X-twitter Linkedin-in Facebook-f Youtube

MPs call for compulsory data security audits to be extended

Information-Commissioner-LogoA new report from the Information Commissioner has highlighted how councils and NHS Trusts across the UK could be forced to have compulsory audits for data security.

‘The Functions, powers and resources of the Information Commissioner’ report released by the Justice Select Committee raised concerns that a “significant number” of public sector bodies were found to have refused free audits.

The Commission has the statutory power to inspect central Government departments, but also offers free audits to rate standards of data protection for both public and private sector organisations.

The figures showed only 47% of local government organisations contacted had agreed to an audit from the Information Commissioner.

Such audits, which assess how private data is being handled and identifies potential security issues, have seen “reluctant” take-ups by both NHS Trusts and local councils.

The Justice Select Committee described the refusals of public sector organisations, which hold highly-sensitive data, as “shocking” and “even more so in cases where there are serious concerns” over the security of such data.

“We recommend that as a general rule public sector organisations should accept the offer of a free audit from the Information Commissioner, and we consider that it is,” it said.

The Information Commissioner cannot compel organisations outside central Government to accept an audit to assess how organisations handle personal data.

The Justice Select Committee has called for audits to be compulsory and extended to NHS Trusts and local councils across the UK. Any bodies who continue to decline free and consensual audits could be fined as a result.

“The case for extending compulsory audit to NHS Trusts and local councils is clear; while bodies continue to decline free and consensual audits, the only feasible recourse for the Information Commissioner is a civil monetary penalty which ultimately is at the expense of the taxpayer and council tax payer,” read the report.

“We recommend that the Secretary of State bring forward an order under section 41A of the Data Protection Act to meet the recommendation of the Information Commissioner that his power to serve Assessment Notices be extended to NHS Trusts and local councils.”

 

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Phone-volume Envelope
Georgina Turner image

Georgina Turner

Sales
Manager

Phone-volume Envelope
Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Phone-volume Envelope

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

OneTrust announces $150m funding

, , , ,
OneTrust recently announced a US$150 million funding round. The capital will bolster the company’s continued growth to meet customer…
Read More
Genetec

Genetec recognises data privacy day

, , ,
In recognition of international Data Privacy Day, Genetec, a technology provider of unified security, public safety, operations, and business…
Read More
steven hope

Is a passwordless future possible?

, , ,
Authlogics CEO Steven Hope outlines the challenges with password security and the prospects of a ‘passwordless’ future
Read More
steven hope

Is a passwordless future possible?

, , ,
Authlogics CEO Steven Hope outlines the challenges with password security and the prospects of a ‘passwordless’ future
Read More
Barracuda

Barracuda launches UAE Data Centre

, ,
As it looks to meet the growing demand for data protection in the Emirates and better serve its Middle East customers, Barracuda Networks, a partner and
Read More
Ukraine

New data‑wiping malware hits Ukraine

, ,
Hundreds of computers in Ukraine compromised just hours after a wave of DDoS attacks brings down a number of Ukrainian websites
Read More
Ericsson

Ericsson launches IoT Accelerator Connect

, ,
Ericsson IoT Accelerator delivers a reliable and secure cellular IoT platform that empowers communications service providers (CSPs) and enterprises
Read More
Cohesity

Cohesity appoints Kirk A. Law

, ,
Cohesity announced that Kirk A. Law has joined the company as Senior Vice President of research and development (R&D). In this role, Law has global
Read More
data centre

Government & critical infrastructure: Data centres

, , ,
In the new digital world that we thrive in, our societal function is highly dependent on data centres. So, how can we best protect our data
Read More
MSAB

MSAB offers end to end mobile forensics solutions

, ,
Read More

News Desk

View all the latest, product, project and people news

News Desk

Click Here

Technology News

Keep up-to-date with the latest product innovation

Technology News

Click Here

Industry Sectors

Discover technology in action in all applications

Industry Sectors

Click Here

Enter The Awards

Showcase personal or organisation excellence

Awards

Click Here

Advertise With Us

Reach decision makers and amplify your marketing

Advertise With Us

Click Here

Create an account or login

Create your free account today and get instant access to exclusive industry insights, expert analysis, and breaking security news.

login
Create an account

© Hand Media International LTD 2025. All rights reserved.

Scroll to Top