The protection of personal data is a fundamental and ongoing aspect of the work of my Department. My Department is committed to protecting personal data and takes all reasonable steps to ensure that the data it holds is protected. Data protection compliance is part of induction training for all new staff. In addition, 256 members of staff have completed records management training, which includes training in data protection.
A Data Protection Policy, which was approved by the Office of the Data Protection Commission is in place, this has been circulated to all staff and is available to staff for download from our intranet. In June this year, my Department published a Policy for Protection of Data while using Laptops and other Mobile Data Devices and this was circulated to all staff and is available to staff for download from our intranet. On 24th October, my Department will begin the pilot phase of a project to deploy encryption software for use on laptops and portable storage devices, this will ensure that any data which may be stored on such devices will have a reduced risk of compromise in the event of loss or theft.
My Department is currently participating on a working group which will develop guidelines (including a template code of practice) governing the treatment of sensitive and personal data by public sector organisations, including procedures for the storage, transmission, transportation, exchange and appropriate use and access of personal data (in the areas of paper records, remote access, laptops, mobile storage devices, email, data transfers). My Department will consider any changes required to existing procedures arising from the work of this group.