Peadar Tóibín (Meath West, Aontú)
Link to this: Individually | In context | Oireachtas source

404. To ask the Minister for Education and Skills the nature of the data breaches experienced by her Department since 2018. [29305/21]

Norma Foley (Kerry, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

As the Deputy is aware, the General Data Protection Regulation (GDPR) came into effect on 25 May 2018 and any personal data breaches since its introduction are dealt with under the regulation and the Data Protection Act 2018.

Article 4 of the GDPR defines a data breach as “‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed”.  

Over 90% of the data breaches that occurred in my Department since 2018 are classified as unauthorised disclosure of personal data, while the balance involved the loss of personal data. Data breaches which occurred in my Department were reported to the Data Protection Commission in line with the requirements of the legislation.