I am advised that NAMA employs a wide range of measures to prevent unauthorised disclosure of confidential data. These include practical measures such as the deployment of email monitoring technology to prevent email attachments from being forwarded to personal and non-corporate email accounts. IT controls also ensure that data cannot be saved from the NTMA network onto external storage devices, such as USB keys, CDs, etc. I am advised that the Board of NAMA is currently reviewing the findings of a recent investigation by Deloitte and, as part of that review, will assess the implications in terms of NAMA’s current data control procedures.
Employees assigned by NTMA to NAMA are bound by a number of statutory obligations in respect of the confidentiality of information to which they have access by virtue of their employment by NAMA. These include obligations imposed under Section 14 (1) of the National Treasury Management Agency Act 1990 and under Section 202 of the NAMA Act 2009. NAMA staff are also subject to the provisions of the Official Secrets Act 1963. Contravention of these statutory obligations constitutes criminal offences and, under Section 7 of the NAMA Act, a person who commits such offences may be liable to a substantial fine or term of imprisonment or both.