Simon Coveney (Cork South Central, Fine Gael)
Link to this: Individually | In context

Question 563: To ask the Minister for Transport the details of all instances since 1 June 2002 where personal data held by his Department or any agency under its auspices were compromised in any way; if the review by his Department of data security procedures announced on 22 November 2007 is completed; and the findings of that review in terms both of prior shortcomings and of future actions. [2169/08]

Noel Dempsey (Meath West, Fianna Fail)
Link to this: Individually | In context

Since 1 June 2002, there was one instance of Personal Data being displayed on my Department's website, which was subsequently removed from the public domain. In this regard, I refer the Deputy to my reply in Dail Question number 90 of 1 November 2007 in the House in which I explained that, following correspondence with the Office of the Data Protection Commissioner, the display on my Department's website of two registers, one of road haulage operator and another of licensed passenger transport operators, was not in accordance with the Road Transport Act, 2006 or with data protection rules generally. Both registers were removed from my website immediately.

All data replicated from the Department's network to laptops is automatically encrypted. Mechanisms are in place to remotely delete data from any laptop or Personal Digital Assistant stolen from the Department, which connects to the Internet.

Where, for business reasons, personal data needs to be transferred to third parties (for example, transferring salary details to staff bank accounts), this is carried out in a fully secured electronic manner. In the case of the National Vehicle and Driver File (NVDF) large data volumes are transferred to third parties through secure encrypted channels.

My Department regularly reviews its data security in the light of changing circumstances and needs. The most recent such review dealt with an emerging requirement for more mobile access to Departmental data and involved external specialists. The report was delivered on 22 August 2007 and appropriate measures have been implemented.

Personal data on physical files is secured by restricted access to buildings and is locked away in filing cabinets to which only appropriate staff members have access.

The review announced by the Tánaiste on 22 November 2007 is being conducted by the Department of Finance and is I understand ongoing.

Protection of Personal data is a day to day operational matter for agencies under my Department's remit in which I have no function.