Pat Breen (Clare, Fine Gael)
Link to this: Individually | In context

Question 293: To ask the Minister for Social and Family Affairs the steps he will take in his Department to protect computer systems from theft and from the release of sensitive personal information which is held on these computer systems; and if he will make a statement on the matter. [16143/08]

Martin Cullen (Waterford, Fianna Fail)
Link to this: Individually | In context

This Department administers some fifty schemes and makes payments to one million people each week. Because of the nature, scale and diversity of its work, the Department holds detailed information about its customers and takes its responsibilities to safeguard this data extremely seriously.

All electronic data is stored in the Department's primary computer site. The site itself has rigorous control procedures. Our systems are subject to standard physical security measures and, in the case of laptops, it is our policy not to hold sensitive personal data on them. Should we decide that we need such data on these devices, it will be encrypted. Industry standard security protocols, such as password protection and security software, are deployed to protect all departmentally-supplied devices and preserve the confidentiality of data.

Every effort is made by the Department to ensure that personal customer data is used solely for business purposes and that it is not compromised in any way. Over the last number of years, the Department has continuously strengthened security and data protection protocols. Policies and procedures governing the use of systems and data have been developed and communicated to the staff. These policies and procedures are under constant review, and are updated as appropriate. Staff are regularly reminded of their obligations under data protection and security policies and of the penalties applicable in respect of any breach of these policies.

In order to preserve public confidence in the operations of the Department, there has been, and will continue to be, considerable focus on the issue of data confidentiality. I can assure the Deputy that the Department recognises that security measures must continually evolve and it will continue to reflect this in its systems and procedures.