Mick Wallace (Wexford, Independent)
Link to this: Individually | In context | Oireachtas source

46. To ask the Minister for Employment Affairs and Social Protection if she has satisfied herself that the public service identity data her Department as data controller provides to the Department of Public Expenditure and Reform, as data processor, is processed with appropriate security and data protection safeguards. [50588/17]

Regina Doherty (Meath East, Fine Gael)
Link to this: Individually | In context | Oireachtas source

The Single Customer View (SCV) was developed to enable sharing of Public Service Identity data (called PSI) in accordance with Sections 262 (5) and 262 (6) of the Social Welfare Consolidation Act 2005. In addition, the system facilitates the sharing of this PSI data for control purposes in accordance with Section 261 of the Social Welfare Consolidation Act 2005. Only bodies specified in legislation are legally entitled to access the Single Customer View and only the limited set of PSI data is stored in the system. The Department of Public Expenditure and Reform maintains and operates the Single Customer View on behalf of my Department. The Secretary General of my Department is the Data Controller. All Single Customer View data is stored in a secure Government-owned and operated datacentre in Dublin. This data is maintained on secure storage in databases with well-defined and monitored access controls in place. Access to the limited personal identity data on the Single Customer View is subject to the formal approval of my Department. That approval is conditional on a business need being established and on the agreement to and implementation of rigorous data security and protection protocols and standards (both technical and business).

All accesses to the Single Customer View system are logged. Information is logged about what information was accessed, by whom, and when. The Office of the Government Chief Information Officer in the Department of Public Expenditure and Reform, the Client Identity Services Division of my Department and the user organisations management hierarchy can access all relevant access history on the Single Customer View to ensure that all accesses are appropriate.

My Department has published a “Comprehensive Guide to SAFE Registration and the Public Services Card” on its website which also addresses matters relating to the Single Customer View, security and data protection.

I hope this clarifies the matter for the Deputy.