There are over 200 electronic databases in use throughout my Department. They support a variety of functions which range from small and uncomplicated databases (e.g. internal telephone directory) to large and complex corporate data repositories that support high volume processing (e.g. Patents Office Administration System).
About ten electronic databases contain personal client information such as PPS numbers, date-of-birth, names addresses, etc. With the exception of one database which is operated on our behalf by the Centre for Management and Organisation Development (CMOD) within the Department of Finance, none of these databases are wholly or even partly operated by external organisations or individuals. Instead, all are hosted and operated solely within the secure confines of this Department. In terms of security, it is the Department's policy that such databases continue to be managed internally unless an externally managed service can match or even surpass the Department's security controls.
In common with many organisations, my Department's IT Unit uses highly reputable 3rd party contractors to provide specialist, technical support services. From time to time it is necessary to provide access to these 3rd party contractors in order for them to carry out technical repairs or modifications to databases, but such access is given in a controlled manner and in line with agreed procedures and restrictions.