The official version of this document can be found via the PDF button.
The below content has been automatically generated from the original PDF and some formatting may have been lost, therefore it should not be relied upon to extract citations or propose amendments.
1240/5(3625)
WRITTEN QUESTION TO THE CHIEF MINISTER BY DEPUTY G.C.L. BAUDAINS OF ST CLEMENT
ANSWER TO BE TABLED ON TUESDAY 15th JANUARY 2008
Question
Would the Minister advise whether he, or his predecessor has had discussions with the UK regarding plans to introduce registration, or identity' cards (currently out to consultation) and, if so, whether their introduction in Jersey is part of a unifying strategy?
Would the Minister advise what measures, if any, will be introduced to ensure that the collation of sensitive information into a central database will be more secure than holding data in a number of separate databases?
Answer
It is not proposed to introduce an identity' card for Jersey residents and nor have there been any discussions with UK authorities on this issue. The proposal to introduce a registration card in Jersey to manage access to housing and employment is wholly separate from any UK initiative, not part of any unifying strategy', and as such is not a basis for detailed discussion with the UK.
It is not the intention that sensitive information will be collated into a shared database. The Names and Address Index (the shared database) will hold only surname, forename, salutation, date of birth, place of birth, and gender, together with unique customer and property references. The Population Register (the Population Office system) will hold associations between individuals (ie family membership) and the address history. This will be restricted to the Population Office and not shared.
The range of access controls and security policies applied across all States Departments will be applied to the Index and Register.
These controls are based upon British and International Standards, and are directed by the States Security Policy Group - which reports directly to the Corporate Management Board. This group recently commissioned a review of States Information Security management in July 2007, which found a general good level of information assurance' and compared the standard of information security in the States positively with other large public and private sector organisations.
In addition, individual risk assessments will be applied to the development of the Index and Register, with internal controls designed and matched to address any identified risks.
The systems will also be subject to internal and external audits, with additional powers granted to the Data Protection Commissioner.
This is a very high level of protection and security, reflecting the importance placed on keeping information confidential and private.