Dáil Éireann Debate, Tuesday - 8 December 2015
126. Deputy Róisín Shortall asked the Tánaiste and Minister for Social Protection the number of investigations she has carried out into the suspected leaking of personal details from the social protection database in each of the past five years, and the outcome in each case. [43923/15]
Amharc ar fhreagraThe following table contains the information requested.
NUMBER OF INVESTIGATIONS CARRIED OUT INTO SUSPECTED LEAKING OF PERSONAL DETAILS IN THE LAST FIVE YEARS AND OUTCOME
|
YEAR |
NO OF INVESTIGATIONS |
NO OF INVESTIGATIONS WHERE BREACH CONFIRMED |
NO OF INVESTIGATIONS WHERE NO BREACH CONFIRMED |
NO OF CASES WHERE SUSPECTED BREACH STILL UNDER INVESTIGATION |
|
2011 |
27 |
7 |
19 |
1 |
|
2012 |
22 |
9 |
13 |
0 |
|
2013 |
22 |
9 |
11 |
1 |
|
2014 |
20 |
0 |
11 |
9 |
|
2015 |
18 |
0 |
10 |
8 |
|
TOTALS |
109 |
25 |
62 |
22 |
The Department takes its responsibilities in relation to data protection very seriously. Every effort is made to ensure that personal customer data are used solely for business purposes and that they are not compromised in any way. The Department has data protection and information security policies, standards, procedures and guidelines in place governing the use of its computer systems and customer data.
All members of staff of the Department are regularly reminded of their data protection obligations and the consequences of not adhering to policies such as loss of increment, loss of entitlement to enter promotional competitions and dismissal. Staff members are required to sign annual undertakings that they have read, and will act in accordance with, data protection policies and guidelines.
A range of specific measures are in place to strengthen data protection governance and compliance within the Department.
A high-level working group is in place to examine, and progress, all aspects of data protection compliance in the Department.
In June the Department ran its annual Data Protection Awareness Week for staff. Activities this year included a very effective short video on social engineering which was developed in-house and made available to all staff; a data protection newsletter issued to all staff; presentations were made to hundreds of staff nationwide and posters were exhibited in headquarter and local offices drawing attention to the importance of securing customers’ personal data.
Oversight is maintained by logging data accesses which are subject to audit. All allegations of data breaches are fully investigated and the Department cooperates fully with the Office of the Data Protection Commissioner in all its investigations.
