Question to the Department of Health and Social Care:
To ask the Secretary of State for Health and Social Care, what assessment he has made of the security of people's data collected by private companies administering covid-19 testing for travel purposes.
No specific assessment has been made. Businesses, including private providers, need to ensure that they are compliant with the UK General Data Protection Regulation (GDPR), which requires them to take appropriate security measures to protect the records that they keep. The Information Commissioner’s Office may issue penalties against businesses in breach of GDPR.