers were losing out when public bodies were fined for mistakes in handling sensitive information.
He said “consensual” voluntary audits in some areas had proved a success.
But he said the Department for Communities and Local Government was “surprisingly opposed” to the proposal.
The watchdog currently only has the power to launch compulsory audits across central government. For all other organisations it has to secure consent before an audit can take place.
“Until local government gets the message, local council taxpayers will continue to be hit by civil monetary penalties for really basic stupid errors” Christopher Graham Information Commissioner
Giving evidence to the Commons Justice Select Committee, Mr Graham said that a process of regular audit was a “darn sight more helpful” than public bodies continuing to be fined for mistakes and the money effectively being returned to the Treasury.
Nineteen local councils have been fined a total of £1.8m for breaches of the data protection act, the most recent sanctions coming in December.
Compulsory audits, he suggested, would not eliminate all problems but could cut out on incidences of sensitive information “being sent to the wrong fax machine or dropped in the street or left on an unencrypted memory stick”.
While the Department of Health had been supportive of the principle of audits in parts of the health service he said the Department for Local Government “remained to be convinced” and he hoped to persuade ministers of their value.
“Until local government gets the message, local council taxpayers will continue to be hit by civil monetary penalties for really basic stupid errors”.
Source: BBC News