Gerry Horkan (Fianna Fail) | Oireachtas source

Mr. Sunderland was talking about the obligations of data controllers and organisations that hold data. Most of us realise these regulations exist. Is it required that every single user of data on a system must have his or her own audit trail based on what he or she looks at? One hears of passwords being shared and of people being able to access data on general terminals. Is everybody protected in this regard? If my account is being examined, is there an audit trail indicating everybody who has examined it? Are there checks so people in Limerick cannot look at data related to people in Donegal unless they have a particular reason for it? Are there flags and checks in the system such that every employee using the public service databases, in their various locations, can log in individually and that there will be a record of their updates, activity and amendments they make? Is this all being recorded? If it had been recorded in the case of some of the circumstances we are now talking about, we would have a record of the 937,000 tests, who inputted them and where the base data came from. Do we have the safeguards in place? Will we have them if they are not in place already?