Peadar Tóibín (Meath West, Aontú)
Link to this: Individually | In context | Oireachtas source

493. To ask the Minister for Education and Skills the nature of the data breaches experienced by his Department since 2018. [29310/21]

Simon Harris (Wicklow, Fine Gael)
Link to this: Individually | In context | Oireachtas source

As the Deputy is aware, the General Data Protection Regulation (GDPR) came into effect on 25^thMay 2018 and any personal data breaches since its introduction are dealt with under the regulation and the Data Protection Act 2018.

Article 4 of the GDPR defines a data breach as “‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”.

My Department was established on 2^ndAugust 2020. There has been one data breach in total between the date of establishment in 2020 and today’s date, classified as unauthorised disclosure of personal data. This breach was reported to the Data Protection Commission, who closed the case without further action following informal investigation.