Statistics and Registration Service Bill

I will certainly take up the option of writing to the noble Earl, but I hope that I have sufficient recollection of what transpired earlier to be able to reassure him on his anxieties, and also to meet the points indicated by the noble Lord, Lord Howard of Rising. We referred in earlier amendments to why we think Clause 8 is a necessary part of the Bill and gave illustrations of how the ONS has used contractors as part of its work. These examples demonstrate how allowing the board to pass information to third parties which are providing a service to the board can improve the way in which the board works. We are merely building on past practice in those terms. My noble friend gave the illustration of the University of Southampton and the work that it has done. That is also true of certain IT providers. The Committee will want to be assured that a range of safeguards exist to protect any personal information shared with the service providers. I want not only to emphasise what has already been stated but to express it as clearly as I can. First, as clearly set out in the clause, the board would be able to pass personal information of a service provider only if it was considered necessary or appropriate to do so for the provision of the services which it required. Secondly, it is intended that those receiving the data under this clause will not be able to use it for any purpose other than for the provision of the service which the board requires from them. Additionally, we would expect that the use of personal information by service providers will be explicitly covered in a contract between the board and any service provider, because the board will be fully cognisant of its obligations in those terms. Thirdly, any service provider would automatically be constrained by the confidentiality obligation in Clause 36, which contains a criminal sanction, as we heard in our earlier discussions. Finally, the board and the service provider will also need to have regard to putting in place appropriate data protection safeguards to ensure that any processing that occurs is consistent with the requirements of the Data Protection Act, particularly the eight data protection principles set out in the Act. These are strong safeguards, and rightly so. They mean that the board can share information with service providers to improve the quality and efficiency of the board’s work and the statistics produced while ensuring that personal information is protected by the requirements that I identified earlier. I hope that the noble Lord will be satisfied with that response.