All Government departments will have to encrypt important information held on computers and other media, with staff undergoing annual mandatory training to ensure they comply with the new rules.

The changes have been brought in after a review was commissioned following the loss of two computer discs containing sensitive personal data by junior officials at HM Revenue and Customs (HMRC).

Cabinet secretary Sir Gus O’Donnell, who led the review, said this and other incidents showed there was an “urgent” need for action.

“Although no organisation, public or private, can ever guarantee that it will never make a mistake, I believe the measures we are announcing will ensure that the public can be assured we are taking the necessary measures to keep people’s data secure,” he said.

The review, commissioned by Gordon Brown in November last year, sets out the wide range of actions that have already been put in place to improve data security and outlines what will be done to strengthen policies further.

Action already taken to improve security includes the Cabinet Office issuing new, stricter guidelines on the handling of sensitive personal data, 90,000 employees at HMRC being given additional security training and the encryption of 20,000 laptops at the MoD.

Improvements that will be introduced will include stronger accountability. This includes defining and enhancing data security roles within departments to ensure clear lines of responsibility.

Personal data held on notebook PCs, USB memory keys, computer discs and other media will have to be encrypted; compulsory testing of the systems used will be carried out by independent experts to test how secure these are.

The Cabinet Office said that work will continue to implement the review’s findings and fresh guidance will be issued as and when circumstances change.