Catherine Murphy (Kildare North, Social Democrats)
Link to this: Individually | In context | Oireachtas source

119. To ask the Taoiseach the changes he has made to allow access by persons to their own data held by his Department and bodies under its aegis following the introduction of GDPR. [31478/18]

Catherine Murphy (Kildare North, Social Democrats)
Link to this: Individually | In context | Oireachtas source

121. To ask the Taoiseach the data protection impact assessments his Department has commenced since 15 May 2018 [31519/18]

Catherine Murphy (Kildare North, Social Democrats)
Link to this: Individually | In context | Oireachtas source

122. To ask the Taoiseach the measures he has taken in his Department further to the Minister of State at the Department of Public Expenditure and Reform's statement (details supplied) that the Data Sharing and Governance Bill 2018 is needed to provide a legal basis for certain data transfers. [31630/18]

Leo Varadkar (Dublin West, Fine Gael)
Link to this: Individually | In context | Oireachtas source

I propose to take Questions Nos. 119, 121 and 122 together.

As the Deputy will appreciate, my Department is not a holder of personal data on the scale of some other public service bodies.

As regards access by persons to their own data held by my Department, such access was previously provided for under the Data Protection Acts 1988 and 2003. On the coming into effect of the General Data Protection Regulation (GDPR) in May 2018, my Department introduced quick links on the Department's website, under the headings "Protecting Personal Data" and "DOT Subject Access Request Form", to facilitate access under GDPR by persons to their own personal data held by the Department.

In relation to data protection impact assessments, Article 35 of the GDPR requires that such an assessment be carried out where 'a type of processing in particular using new technologies' is identified as 'likely to result in a high risk to the rights and freedoms of natural persons'.

My Department has not commenced any data protection impact assessments since 15 May 2018.

As regards the Data Sharing and Governance Bill, which was published on 8 June by the Minister for Public Expenditure and Reform, I understand that this Bill is currently at Report Stage in the Seanad.

My Department will be proactive in its approach to implementation of any measures necessary to ensure adherence to the Bill when it has been passed by the Oireachtas.