Mick Wallace (Wexford, Independent) | Oireachtas source

Tusla recently launched its new national child care information system. This new centralised system may well improve quality and efficiency through improved sharing of information, but Tusla has admitted that it did not complete a privacy impact assessment prior to the launch. When asked about this, Tusla responded on one of its social media platforms that a data protection policy would be prepared on this as soon as is practicable. In correspondence with solicitor and privacy rights expert, Rossa McMahon, Tusla stated that a privacy impact assessment, PIA, had been conducted during the project and that a final PIA would be conducted in due course. This is a breach of the general data protection regulation, GDPR, and the Data Protection Act 2018. It also completely ignores the notion of privacy by design which is fundamental to the GDPR.

Is the new centralised IT system live and operational? Was the Minister aware of the absence of a completed data privacy impact assessment prior to its launch?

See this speech in context