Written answers
Wednesday, 16 October 2024
Department of Education and Skills
Data Protection
Peadar Tóibín (Meath West, Aontú)
Link to this: Individually | In context | Oireachtas source
122. To ask the Minister for Education and Skills the number of data breaches experienced by her Department in each of the past ten years and to date in 2024; if a breakdown will be provided on the nature of the breaches; and if she will make a statement on the matter. [41730/24]
Norma Foley (Kerry, Fianna Fail)
Link to this: Individually | In context | Oireachtas source
Please see below in tabular form the number of data breaches that occurred in my department in each of the past ten years and to date in 2024, and the numbers which were reported to the Data Protection Commission (the remainder were deemed to be of no risk due to their nature and therefore were not required to be reported to the DPC).
| Year | No. of Breaches | No. of Breaches reported to DPC | Cases still open |
|---|---|---|---|
| 2014 | 5 | 1 | - |
| 2015 | 5 | - | - |
| 2016 | 8 | 1 | - |
| 2017 | 8 | 1 | - |
| 2018 | 27 | 5 | - |
| 2019 | 23 | 16 | - |
| 2020 | 45 | 34 | - |
| 2021 | 49 | 34 | - |
| 2022 | 46 | 37 | - |
| 2023 | 51 | 33 | - |
| 2024 to date (10/10/24) | 43 | 35 | - |
By way of background to the above figures, it should be noted that the GDPR and Data Protection Act came into effect on 25th May 2018. The breaches from 2013 to 2017 and up to 25th May 2018, were processed under the Data Protection Acts 1988 and 2003, as well as the 1995 European Union Directive.
Over 90% of the data breaches that occurred in my department since 2018 are classified as unauthorised disclosure of personal data, while the balance involved the loss of personal data. Data breaches which occurred in my department were reported to the Data Protection Commission and/or the affected data subjects in line with the requirements of the legislation.
No comments