Michael McGrath (Cork South Central, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

I wish to inform the Deputy that remote working in my Department is governed by the same organisation policies and procedures that apply to staff working in the office environment. This includes policies in respect of Data Protection, IT Security, Confidentiality, and Standards of Behaviour. There are a range of policies and protocols in place to safeguard against unauthorised exposure of personal data in any form.

The Blended Working Policy Framework for Civil Service Organisations sets out key guidance in relation to Blended working (defined as a combination of working from the employer’s work premises and working remotely) for every Government Department. My own Department’s Policy has been developed to reflect the parameters and guidance of this Framework.

Please see attached:

• ‘Blended Working Policy Framework for the Civil Service Organisations’. See Appendix J - Security, Confidentiality, Secrecy and Standards of Behaviour.
• 'The Department of Finance’s Blended Working Policy’ – Framework Principles. See Section 3.”

As in my Department, remote working in the bodies under the aegis of my Department is governed by the same organisation policies and procedures that apply to staff working in the office environment, including policies in respect of Data Protection, IT Security, Confidentiality, and Standards of Behaviour.

The blended working policies in place in a number of the bodies have been developed in line with the Blended Working Policy Framework for Civil Service Organisations as set out above in relation to my Department. These bodies are the Office of the Comptroller and Auditor General, the Office of the Revenue Commissioners, the Central Bank of Ireland, the Investor Compensation Company DAC, the Tax Appeals Commission, the Irish Fiscal Advisory Council and the Financial Services and Pensions Ombudsman.

Remote working by staff of the National Treasury Management Agency (NTMA) is governed by the NTMA Hybrid Working Technology Policy. Technical controls are in place for technological solutions implemented by the NTMA to maintain the level of confidentiality, data integrity and systems availability necessary to support the business and hybrid working. The NTMA enables employees to access a range of corporate services remotely from a variety of devices. Additional controls, procedures and requirements may be in place where data or a process is deemed high-risk by the business. The NTMA provides business and support services and systems

Home Building Finance Ireland (HBFI), the Strategic Banking Corporation of Ireland (SBCI) and the National Asset Management Agency (NAMA) are also under the remit of my Department. As staff are assigned to these bodies by the NTMA, HR policies in place in the NTMA are directly applicable to those organisations.

The Irish Financial Services Appeals Tribunal (IFSAT) has no employees, the risk of personal data being inadvertently exposed to unauthorised third parties within the remote setting arises only to a limited extent. The Acting Chair, the Registrar and the Tribunal Members, when working remotely, all operate within the parameters of existing best practices in respect of Data Protection, IT Security, Confidentiality, and Standards of Behaviour. IFSAT does not have its own remote working best practice guidelines but takes guidance from my Department’s Blended Working Policy – Framework Principles.

The business services of the Credit Review Office are provided by Enterprise Ireland and operates under Enterprise Ireland’s security protections and remote working practices.

The Credit Union Advisory Committee and the Credit Union Restructuring Board do not have remote working policies in place. The Credit Union Advisory Committee is an advisory committee set up to advise the Minister for Finance in relation to credit union matters. It meets on a monthly basis in my Department, with Department officials providing a secretariat function. The Credit Union Restructuring Board concluded its restructuring work on 31 March 2017. It was operationally wound down on 31 July 2017 and is awaiting final dissolution.