Government departments have failed implement basic data-protection measures despite the furore over recent breaches and proposed ID cards, according to a new survey.

Among the offenders is HM Revenues and Customs, which last year lost CDs containing the personal details of 25 million people.

It was among 14 departments that responded to a questionnaire submitted under the Freedom of Information Act by Garlik, a company set up to help people to "find and undertand what information about them is in the public domain" and to "manage how their identities appear online. "

Only two of the departments - the House of Lords and the Serious Fraud Office – said they had a written policy for correcting erroneous data.

They were also asked if they had ordered independent audits to demonstrate compliance with the Data Protection Act, or allocated funds to correct erroneous data, or compiled statistics on the number of errors in official files. All answered either "no" or "don't know".

The departments questioned included the Cabinet Office, the Department of Health, the Treasury,the Treasury Solicitors Department , the Ministry of Defence, the National Audit Office , the Independent Police Complaints Commissions, the Crown Prosecution Service, the Attorney General’s Office, the Department for Constitutional Affairs, and the House of Commons

Garlik chief executive Tom Ilube, former chief information officer of internet bank Egg, said: “These admissions reflect a surprising disregard by Government for the value of our personal information. These gaps and the absence of independent audits point to the root causes of the recent data breaches – a lack of robust accountability."

He said that in his experience of working on large scale databases in the airline, banking, insurance and marketing industries it was not uncommon for between five and ten percent of records to contain errors. That would mean a government database covering 10 million people could have between 500,000 and a million erroneous records, though the error rate would vary between departments "depending on the approach to manual re-keying of data and the robustness of the processes for ensuring data integrity."

"Without statistics being available and without independent auditing it is impossible for people outside of Government to get a handle on what the true picture is," Ilube said.

With ID cards, a national identity register and huge NHS databases on the horizon, the main concern should be that the data is correct and that important decisions are not based on errors.

Ilube called on the Government to implement a system of accountability around data protection and correction.

Garlik was founded by Ilube, former British Computer Society president Professor Nigel Shadbolt, and founding chief executive of Egg Mike Harris.