Catherine Murphy (Kildare North, Social Democrats)
Link to this: Individually | In context | Oireachtas source

595. To ask the Minister for Children and Youth Affairs if her attention has been drawn to data protection breaches in the context of GDPR at Tusla; if her attention has been further drawn to instances in which personal data are being used in presentations that has been received from an organisation (details supplied) by Tusla; the amount of funding granted to the organisation in the past two years to date; and if she will make a statement on the matter. [53313/18]

Katherine Zappone (Dublin South West, Independent)
Link to this: Individually | In context | Oireachtas source

My Department has recently received from Tusla, the Child And Family Agency a copy of correspondence referring to data breach notifications which it reported to the Data Protection Commission since the introduction of GDPR in May, this year.

The General Data Protection Regulation (GDPR) very significantly increases the obligations and responsibilities for organisations and businesses in how they collect, use and protect personal data. At the centre of the new regulations is the requirement for organisations and businesses to be fully transparent about how they are using and safeguarding personal data, and to be able to demonstrate accountability for their data processing activities.

Tusla has advised me that it is not aware of specific privacy concerns or incidents having been received by, or referred to, either its data protection unit or the responsible service unit, in relation to the named organisation. Tusla has also advised that it does not request or receive personal data from the organisation referred to by the Deputy but would request statistical data from its member organisations. This statistical data is utilised in a variety of ways, but always without it being identifiable to any individual.

Tusla has advised if the Deputy is aware of a data protection breach concerning the organisation, she should make contact with its Data Protection Officer at datacontroller@tusla.ie.

The organisation referred to by the Deputy has not been in receipt of funding from Tusla since 2015.