Léim ar aghaidh chuig an bpríomhábhar
Gnáthamharc

Data Protection

Dáil Éireann Debate, Thursday - 20 May 2021

Thursday, 20 May 2021

Ceisteanna (173)

Fergus O'Dowd

Fergus O'Dowd

Fergus O'Dowd

Ceist:

173. Deputy Fergus O'Dowd asked the Minister for the Environment, Climate and Communications if his Department is fully compliant with GDPR EU requirements, the EU network and Information Security Directive and standards with respect to his Department’s IT infrastructure including Article 29 of GDPR which requires that data processors access only the data they need for their task; if ISO 27001 Annex 9 standards on privileged access are fully met; and if he will make a statement on the matter. [27338/21]

Amharc ar fhreagra

Freagraí scríofa

Eamon Ryan

Minister for the Environment, Climate and Communications

My Department implements a security-by-design and defence-in-depth approach to cyber security. The Government’s services are still actively involved in managing and remediating the recent cyberattack on the HSE. Our technical staff continue to operate and monitor all relevant systems to the highest levels, and are closely engaged with experts in the OGCIO and the NCSC to ensure that we follow best practice as it relates to all aspects of Cybersecurity. For operational and security reasons, we are advised by the NCSC not to disclose details of systems and processes which could in any way compromise those efforts. In particular, it is not considered appropriate to disclose information which might assist criminals to identify potential vulnerabilities in departmental cybersecurity arrangements. Therefore, it is not considered appropriate to disclose particular arrangements in place in relation to cyber security tools and services and my Department does not comment on operational security matters.

Barr
Roinn