The U.K. Information Commissioner’s Office recommended changes to the National Health Service’s test-and-trace system to strengthen personal data protections. The recommendations include expanding staff training, developing additional staff policies in areas like privacy risk assessments and security guidance to ensure “a strong privacy culture,” and conducting reviews and monitoring to ensure processes are followed. The Health Security Agency agreed to the recommendations and outlined a detailed action plan.