SW03150 - Security Introduction: Protective Markings of Data - Government Protective Marking System

Official and personal information is protected by various pieces of legislation, including the Data Protection Act 1998. Section 182 of the Finance Act 1989 particularly protects the tax affairs of any identifiable person or business.

Protectively marked information held on IT systems must have the same level of protection in the same way as it would if held on paper. Further information about the Government Protective Marking System (GPMS) can be found at DSSM11005 - Working with Protectively Marked Assets.

Shared Workspace Service

Shared Workspace is accredited to handle information up to and including RESTRICTED.

Under no circumstances should any information with a marking of CONFIDENTIAL, SECRET or TOP SECRET be added to Shared Workspace.

See DSSM11100 Appendix A for a full definition of protective markings.

Responsibility for the security of protectively marked assets

HMRC Staff have a general duty to protect information. Everyone who has access to protectively marked assets is personally responsible for maintaining the appropriate standards of security.

Always make sure that when you add a file(s) to Shared Workspace it is only made available to those with a genuine business need and authority to know the information it contains SW03310.

If you find information within Shared Workspace that is marked, or should be marked, CONFIDENTIAL, SECRET or TOP SECRET, you must immediately

• delete the item SW07440

and

• report the incident to an HMRC Business Authorising Officer of the Room in which the item was held SW03245.