Skip to main content
Normal View

Data Protection

Dáil Éireann Debate, Thursday - 20 May 2021

Thursday, 20 May 2021

Questions (192)

Fergus O'Dowd

Fergus O'Dowd

Fergus O'Dowd

Question:

192. Deputy Fergus O'Dowd asked the Minister for Transport if his Department is fully compliant with GDPR EU requirements, the EU network and Information Security Directive and standards with respect to his Department’s IT infrastructure including Article 29 of GDPR which requires that data processors access only the data they need for their task; if ISO 27001 Annex 9 standards on privileged access are fully met; and if he will make a statement on the matter. [27348/21]

View answer

Written answers

Eamon Ryan

Minister for Transport

My Department is compliant with GDPR requirements. In accordance with Article 29 of the EU GDPR, Department of Transport staff only have access to data, including personal data, that is relevant to their role or their specific functional area. Access is controlled on a need to access basis and this is determined by their grade and/or role.

It would not be appropriate to disclose information which might assist criminals to identify potential vulnerabilities in Departmental cybersecurity arrangements and for that reason I will not elaborate further on operational security matters. I can confirm though that our technical staff continue to operate and monitor all relevant systems to the highest levels, and are closely engaged with experts in the OGCIO and the NCSC to ensure that we follow best practice as it relates to all aspects of Cybersecurity.

Top
Share