Lucinda Creighton (Dublin South East, Fine Gael)
Link to this: Individually | In context

Question 440: To ask the Minister for Social and Family Affairs the measures or policies that have been implemented to prevent loss of private data from laptops, blackberries and other hand-held devices in her Department; if she is satisfied that all personal information held within her Department is secure; and if she will make a statement on the matter. [35675/08]

Mary Hanafin (Dún Laoghaire, Fianna Fail)
Link to this: Individually | In context

The Department's policy is that sensitive data should not be stored on laptops or other portable devices. However, in the event that there is no alternative to local storage, all sensitive data must be appropriately secured. All new laptops are issued with encryption software. The Department is currently arranging a recall of its current stock of laptops to install encryption software.

The Department is also engaged in implementing a policy to restrict usage of USB memory devices. Members of staff who need such devices will be issued with encrypted devices and future usage will be restricted to these.

Every effort is made by the Department to ensure that personal customer data is used solely for business purposes and that it is not compromised in any way. Over the past number of years, the Department has continuously strengthened security and data protection protocols. Policies and procedures governing the use of systems and data have been developed and communicated to the staff. These policies and procedures are under constant review and are updated as appropriate. Staff are regularly reminded of their obligations under data protection and security policies and of the penalties applicable in respect of any breach of these policies.

In addition to the policy measures, the Department is also ensuring that higher levels of data protection are built into its latest generation of ICT systems to reflect the increased threats in this area. Considerable resources have also been devoted to increasing the security and monitoring facilities in its older systems.