Sending of messages must be overseen by senior civil servants

Credit: Daniel Reinhardt/DPA/Press Association Images

Following two high-profile data breaches, the Home Office has implemented “strict controls” on its email communications with members of the public.

In the space of a week earlier this month, the Home Office twice accidentally shared citizens’ personal information. The data breaches saw the department wrongly expose the email addresses of, firstly, people interested in the Windrush compensation programme and then, a few days later, applicants to the settled status scheme for EU citizens.

Related content

• Windrush scandal fallout sees Home Office suspend data-sharing activities
• ‘Clear parallels with Windrush’ – concerns raised on EU settlement scheme reliance on digital
• Is the settled status scheme a tech triumph or digital disaster?

In answer to a written parliamentary question, minister of state for countering extremism Baroness Williams of Trafford said that the Home Office has already tightened its procedures in light of the breaches, and is also instigating internal and external assessments.

“Strict controls have been put in place on the use of emails when communicating with two or more members of the public, including oversight of communications by senior civil servants and use of alternative technology to prevent reoccurrence,” she said. “Along with internal reviews which are currently underway, an independent review of the department’s compliance with its data protection obligations has also been commissioned which will report in due course.”

Baroness Williams was responding to a question posed by Labour peer Lord Kennedy of Southwark.