Jersey States 'has no understanding of data security'

Government departments do not appear to understand data security, according to the Jersey public sector watchdog.

Jersey Auditor General Karen McConnell published a review of how the States handles information security.

She said organised criminals, spies from other governments and political activists may all want to access information it holds.

States Chief Executive John Richardson said information security was an important issue they were addressing.

"The C&AG's report will help us to consider the way that we develop our programmes and handle information across the States," he said.

The States are due to create a central register with personal details of island residents.

It would contain names, addresses and social security numbers. The Social Security Department and Population Office are the only sectors that can currently access that information.

Ms McConnell said: "Information security of all data, wherever or however it is held, is of crucial importance to all organisations including the States of Jersey.

"Embedding improved arrangements for information security can most effectively be done alongside the development of e-government and as part of wider reform."

Mr Richardson said the States were waiting for recommendations of an island-wide strategic review of cyber security conducted by intelligence sector experts.

"This was commissioned by the States to review our cyber resilience, assess the main risks Jersey faces, identify cyber security priorities and consider approaches to enhancing Jersey's cyber resilience," he said.