Following an audit by the Information Commissioner’s Office conducted between April 2013 and April 2014, only one out of 17 UK police forces achieved the highest possible assurance rating for data protection compliance.
While none of the forces audited were deemed so bad as to be rated as having “very limited assurance”, more than one-third fell within the “limited assurance” range, and only 59% achieved a rating of “reasonable assurance.
The ICO audits, covered three of six key scope areas for which an assurance level is given and combined to form the overall assurance rating.
Scope areas highlighted as areas of weakness were “security of personal data” and “training and awareness”. Not one of the forces scored a “high” assurance rating and just eight were rated as having a “reasonable” assurance rating for security of personal data.
Jonathan Richardson, managing director at Russell Richardson commented: “This isn’t something unique to police forces. We see customers from all sectors who come to us and have policies and procedures that can be improved when it comes to ensuring adequate security for storing and disposing of personal data. Our specialists are more than happy to come out and look at what’s in place at the moment and offer advice, whether or not that involves using our services.”
The full ICO Audit outcomes analysis can be seen here HERE.