Data security experts have welcomed the suggestions of the Commons Justice committee that reckless data leaks should be punishable through criminal prosecutions.

However, some believe that these measures should have been put in place a long time ago and should go even further.

Gary Clark, a vice-president of security firm SafeNet, told Computer World UK: "Organisations that deal recklessly with personal data should suffer the consequences – but the Justice committee's recommendations still do not go far enough.

"Instead of punishing those responsible for data breaches after the event, why aren't steps being taken to prevent them in the first place? Organisations should be penalised not only for losing data, but for failing to have necessary safeguards in place."

The Justice committee was convened following high profile breaches of data security at the NHS, DVLA and HM Revenue and Customs.

These prompted the information commissioner Richard Thomas to call on the government to make companies and individuals liable for criminal proceedings if they expose secure data by being "grossly negligent".