Whether they are working from home or the office, all staff members of my Department are issued with secure, encrypted laptops which are regularly updated, and which connect directly to the Department’s network using secure, encrypted channels. Those laptops are by default connected directly to the Department’s network and staff are advised to save all data to that network.
The Department’s pilot Blended Working Policy reminds staff that legislative requirements place certain obligations on employers and employees, regardless of whether business is conducted at the employer’s premises, the employee’s home or another location where the employee is engaging in remote working. Those legislative requirements include the General Data Protection Regulations and the Official Secrets Act. A copy of the Department’s policy on blended working arrangements is attached, section 9.6 refers.
Additionally, all staff were reminded in April of this year, of their obligations under the Official Secrets Act and their responsibilities in relation to the transaction of official business. Staff were also reminded of the principles governing the behaviour of civil servants as set out in the civil service Code of Standards and Behaviours.
In addition, my Department and its Offices have fully implemented data protection policies and protocols for all staff, including its remote workers to protect the personal data of members of the public. These policies and protocols include:• Guidance and Tips on Protecting Personal Data When Working from Home.• Completion of Data Protection Impact Assessments (DPIAs) for all high-risk data processing activities. • Dedicated Personal Data Breach Policy and Procedures. • Specialised data protection training for staff working in business areas involved in the processing of personal data.
The provision of best practice guidelines for public sector workers more generally would be a matter for the Minister for Public Expenditure, National Development Plan Delivery and Reform.
DETE Blended Working Policy