We use cookies to improve your experience. By continuing to browse this site, you are agreeing to our use of cookies. Find out more Accept and Close
Non-Emergency Enquiries: 101

Information Security

Information is vital to the effective functioning of the force. Information assets therefore need to be protected from threats, both malicious and accidental. Information Security is the means by which we can ensure adequate protection.

Padlock blueInformation Security is often defined as the preservation of three properties:

  • Confidentiality - only authorised users can access information.
  • Integrity - information can only be modified by those authorised to do so.
  • Availability - information is available to legitimate users when they need it.

Ensuring the security of information is a process that involves people, technology and procedures. Each of these aspects must function together to reduce risk - the overall security is only as strong as its weakest link.

Information can exist in many forms e.g. written on paper, stored electronically, printed on films, spoken in conversation, transmitted over wires or radio etc.

Why do we need Information Security?

Today's policing methods rely upon accurate information being available. Much of the information needed must be kept confidential as well as accurate and available.

There are many parties that would like to access, alter, destroy or block access to Force information, these include:

  • criminals
  • activists
  • victims
  • private investigators
  • terrorists
  • corrupt employees

But we also need to manage the risks posed by human error, equipment failure, software failure, fire, flood, etc.

So, Information Security is necessary for the success of the Force and it's partners, but we also have a legal obligation to implement appropriate controls. The Data Protection Act mandates that we take measures to protect personal information that we hold, and the Official Secrets Act obliges us to protect certain categories of information. Even the Health & Safety Act is relevant- breaches may lead to an unsafe working environment for staff if their personnel details are leaked, or the covert vehicle being used is known by suspects.

Who is responsible for Information Security?

Everyone that works for Staffordshire Police. As a member of the force with access to force information, we have a responsibility to ensure the security of that information and to report any weaknesses or breaches. We must also comply with relevant legislation including the Computer Misuse Act, Data Protection Act, Official Secrets Act and Intellectual Property laws.

The Force Information Security Manager (FISM) acts as coordinator, advisor and central contact for Information Security issues. The FISM reports to the Information Assurance Board which approves security policies and monitors risk.

For more information please read the Force Information Security Policy [4MB] .