Confidentiality of data collected for registration purposes

4.1 Identification and management of risk

Civil registration processes are laid down in the Registration Acts. Registration information is supplied by qualified informants. The Office for National Statistics (ONS) is responsible for ensuring that the information recorded at registration is not altered in any way other than that prescribed by law and only on the production of appropriate evidence. The system has remained largely unchanged since 1837. Legislation is backed up by detailed advice.

Training for ONS and local registration staff helps to ensure understanding and consistency and raises awareness of issues regarding confidentiality and security. All staff within ONS who have access to registration information on individuals are required to sign a Confidentiality Declaration on joining the office. This reinforces the value and importance ONS places on this work and encourages staff to help in identifying and managing risks. ONS inspectors perform periodic independent checks of the work of local registration officers.

Access to registration information in a birth, death or marriage register is tightly controlled by legislation. With a few specific exceptions, it may be issued only in the form of a certified copy of an entry (certificate) when sufficient information to identify that entry has been supplied by an applicant, together with the statutory fee. Within ONS, registration information can only be disclosed on the signed authority of the relevant data custodian. The intended use of any such request is considered in the context of the Data Protection and Registration Acts. Income from certificate sales is significant and there are detailed records and regular independent checks of money received for certificates both in ONS and locally.

The context in which civil registration operates is changing. ONS reviews its caseload regularly to get early warning of new issues of public concern and to plan their management. ONS works closely with a range of Government departments and organisations in developing policy affecting an individual's civil status. This enables risks to be identified early and to be actively managed through the policy making, legislative and implementation stages. Operational changes, for example the introduction of new IT systems, are project managed formally and identification and active management of risk are key elements of that process. Projects have a post implementation review.

This very structured approach to the business of registration (and who has access to what data and for what purpose) provides a sound basis for targeted risk analysis. The periodic checks provide a further mechanism to identify risks and evaluate the effectiveness of risk management strategies. Information from these checks and other risk management work feeds into the Registration work programmes in a variety of ways. At a strategic level, it is often by seeking a policy/legislation change and at an operational level by changing working practices or ensuring the existing ones are complied with. Within the Registration business, there are procedures for sharing and acting on the information which sit within the overall planning, monitoring and implementation processes. Significant emerging risks are managed with the appropriate stakeholders who can include Ministers, other Government departments, the ONS Executive and Local Authorities.

4.2 Process for evaluating risk management strategies in relation to confidentiality

No instances of the inadvertent release or amendment of registration information have been recorded. Therefore, the issue of monitoring breaches does not arise. The lack of any past breach may raise the question of whether too much effort is spent on safeguarding confidentiality. It is the ONS view that it must meet its legal obligations and that a breach would cause such a high cost to its reputation that the current approach of high risk aversion is appropriate.

4.3 Involvement of stakeholders

Stakeholders are the public registering events, users of the information and others who would be affected by a breach of confidentiality.

ONS provides information to customers as laid down in the Registration Acts. The Review of the Registration Service aims to modernise the service to meet contemporary needs. Consultation has involved public, private and government bodies (including the Data Protection Registrar) as well as individuals. It focuses on improved service and maintaining the high quality of information and public confidence. It has drawn information from a number of sources including reviews of specific cases, queries and complaints and registration systems in other countries. The experience of other countries is particularly useful in identifying and managing the risks of operational changes as a number of countries have modernised a registration system which was based on that still in operation in England and Wales.

ONS has a service level agreement with the Department of Health in relation to National Health Service Central Register. Discussions with them include identification and management of risk in the context of the wider NHS information systems. The Department is implementing strategic reform of the NHS information infrastructure. ONS is fully involved in this process, participating in the formal programme and project structure. Identification and management of risk is an integral aspect of the programme.