Question to the Cabinet Office:

To ask His Majesty's Government whether they intend to review the processes operating in the public sector for protecting data, including data about individuals held by suppliers to public sector bodies.

The Government takes its data protection responsibilities very seriously, including where data is held by suppliers to the Government and suppliers to public sector bodies. Data protection processes are kept under continuous review. As the relevant National Technical Authority, the National Cyber Security Centre provides the Government, public sector bodies and the private sector with expert advice on protecting data from unauthorised access.

The Government Cyber Security Strategy was published last year. This sets out our plans significantly to harden the Government’s critical functions against cyber attack by 2025, with all organisations across the public sector being resilient to known vulnerabilities by 2030 at the latest.