Question to the Home Office:

To ask Her Majesty's Government what steps they are taking to ensure that the data breaches by the Home Office which led to the sharing of personal data of applicants for settled status and of applicants for the Windrush Compensation Scheme do not recur.

The Home Office takes its data protection responsibilities very seriously and is committed to the continued improvement of its performance against the UK’s high data protection standards.

Strict controls have been put in place on the use of emails when communicating with two or more members of the public, including oversight of communications by Senior Civil Servants and use of alternative technology to prevent reoccurrence. Along with internal reviews which are currently underway, an independent review of the Department’s compliance with its data protection obligations has also been commissioned which will report in due course.

The written ministerial statements addressing the data breaches involving Windrush compensation customers and EUSS customers can be found at the links below:

https://www.parliament.uk/business/publications/written-questions-answers-statements/written-statement/Commons/2019-04-08/HCWS1496/
https://www.parliament.uk/business/publications/written-questions-answers-statements/written-statement/Commons/2019-04-11/HCWS1508/