Lessons learned?

This morning's Daily Telegraph indicates that the Government has failed to learn the lessons from losing 30 million personal data files in two years.

They tell us that staff are still able to copy unencrypted information from internal databases on to USB sticks, the portable memory devices that have been involved in many of the recent high-profile security breaches whilst the health and transport departments – as well as the Driving and Vehicle Licensing Agency – have failed to make encryption mandatory despite the recommendations of a Cabinet Office report last year:

The Department for Children, Schools and Families and the Ministry of Justice are among the major departments that allow the copying of data of encrypted data onto memory sticks, but it is not clear whether the encryption is actively enforced.

The Department of Business, Enterprise and Regulatory Reform is one of the few departments to force encryption on memory sticks.

And they wonder why we have concerns about the National database they are planning to back up the introduction of ID cards.