The Government has surveyed UK businesses and charities to find out how they approach cyber security and help them learn more about the cyber security issues faced by industry. The research informs Government policy on cyber security and how Government works with industry to make Britain one of the most secure places to do business online.

This specific release is being in published in advance of the full report of the 2018 Cyber Security Breaches Survey, to provide insight into how aware and prepared businesses and charities are for the General Data Protection Regulation (or GDPR), the foundation of the new Data Protection Act which is due to be introduced in May 2018.

Released

24 January 2018

Period covered

The findings are taken from survey telephone interviews, which took place between October and December 2017.

Geographic coverage

UK

Further Information

The survey is part of the Government’s National Cyber Security Programme.

Cyber security guidance and information for businesses, including details of free training and support, can be found on the National Cyber Security Centre website and GOV.UK at: http://www.ncsc.gov.uk/guidance">www.ncsc.gov.uk/guidance and www.gov.uk.

The survey was carried out by Ipsos MORI and its partner, the Institute of Criminal Justice Studies (ICJS) at the University of Portsmouth.

The UK Statistics Authority

This release is published in accordance with the Code of Practice for Official Statistics (2009), as produced by the UK Statistics Authority. The UKSA has the overall objective of promoting and safeguarding the production and publication of official statistics that serve the public good. It monitors and reports on all official statistics, and promotes good practice in this area.

Pre-release access

The document above contains a list of ministers and officials who have received privileged early access to this release. In line with best practice, the list has been kept to a minimum and those given access for briefing purposes had a maximum of 24 hours.

Contact

The responsible statistician for this release is Rishi Vaidya. For any queries please contact 020 7211 2320 or evidence@culture.gov.uk.

At the Medicines and Healthcare products Regulatory Agency (the Agency) we are committed to protecting and respecting your privacy.

This privacy notice describes how we collect and use your personal information, in accordance with the Data Protection Act 2018 and the UK General Data Protection Regulation (GDPR) 2016/279.

This Privacy Notice applies to anyone (except staff) whose personal data we might process, for example, members of the public, manufacturers, wholesalers, and other authorities.

If you work for the Agency, please refer to our intranet for details of how we process your personal data – ex-members of staff should contact: dataprotection@mhra.gov.uk.

Contact our Data Protection Officer

If you have queries about how the Agency protects and uses your personal data, please contact dataprotection@mhra.gov.uk in the first instance. You may also contact the DHSC Data Protection Officer at data_protection@dhsc.gov.uk.

Alternatively, you can contact us in writing:

Or

This policy covers complaints about

• How you have been treated

• The behaviour of our staff

• Action or lack of action by the SFO

• Legal, investigative and operational decisions

It does not cover

• Matters which have already been dealt with under this policy

• Anonymous complaints or complaints from people who have not been in direct contact with the SFO

• Complaints about access to information where procedures are set out in legislation such as the Freedom of Information Act, UK General Data Protection Regulation or Data Protection Act

• Matters that are, or have been, subject to legal proceedings before a court or tribunal

• There is a separate procedure if you are a victim of crime who wishes to exercise the right to request a review of certain decisions which have the effect of ending an investigation or prosecution or preventing a prosecution from being brought. This procedure is called the Victims’ Right to Review and is explained here.

Timing of complaints

Complaints should be made within six months.

For each stage of the complaint system, we will acknowledge your complaint within five working days and aim to respond fully within 28 days where possible. The acknowledgement will include the target date for our response, information about the likely timescale for responding or confirmation that this information will be provided at a later datelater. If we cannot respond within the original time estimate, we will let you know and provide an indication of when the response can be expected.

How to complain

If you want to complain, you are encouraged to contact the team or staff member involved. They will attempt to resolve the matter informally or confirm that the matter will be treated as a formal complaint under stage 1 of the formal complaints procedure.

Stage 1: Formal complaint

If you remain dissatisfied after contacting that team or staff member informally or you do not wish to contact them, you may make a formal complaint. This is done by contacting our public enquiries team (details below) and providing the following information:

• Your name, address and preferred contact details

• What happened, when it happened and details of any SFO staff involved

• Relevant letters, emails or other documents

• The desired outcome

We will look into what happened and this will usually include communicating with any staff involved.

If the complaint is upheld, we will inform you and do our best to resolve the matter. If it is not upheld, we will inform you and explain the reasons why.

Stage 2: Review

If you are dissatisfied with the response provided at stage 1, you may ask for your complaint to be reviewed. This must be done within 28 days of our response by contacting our public enquiries team (details below). Please include the reasons for your dissatisfaction.

If the complaint is upheld on review, we will inform you and do our best to resolve the matter. If the complaint is not upheld on review, we will inform you and explain the reasons why.

This is the end of the complaints procedure. The only exception is if you are a victim of crime whose complaint relates to a breach of the Code of Practice for Victims of Crime, in which case you may ask your MP to refer the matter to the Parliamentary and Health Services Ombudsman.

Public enquiries team contact details

The public enquiries team can be contacted as follows:

• Email: enquiries@sfo.gov.uk

• Post: Public Relations and Information (PR&I), Serious Fraud Office, 2-4 Cockspur Street, London, SW1Y 5BS

The proper handling of complaints is vital to ensuring the SFO consistently delivers a high-quality service in our mission to fight complex financial crime, deliver justice for victims and protect the UK’s reputation as a safe place to do business.

We want to know if our service or conduct falls short of what you expect. We recognise that complaints are a valuable source of feedback and provide an opportunity for us to improve. Our aim is to have a process that is clear, accessible and well-managed so that decisions are t

Details of the types of information the DfE holds about you and how you can request the information.

Read the DfE Personal information charter for more on the standards you can expect when we collect, hold or use your personal information.

The DfE privacy notices provide details of your rights and the lawful basis for each processing activity.